urlscan.io logo urlscan.io
SecurityTrails logo

shrinke.me Open in urlscan Pro
2606:4700:3035::6815:2177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3NMcN6r
Effective URL: https://shrinke.me/0GNZk
Submission: On April 15 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 137 IPs in 12 countries across 141 domains to perform 898 HTTP transactions. The main IP is 2606:4700:3035::6815:2177, located in United States and belongs to CLOUDFLARENET, US. The main domain is shrinke.me. The Cisco Umbrella rank of the primary domain is 325595.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time shrinke.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:20e... 16509 (AMAZON-02)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 44.195.137.121 14618 (AMAZON-AES)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 18.67.76.108 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 192.243.59.13 39572 (ADVANCEDH...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:220... 16509 (AMAZON-02)
1 17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
7 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.118.70 16509 (AMAZON-02)
1 107.22.28.167 14618 (AMAZON-AES)
19 172.217.165.130 15169 (GOOGLE)
3 50.112.169.222 16509 (AMAZON-02)
2 192.0.78.146 2635 (AUTOMATTIC)
11 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
7 143.204.137.197 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
8 39 68.67.179.166 29990 (ASN-APPNEX)
1 9 147.75.38.124 54825 (PACKET)
4 34.107.148.139 15169 (GOOGLE)
13 51.222.239.230 16276 (OVH)
8 192.96.200.41 30633 (LEASEWEB-...)
3 40 104.22.68.131 13335 (CLOUDFLAR...)
44 2606:4700:10:... 13335 (CLOUDFLAR...)
5 178.250.2.131 44788 (ASN-CRITE...)
4 8 172.98.26.126 399668 (E-PLANNING-)
6 104.36.115.98 62713 (AS-PUBMATIC)
4 103.132.192.30 138552 (RTBHOUSE-...)
26 2606:4700:303... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
23 104.118.8.253 16625 (AKAMAI-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
41 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:ba61:0:1... 35625 (EURAFIBRE-AS)
1 14 209.54.180.3 16509 (AMAZON-02)
25 2607:f8b0:400... 15169 (GOOGLE)
6 14 2620:100:a001::c 19750 (AS-CRITEO)
9 74.119.119.139 19750 (AS-CRITEO)
3 209.197.3.19 20446 (STACKPATH...)
10 151.101.129.108 54113 (FASTLY)
17 68.67.161.208 29990 (ASN-APPNEX)
4 151.101.65.108 54113 (FASTLY)
5 2600:9000:214... 16509 (AMAZON-02)
4 4 169.61.103.241 36351 (SOFTLAYER)
10 10 50.31.142.63 23352 (SERVERCEN...)
5 7 104.76.100.229 16625 (AKAMAI-AS)
12 2607:f8b0:400... 15169 (GOOGLE)
8 13 54.209.87.113 14618 (AMAZON-AES)
2 54.152.116.38 14618 (AMAZON-AES)
2 104.127.172.242 16625 (AKAMAI-AS)
4 4 2606:ae80:145... 26762 (CNVR-US-EAST)
2 2 52.223.22.214 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
6 104.36.115.113 62713 (AS-PUBMATIC)
19 21 52.223.40.198 16509 (AMAZON-02)
6 6 68.67.160.75 29990 (ASN-APPNEX)
12 15 35.211.178.172 15169 (GOOGLE)
5 5 35.207.24.140 15169 (GOOGLE)
3 3.208.119.163 14618 (AMAZON-AES)
3 3 34.237.23.137 14618 (AMAZON-AES)
2 2 198.148.27.139 19189 (PULSEPOINT)
37 104.118.8.56 16625 (AKAMAI-AS)
4 2620:100:a001::4 19750 (AS-CRITEO)
6 104.36.115.114 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
40 23.52.167.93 16625 (AKAMAI-AS)
1 23.50.53.185 20940 (AKAMAI-ASN1)
4 2600:1400:d:5... 20940 (AKAMAI-ASN1)
2 44.197.2.87 14618 (AMAZON-AES)
20 33 142.251.41.2 15169 (GOOGLE)
6 44 104.118.9.53 16625 (AKAMAI-AS)
10 2607:f8b0:400... 15169 (GOOGLE)
6 12 35.244.159.8 15169 (GOOGLE)
1 2 23.200.197.46 16625 (AKAMAI-AS)
6 6 103.229.206.240 30419 (MEDIAMATH...)
9 104.76.100.25 16625 (AKAMAI-AS)
5 5 52.58.249.203 16509 (AMAZON-02)
3 3 74.119.119.150 19750 (AS-CRITEO)
9 9 35.190.90.30 15169 (GOOGLE)
4 4 107.178.246.49 15169 (GOOGLE)
3 4 2600:9000:20e... 16509 (AMAZON-02)
2 34.199.73.116 14618 (AMAZON-AES)
1 2 107.23.66.96 14618 (AMAZON-AES)
1 151.101.193.108 54113 (FASTLY)
1 2 104.105.35.116 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
6 7 192.35.249.120 11742 (SPOTX-IAD)
5 34.117.228.201 15169 (GOOGLE)
8 142.251.40.130 15169 (GOOGLE)
13 104.118.9.242 16625 (AKAMAI-AS)
2 34.95.69.49 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
9 104.244.36.20 7415 (ADSAFE-1)
4 4 52.202.103.181 14618 (AMAZON-AES)
15 16 52.45.33.138 14618 (AMAZON-AES)
4 7 51.89.21.30 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 54.173.43.128 14618 (AMAZON-AES)
1 52.203.231.132 14618 (AMAZON-AES)
9 10 63.251.114.182 29791 (VOXEL-DOT...)
3 54.160.96.164 14618 (AMAZON-AES)
1 142.250.80.38 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 8.43.72.98 26667 (RUBICONPR...)
23 2600:9000:212... 16509 (AMAZON-02)
3 4 185.167.164.49 198622 (ADFORM)
5 5 151.101.130.49 54113 (FASTLY)
2 33 8.28.7.83 62713 (AS-PUBMATIC)
7 7 54.236.195.76 14618 (AMAZON-AES)
1 1 199.187.193.193 47043 (SMARTADSE...)
2 2 193.122.174.27 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
3 3 173.231.178.83 29791 (VOXEL-DOT...)
1 2 34.236.88.116 14618 (AMAZON-AES)
2 3 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 6 199.127.204.142 26120 (RHYTHMONE)
5 5 104.105.85.254 16625 (AKAMAI-AS)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
6 10 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 34.226.161.152 14618 (AMAZON-AES)
2 2 2620:116:800b... 14618 (AMAZON-AES)
1 35.168.248.2 14618 (AMAZON-AES)
2 2 3.122.214.5 16509 (AMAZON-02)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
2 2 216.152.140.200 13768 (COGECO-PEER1)
1 1 45.35.192.162 40676 (AS40676)
8 8 88.212.252.2 7979 (SERVERS-COM)
4 4 52.203.71.179 14618 (AMAZON-AES)
4 4 199.38.167.128 54312 (ROCKETFUEL)
4 4 69.166.1.10 27630 (AS-XFERNET)
12 12 199.115.117.82 30633 (LEASEWEB-...)
1 2 52.206.39.185 14618 (AMAZON-AES)
3 3 52.70.185.145 14618 (AMAZON-AES)
2 2 135.148.122.24 16276 (OVH)
1 2 18.233.196.70 14618 (AMAZON-AES)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 199.187.193.185 47043 (SMARTADSE...)
6 6 3.93.88.191 14618 (AMAZON-AES)
2 104.18.15.91 13335 (CLOUDFLAR...)
4 4 23.88.75.187 24940 (HETZNER-AS)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 37.157.2.239 198622 (ADFORM)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2 44.196.51.251 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 38.27.122.101 174 (COGENT-174)
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.65.44 54113 (FASTLY)
1 1 172.104.70.67 63949 (LINODE-AP...)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 3.208.44.45 14618 (AMAZON-AES)
1 195.5.165.20 44968 (IPROM-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 141.94.170.77 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 50.57.31.206 19994 (RACKSPACE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 34.235.71.168 14618 (AMAZON-AES)
2 4 35.153.40.37 14618 (AMAZON-AES)
2 52.203.157.37 14618 (AMAZON-AES)
898 137
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
9    2606:4700:3035::6815:2177 (United States)

ASN13335 (CLOUDFLARENET, US)
shrinke.me
3    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:20ed:fe00:12:fc33:3bc0:21 (United States)

ASN16509 (AMAZON-02, US)
d301cxwfymy227.cloudfront.net
2    2606:4700:7::a29f:8955 (United States)

ASN13335 (CLOUDFLARENET, US)
shrinkme.io
4    2606:4700:3033::ac43:8bcc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
1    44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com
leaderhistliness.info
2    2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
6    18.67.76.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-108.iad89.r.cloudfront.net
ystemgthr.com
4    2606:4700:3033::6815:5db6 (United States)

ASN13335 (CLOUDFLARENET, US)
pertyvaluati.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:823::200d (United States)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
roofprison.com
4    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
www.recaptcha.net
3    2600:9000:2209:de00:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
17    2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
media.vlitag.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    99.84.118.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-70.ewr52.r.cloudfront.net
motoriesm.com
1    107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com
ithdedukica.com
19    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net
securepubads.g.doubleclick.net
3    50.112.169.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-169-222.us-west-2.compute.amazonaws.com
exchange.adtrue.com
2    192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
supertruco.com
11    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
39    68.67.179.166 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
9    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
13    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
8    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
40    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
44    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
5    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
8    172.98.26.126 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
6    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
26    2606:4700:3030::6815:5286 (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
7    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
23    104.118.8.253 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-253.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
1    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
5    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
41    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
1    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)
r1---sn-apaapm4g-apae.googlevideo.com
14    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
25    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
9    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
10    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
17    68.67.161.208 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
4    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
5    2600:9000:2140:e000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    169.61.103.241 (Brooklyn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f1.67.3da9.ip4.static.sl-reverse.com
um.simpli.fi
10    50.31.142.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
7    104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
12    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
13    54.209.87.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-87-113.compute-1.amazonaws.com
match.sharethrough.com
2    54.152.116.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-116-38.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
2    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2606:ae80:1451:18::1720 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
6    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
21    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
15    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    3.208.119.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-119-163.compute-1.amazonaws.com
ads.yieldmo.com
3    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
37    104.118.8.56 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-56.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
4    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
6    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    2606:4700:3033::ac43:8e10 (United States)

ASN13335 (CLOUDFLARENET, US)
quantumsyndication.com
40    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
warp.media.net
c21lg-d.media.net
1    23.50.53.185 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-185.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    2600:1400:d:598::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    44.197.2.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-2-87.compute-1.amazonaws.com
1x1.a-mo.net
33    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
44    104.118.9.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-53.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
10    2607:f8b0:4006:81c::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com
sync.teads.tv
6    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
9    104.76.100.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-25.deploy.static.akamaitechnologies.com
cs.media.net
lg3.media.net
hblg.media.net
5    52.58.249.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
9    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    2600:9000:20ed:fe00:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
2    107.23.66.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-66-96.compute-1.amazonaws.com
fw.adsafeprotected.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
2    104.105.35.116 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-35-116.deploy.static.akamaitechnologies.com
ssl.connextra.com
1    2600:1f18:612b:4200:c095:ee73:9876:f5ea (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
7    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
5    34.117.228.201 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
rtbc-ue1.doubleverify.com
tpsc-ue1.doubleverify.com
8    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
googleads4.g.doubleclick.net
13    104.118.9.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-242.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    2600:9000:21dd:e400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
4    52.202.103.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-103-181.compute-1.amazonaws.com
pixel.advertising.com
16    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
7    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    54.173.43.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-43-128.compute-1.amazonaws.com
id.crwdcntrl.net
1    52.203.231.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-231-132.compute-1.amazonaws.com
mb.moatads.com
10    63.251.114.182 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    54.160.96.164 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-96-164.compute-1.amazonaws.com
d9.flashtalking.com
1    142.250.80.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
3    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
23    2600:9000:2120:ea00:6:834a:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)
trendads.betfindr.com
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
33    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
7    54.236.195.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-195-76.compute-1.amazonaws.com
match.prod.bidr.io
1    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    173.231.178.83 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    34.236.88.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-88-116.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
6    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
usermatch.targeting.unrulymedia.com
5    104.105.85.254 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-85-254.deploy.static.akamaitechnologies.com
px.owneriq.net
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
10    2600:1f18:4e9:5a01:166f:faec:e70b:6d2e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    34.226.161.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-161-152.compute-1.amazonaws.com
sync.ipredictive.com
2    2620:116:800b:21:559e:e8a8:8a19:7f11 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    35.168.248.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-248-2.compute-1.amazonaws.com
rtb.adentifi.com
2    3.122.214.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-5.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    204.2.255.233 (United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
8    88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    52.203.71.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-71-179.compute-1.amazonaws.com
ssp.disqus.com
4    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
12    199.115.117.82 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    52.206.39.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-39-185.compute-1.amazonaws.com
dpm.demdex.net
3    52.70.185.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-185-145.compute-1.amazonaws.com
sync.extend.tv
2    135.148.122.24 (United States)

ASN16276 (OVH, FR)
PTR: ns1009095.ip-135-148-122.us
gu.dyntrk.com
2    18.233.196.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-196-70.compute-1.amazonaws.com
um2.eqads.com
3    2606:4700:20::ac43:4972 (United States)

ASN13335 (CLOUDFLARENET, US)
trendads-betway-api.reactivebetting.com
6    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
sync.connectad.io
3    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
6    3.93.88.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-88-191.compute-1.amazonaws.com
ice.360yield.com
2    104.18.15.91 (None, )

ASN13335 (CLOUDFLARENET, US)
resources.betway.com
4    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
6    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
sync-eu.connectad.io
sync.connectad.io
1    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    44.196.51.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-51-251.compute-1.amazonaws.com
cs.emxdgt.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1680-67.members.linode.com
gocm.c.appier.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    3.208.44.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-44-45.compute-1.amazonaws.com
docker.creative-serving.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.235.71.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-71-168.compute-1.amazonaws.com
rtb.gumgum.com
4    35.153.40.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-40-37.compute-1.amazonaws.com
io.narrative.io
2    52.203.157.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-157-37.compute-1.amazonaws.com
sync.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
76 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
acdn.adnxs.com — Cisco Umbrella Rank: 597
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1309
cdn.adnxs.com — Cisco Umbrella Rank: 1424
secure.adnxs.com — Cisco Umbrella Rank: 438
378 KB
74 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
ads.pubmatic.com — Cisco Umbrella Rank: 461
image6.pubmatic.com — Cisco Umbrella Rank: 622
simage4.pubmatic.com — Cisco Umbrella Rank: 1174
simage2.pubmatic.com — Cisco Umbrella Rank: 620
image2.pubmatic.com — Cisco Umbrella Rank: 898
image4.pubmatic.com — Cisco Umbrella Rank: 880
324 KB
72 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
374 KB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
ad.doubleclick.net — Cisco Umbrella Rank: 196
665 KB
53 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
contextual.media.net — Cisco Umbrella Rank: 527
cs.media.net — Cisco Umbrella Rank: 1824
lg3.media.net — Cisco Umbrella Rank: 3387
warp.media.net — Cisco Umbrella Rank: 2158
hblg.media.net — Cisco Umbrella Rank: 1498
c21lg-d.media.net — Cisco Umbrella Rank: 1760
226 KB
44 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
57 KB
44 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10431
sync.quantumdex.io — Cisco Umbrella Rank: 4418
24 KB
43 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 727
cdn.flashtalking.com — Cisco Umbrella Rank: 996
d9.flashtalking.com — Cisco Umbrella Rank: 1471
secure.flashtalking.com — Cisco Umbrella Rank: 2275
362 KB
40 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6338
csync.smilewanted.com — Cisco Umbrella Rank: 4566
static.smilewanted.com — Cisco Umbrella Rank: 11128
52 KB
31 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 758
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
dis.criteo.com — Cisco Umbrella Rank: 706
27 KB
26 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
13 KB
26 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 18651
12 KB
23 betfindr.com
trendads.betfindr.com — Cisco Umbrella Rank: 492586
217 KB
21 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
12 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
54 KB
20 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 15383
sync.aralego.com — Cisco Umbrella Rank: 2677
6 KB
17 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 18775
tag.vlitag.com — Cisco Umbrella Rank: 22509
assets.vlitag.com — Cisco Umbrella Rank: 22368
media.vlitag.com — Cisco Umbrella Rank: 29576
555 KB
17 google.com
accounts.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
analytics.google.com — Cisco Umbrella Rank: 724
3 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
6 KB
14 moatads.com
z.moatads.com — Cisco Umbrella Rank: 390
mb.moatads.com — Cisco Umbrella Rank: 626
px.moatads.com — Cisco Umbrella Rank: 419
212 KB
13 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 582
3 KB
13 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 860
9 KB
12 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4375
sync-eu.connectad.io — Cisco Umbrella Rank: 3037
sync.connectad.io — Cisco Umbrella Rank: 3631
5 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 780
static.adsafeprotected.com — Cisco Umbrella Rank: 565
dt.adsafeprotected.com — Cisco Umbrella Rank: 517
95 KB
12 openx.net
us-u.openx.net — Cisco Umbrella Rank: 411
u.openx.net — Cisco Umbrella Rank: 709
2 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
assets.a-mo.net — Cisco Umbrella Rank: 6884
1x1.a-mo.net — Cisco Umbrella Rank: 3797
19 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
347 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
98 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
5 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
166 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 593
7 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
570 KB
9 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 962
4 KB
9 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 495
rtb0.doubleverify.com — Cisco Umbrella Rank: 697
tps.doubleverify.com — Cisco Umbrella Rank: 494
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 1757
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1029
123 KB
9 shrinke.me
shrinke.me — Cisco Umbrella Rank: 325595
279 KB
8 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1795
5 KB
8 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6044
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 503
3 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
12 KB
7 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
4 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 481
7 KB
7 google.ca
www.google.ca — Cisco Umbrella Rank: 8069
adservice.google.ca — Cisco Umbrella Rank: 12925
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
323 KB
7 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 116989
exchange.adtrue.com — Cisco Umbrella Rank: 86859
169 KB
6 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1585
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
mathid.mathtag.com Failed
4 KB
6 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 567
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
14 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 16077
creativecdn.com — Cisco Umbrella Rank: 677
1 KB
6 ystemgthr.com
ystemgthr.com
8 KB
5 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1082
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 577
cm.adform.net — Cisco Umbrella Rank: 2148
2 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 884
4 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 866
1 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5536
ads.yieldmo.com — Cisco Umbrella Rank: 614
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 10045
3 KB
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 746
1 KB
5 cloudfront.net
d301cxwfymy227.cloudfront.net
97 KB
4 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2430
1 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 985
830 B
4 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3488
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 868
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 718
3 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 7743
1 KB
4 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 635
sync.smartadserver.com — Cisco Umbrella Rank: 1463
1 KB
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
2 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 821
idsync.rlcdn.com — Cisco Umbrella Rank: 327
819 B
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 371
1 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 431
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 434
2 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632
120 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5352
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3142
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 825
2 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2004
25 KB
4 pertyvaluati.com
pertyvaluati.com
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
imasdk.googleapis.com — Cisco Umbrella Rank: 417
128 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1605
2 KB
3 reactivebetting.com
trendads-betway-api.reactivebetting.com
1 KB
3 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1745
2 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3847
docker.creative-serving.com — Cisco Umbrella Rank: 5739
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 824
s.tribalfusion.com — Cisco Umbrella Rank: 2497
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
2 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 7983
3 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 835
1 KB
3 orquideassp.com
tags.orquideassp.com — Cisco Umbrella Rank: 114541
4 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1153
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4260
1009 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 656
match.taboola.com — Cisco Umbrella Rank: 2193
657 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 901
579 B
2 betway.com
resources.betway.com — Cisco Umbrella Rank: 555116
68 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3898
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1266
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
945 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4748
965 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
951 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 732
848 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
1011 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1390
569 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 919
350 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1211
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1432
15 B
2 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 9439
934 B
2 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 6425
458 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1031
637 B
2 quantumsyndication.com
quantumsyndication.com — Cisco Umbrella Rank: 39985
907 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 578
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
738 B
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 670
r1---sn-apaapm4g-apae.googlevideo.com
1 KB
2 cdn-adtrue.com
cdn-adtrue.com — Cisco Umbrella Rank: 140680
2 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1879
24 KB
2 supertruco.com
supertruco.com — Cisco Umbrella Rank: 276477
1 KB
2 roofprison.com
roofprison.com — Cisco Umbrella Rank: 866589
2 freychang.fun
freychang.fun — Cisco Umbrella Rank: 23200
1 KB
2 shrinkme.io
shrinkme.io — Cisco Umbrella Rank: 628947
159 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1276
209 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2403
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3831
463 B
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1718
170 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2962
400 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3963
348 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5914
280 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6220
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2326
395 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2329
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2253
485 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1130
47 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1068
522 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4000
358 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1157
674 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 7231
702 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1001
183 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2818
40 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1554
329 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
2 KB
1 ithdedukica.com
ithdedukica.com
37 B
1 motoriesm.com
motoriesm.com
487 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
29 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 leaderhistliness.info
leaderhistliness.info — Cisco Umbrella Rank: 857607
23 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4275
280 B
898 141
Domain Requested by
41 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
shrinke.me
assets.vlitag.com
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
googleads.g.doubleclick.net
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
ad.doubleclick.net
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
40 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
39 ib.adnxs.com 8 redirects assets.vlitag.com
cdn.adtrue.com
acdn.adnxs.com
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
csync.smilewanted.com
37 contextual.media.net assets.vlitag.com
contextual.media.net
ads.pubmatic.com
35 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
34 csync.smilewanted.com 3 redirects assets.vlitag.com
csync.smilewanted.com
sync-eu.connectad.io
ads.pubmatic.com
33 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
u.openx.net
32 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
ssum.casalemedia.com
26 px.vliplatform.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
shrinke.me
googleads.g.doubleclick.net
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
ad.doubleclick.net
24 simage2.pubmatic.com 2 redirects ads.pubmatic.com
23 trendads.betfindr.com cdn.flashtalking.com
trendads.betfindr.com
23 ads.pubmatic.com shrinke.me
s.amazon-adsystem.com
simage4.pubmatic.com
cdn.adtrue.com
assets.vlitag.com
ads.pubmatic.com
contextual.media.net
sync.quantumdex.io
csync.smilewanted.com
sync-eu.connectad.io
21 match.adsrvr.org 19 redirects ads.pubmatic.com
19 securepubads.g.doubleclick.net shrinke.me
securepubads.g.doubleclick.net
www.googletagservices.com
tags.orquideassp.com
17 nym1-ib.adnxs.com shrinke.me
cdn.adtrue.com
cdn.adnxs.com
assets.vlitag.com
acdn.adnxs-simple.com
16 ups.analytics.yahoo.com 15 redirects googleads.g.doubleclick.net
15 x.bidswitch.net 12 redirects contextual.media.net
cdn.aralego.net
14 gum.criteo.com 6 redirects static.criteo.net
contextual.media.net
14 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
13 match.sharethrough.com 8 redirects s.amazon-adsystem.com
match.sharethrough.com
13 onetag-sys.com assets.vlitag.com
sync.quantumdex.io
sync-eu.connectad.io
12 sync.aralego.com 12 redirects
12 assets.vlitag.com tag.vlitag.com
assets.vlitag.com
11 ssum-sec.casalemedia.com 3 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
11 px.moatads.com ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
servedby.flashtalking.com
11 us-u.openx.net 6 redirects googleads.g.doubleclick.net
u.openx.net
11 www.googletagservices.com tag.vlitag.com
securepubads.g.doubleclick.net
shrinke.me
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
s0.2mdn.net
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
10 pr-bh.ybp.yahoo.com 6 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
u.openx.net
ssum.casalemedia.com
10 ap.lijit.com 9 redirects
10 s0.2mdn.net shrinke.me
s0.2mdn.net
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
10 b1sync.zemanta.com 10 redirects
10 acdn.adnxs.com cdn.adtrue.com
assets.vlitag.com
9 image2.pubmatic.com ads.pubmatic.com
9 dt.adsafeprotected.com fw.adsafeprotected.com
9 odr.mookie1.com 9 redirects cdn.aralego.net
9 mug.criteo.com shrinke.me
9 prebid.a-mo.net 1 redirects assets.vlitag.com
9 shrinke.me shrinke.me
8 ads.betweendigital.com 8 redirects
8 googleads4.g.doubleclick.net shrinke.me
googleads.g.doubleclick.net
ad.doubleclick.net
8 googleads.g.doubleclick.net assets.vlitag.com
shrinke.me
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
8 pbjs.e-planning.net 4 redirects
8 hb.aralego.com assets.vlitag.com
7 sync.connectad.io sync-eu.connectad.io
u.openx.net
ssum.casalemedia.com
ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
7 id5-sync.com 4 redirects ads.pubmatic.com
assets.vlitag.com
7 sync.search.spotxchange.com 6 redirects googleads.g.doubleclick.net
7 stags.bluekai.com 5 redirects ads.pubmatic.com
7 www.google.com tpc.googlesyndication.com
shrinke.me
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
7 c.amazon-adsystem.com tag.vlitag.com
c.amazon-adsystem.com
7 www.googletagmanager.com shrinke.me
cdn-adtrue.com
www.googletagmanager.com
tag.vlitag.com
6 ice.360yield.com 6 redirects
6 sync.mathtag.com 6 redirects
6 secure.adnxs.com 6 redirects
6 image6.pubmatic.com ads.pubmatic.com
6 hbopenbid.pubmatic.com assets.vlitag.com
cdn.adtrue.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
6 ystemgthr.com d301cxwfymy227.cloudfront.net
5 px.owneriq.net 5 redirects
5 sync-tm.everesttech.net 5 redirects
5 pm.w55c.net 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 s.ad.smaato.net s.amazon-adsystem.com
sync.quantumdex.io
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.ca securepubads.g.doubleclick.net
5 bidder.criteo.com assets.vlitag.com
cdn.adtrue.com
5 d301cxwfymy227.cloudfront.net shrinke.me
ystemgthr.com
4 io.narrative.io 2 redirects
4 csync.loopme.me 4 redirects
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 sync.go.sonobi.com 4 redirects
4 p.rfihub.com 4 redirects
4 ssp.disqus.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pixel.rubiconproject.com 4 redirects
4 pixel.advertising.com 4 redirects
4 aa.agkn.com 3 redirects
4 pixel.tapad.com 4 redirects
4 cs.media.net contextual.media.net
4 cdn.doubleverify.com shrinke.me
cdn.doubleverify.com
4 simage4.pubmatic.com ads.pubmatic.com
4 static.criteo.net assets.vlitag.com
cdn.adtrue.com
static.criteo.net
4 um.simpli.fi 4 redirects
4 cdn.adnxs.com cdn.adtrue.com
assets.vlitag.com
acdn.adnxs-simple.com
4 prebid-asia.creativecdn.com assets.vlitag.com
4 useast.quantumdex.io assets.vlitag.com
4 prebid.media.net assets.vlitag.com
4 www.recaptcha.net shrinke.me
www.gstatic.com
www.recaptcha.net
4 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
4 pertyvaluati.com shrinke.me
4 cdn.adtrue.com shrinke.me
exchange.adtrue.com
3 match.bnmla.com 3 redirects
3 sync.smartadserver.com 3 redirects
3 cdn.connectad.io csync.smilewanted.com
3 trendads-betway-api.reactivebetting.com trendads.betfindr.com
3 sync.extend.tv 3 redirects
3 static.smilewanted.com csync.smilewanted.com
3 ad.turn.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 cm.adgrx.com 3 redirects
3 cdn.aralego.net assets.vlitag.com
3 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
servedby.flashtalking.com
3 lg3.media.net shrinke.me
3 dis.criteo.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 analytics.google.com www.googletagmanager.com
3 servedby.flashtalking.com shrinke.me
fw.adsafeprotected.com
servedby.flashtalking.com
3 prebid.smilewanted.com assets.vlitag.com
3 exchange.adtrue.com shrinke.me
cdn.adtrue.com
3 tags.orquideassp.com shrinke.me
tag.vlitag.com
3 fonts.googleapis.com shrinke.me
s0.2mdn.net
2 sync.crwdcntrl.net ads.pubmatic.com
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 1 redirects
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 cs.emxdgt.com 2 redirects
2 creativecdn.com 2 redirects
2 resources.betway.com trendads.betfindr.com
2 sync-eu.connectad.io cdn.connectad.io
sync-eu.connectad.io
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.1rx.io 2 redirects
2 a.tribalfusion.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 match.deepintent.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 sync.technoratimedia.com 2 redirects
2 secure.flashtalking.com servedby.flashtalking.com
2 id.crwdcntrl.net ads.pubmatic.com
2 i.clean.gg acdn.adnxs-simple.com
2 z.moatads.com googleads.g.doubleclick.net
cdn.flashtalking.com
2 c21lg-d.media.net contextual.media.net
2 ssl.connextra.com 1 redirects
2 fw.adsafeprotected.com 1 redirects assets.vlitag.com
2 hblg.media.net
2 dmp.adblade.com contextual.media.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 1x1.a-mo.net
2 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 quantumsyndication.com
2 ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bh.contextweb.com 2 redirects
2 eb2.3lift.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn-adtrue.com exchange.adtrue.com
2 www.google.ca shrinke.me
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 tag.vlitag.com services.vlitag.com
tag.vlitag.com
2 supertruco.com tags.orquideassp.com
2 services.vlitag.com shrinke.me
services.vlitag.com
2 roofprison.com shrinke.me
2 accounts.google.com shrinke.me
2 freychang.fun d301cxwfymy227.cloudfront.net
2 shrinkme.io shrinke.me
1 rtb.gumgum.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 spl.zeotap.com
1 pixel.onaudience.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 docker.creative-serving.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at ssum.casalemedia.com
1 ssum.casalemedia.com sync-eu.connectad.io
1 u.openx.net sync-eu.connectad.io
1 cm.adform.net 1 redirects
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 sync.resetdigital.co 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 id.a-mx.com assets.vlitag.com
1 tps.doubleverify.com cdn.doubleverify.com
1 ad.doubleclick.net www.googletagservices.com
1 mb.moatads.com z.moatads.com
1 api.rlcdn.com ads.pubmatic.com
1 static.adsafeprotected.com fw.adsafeprotected.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 acdn.adnxs-simple.com assets.vlitag.com
1 warp.media.net assets.vlitag.com
1 qsearch-a.akamaihd.net
1 assets.a-mo.net assets.vlitag.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 r1---sn-apaapm4g-apae.googlevideo.com
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 cdn.jsdelivr.net assets.vlitag.com
1 imasdk.googleapis.com tag.vlitag.com
1 ithdedukica.com leaderhistliness.info
1 motoriesm.com leaderhistliness.info
1 code.jquery.com shrinke.me
1 www.facebook.com shrinke.me
1 leaderhistliness.info shrinke.me
1 bit.ly 1 redirects
0 mathid.mathtag.com Failed ads.pubmatic.com
898 217

This site contains links to these domains. Also see Links.

Domain
shrinkme.io
blog.shrinkme.io
agencyorquidea.com
forms.gle
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
leaderhistliness.info
R3		 2022-03-20 -
2022-06-18		 3 months crt.sh
ystemgthr.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-23 -
2022-04-23		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
roofprison.com
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
tags.orquideassp.com
Amazon		 2021-06-29 -
2022-07-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
motoriesm.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
ithdedukica.com
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
tls.automattic.com
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
cdn.flashtalking.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
dmp.adblade.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.betfindr.com
Amazon		 2021-12-15 -
2023-01-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh

This page contains 209 frames:

Primary Page: https://shrinke.me/0GNZk
Frame ID: ADEB002372B7EAF2A20837FB1A96094D
Requests: 159 HTTP requests in this frame

Frame: https://ystemgthr.com/WnVzMmI7FxBfXTtIERQXKBlOF1AcUEF0BmlFQlEaLRMKXxtoR0QcATYaBlYEKBodRkw0EAcXUBw0KWUaIhYYayUbDUtnBwgwNXQ3Yw0rdFceJkB0JhgSOlYpGCMhYhgURzB2CRIwN2A1GxkQdTIbMyFjNAsEMXMrDSFBcyMbHTliBmo4PXQwGEImZw0cNBpZLQ8nJmMuCAIQcTA9EjBVDgI3ClY7GydHey4tHjJ3JD5FOgMOPCQefDoCMxh0Li0GOnoFD0QidFcYPTd4IwIeNXYGMQEQZCcfMCJ0Vxg3IAouDR4lagYJETljUhNQQXA3ax0qZFEIIzdjTx82OFUjODMxcxYeNxtnMxs3ImpSABYXZCwQJEN4Fx4SInQqIwUyaggQLRd0NxsyMVkICzNGcCQJODRwGm8XKgMGOTAbXVIZEjZnNGkkGWo3HDYSdDQZJyZCR2gzJgIoHSdBfDoCNDpmKxskFnUkPkU6Aw4ZJyRaNQ0ZEHoHayRVWBE1GwMPLBtFHmcUOAdAXA
Frame ID: 06CC612C7C42D9456C137AC8B5B74C8C
Requests: 2 HTTP requests in this frame

Frame: https://ystemgthr.com/MEw2OUpRLlVUdVFxVB8/QiALHHh2aQR/LgN8B1oyRypPVDMCfgEXKVwjQ10sQiNYTWReKUIceHYFZ1cbBS5YcCJ3fVVwHmQVUmEcfgpTCRN8GgZJIXgnWXsCdAZ8bTBHFn1sAFoCQXgLciBBWwJyBXVbD1cLeXsLdRRaaD92GlVzHgIdZG89ARxVCABpD157bwIKZ3tyUgkFARBmJGdbBlgkb2p6cQlnay5VGgV7D3UeXVsGcg5hfht2ImReIXEOW10NcxoPeih1HVVhHnIiZF4hagtPQQl0GUJ7C3YJemEtQHxnewh8HX5wHGMeAlwARwJVfQhbPnd7Z0gveHEueAhdewhUCnN1ElwjRnEPAAh+VC53KV1NC1MkXmgIYihYay1bBnBAD1YaXV0SUwlkWAhXDUJ+HEgAZ3gYdg9gDClTIFl3HFs4Bm4tBS5gCgh1H1EBH3k7bGgZAA1zaBtAFm5xDHMETk0aUzsQUzlfIkYEPGInXQ8QaT50Sy9FImZPHw
Frame ID: 8BB40B61CED2A40AC295F4BBF321993A
Requests: 2 HTTP requests in this frame

Frame: https://ystemgthr.com/WDdSTEM5VTEhfDkKMGo2KltvaXEeEmAKJ2sHYy87L1ErITpqBWViIDRYJyglKlg8OG02UiZpcR5FARQzN3ooCTIeZggaBzIHBggCbH03fA08dTUaNR11Ji8bIlsaCwQWVRU2cxx1JRkNHHM1GhEMejcaEhVvGB4wH2ETNDUQQAgdBxBfMQ8VPGM2CXYXZWIJLh1hBBQWIX4WCwYsVR40FhZxBx0sCkAELxAhdgUOBRFiNzY7PH8DCjALcTUuETF2BwgFIHAdIHo5dmN0egAGPQgCEFsHGwEBdBF9ejl2YhUkHnFmBAUQWGYYEh11Hxk7O3A6HnQLUH8gBwlkByoLaW0GBSsVVBQrDghjYz8GEAQiARcJchAVER12AH00NG9jPDQefyYHAR5HMwAFYVYTfRorcAMCIB9wKgUUHnUIAzsNcQQkEW9nFCcHGWA2BxE/VBgvBiBwEA0RK2QUJAINdGouBDRYByk5IFMTDRk2ZAR4FQp/AABlMkQ9IjNlRwImER9cZngHLmc
Frame ID: C6B87CC8FC8122101AFFFD6A2B364716
Requests: 2 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Frame ID: 6E551289A0CA4D21F728A2766710A583
Requests: 20 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Frame ID: 5BDF91B30135C977D12F4FA77EBC020D
Requests: 18 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Frame ID: 51EC09C2A53C7930162A6211A9BD41C7
Requests: 8 HTTP requests in this frame

Frame: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AD91BC0CBC8E5C8D3B4A7DB025FA1E89
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Frame ID: 1A9396E110DC0B75437C3A5BBC39B98F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 1CFB396AAA3841D914F7852A2ADF2F40
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3A01D8A537607C23949425A6BE40F90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7B1C8B0000380E8EBDC9DD7201AC28D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuruaHRLOATUI35E6biORf5doZIWTF_D2XE9aStPROWQnx81_cdNrk8k8Eusz7A8OYtTF7vaM5GyKIX33XfHAbOq6dHhghXIC9eBGlSqQIUhr_ewWligSifHjK9362k4rSgHWHmfJcEGIFMqQtqw-q8e0QEP4L1HcCivrHlpbSp7x96dOaWi5Pf50ccWVT_6KxX50BmqxTJPCOfizCxvf0-R-ueHLROPEwiRa4_Lc8fxHiTsgfM7vVppStZtxYexohorzjMPPu5ww0VYp0MCuqMlFv3ASbLCgBGPTfH_HY98gSultuDnu9eDQv96kT8p05TNm88VJCE&sai=AMfl-YSWlAO5ZgxRe_oIsvfFVr_rfchNaC1mZPK2319B6xY23H7HBzq3bdpiaBYjbSsQarZ63Vkqn1_6AazR2F438dnrJfUJB10In5nOrZd-B6jYKznx-tRKELFt7Ll5m9R4&sig=Cg0ArKJSzAcV3iMB73FPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A5BB92DD7ACDBB2D41D1566C056EA396
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Frame ID: 655924FDE91887745C73497D36840147
Requests: 3 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/1/174069;6268017;201;jsiframe;BetGenius;300x250casino/?ft_custom=&imageType=gif&ftDestID=32975530&ft_width=300&ft_height=250&click=https://nym1-ib.adnxs.com/click?50CiFTYHwj-amZmZmZm5PwAAAMD1KPQ_bId1mVB3uj9QO_w1WaPCPxJ0bOseXDBr1gKv5X4MymC_7lliAAAAAIR8MgGoGwAAmBwAAAIAAADgLSkUFK4QAAAAAABVU0QAVVNEACwB-gCw8wAAAAABAQUCAAAAAKwAzyVFHgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JxMOfgjbxL0YEODbpKEBGJTcQiAAKAAxMzMzMzMz5z86CU5ZTTI6NDQ3NUCLLkkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjQ0NzU=/bn=87213/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=504734123
Frame ID: 37D9983AB725D7F068360CD575A3C7DC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7080&pub_id=854351
Frame ID: 294DCDE55F3EBAF86B0301E182B2EC84
Requests: 3 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKPDfD9jwYAAAMA1gAFAQi_3eeSBhCS6LHb7oOXmGsY1oW8re6Pg-VgKjYJ50CiFTYHwj8RmpmZmZmZuT8ZAAAAwPUo9D8hbId1mVB3uj8pUDv8NVmjwj8xAAAAoJmZyT8whPnJCTioN0CYOUgCUODbpKEBWJTcQmAAaLDnW3itqQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDI4OTY3ODksIDE2NTAwNjA5OTEpO3VmKCdpJywgNjYyOTY4MCwgMTY1MDA2MDk5MSk7dWYoJ2cnLCAxNjU0NjU1NixCOwAwcycsIDI2OTMyMTg5MUY9ADByJywgMzM4MjQzMDQwNh8A8IuSAp0EIV9XVjRuUWpieEwwWUVPRGJwS0VCR0FBZ2xOeENNQUk0QUVBQVNKZzVVSVQ1eVFsWUFHREdCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQ3FnQkNyQUJBTGtCaW1yVWQxMmp3al9CQVlwcTFIZGRvOElfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBYkRTbEFQMUFXZWFnRDZZQWdDZ0FnRzFBZwEjBEM5CQjYREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJN0phekhSQUxHQUl0QQFDwExvRENVNVpUVEk2TkRRM05lQURpeTZBQkktdGpnaUlCSVhEc1FlUUJBR1lCQUhCQkEBNQkBCHlRUQkJAQEYTmdFQVBFRQELCQFEQ0lCZnNpbUFXampiYUFBYWtGCRgYQUE4RC14QgE7UENBZ0dPUV93UVZuWm1ibVRCUFFQOC4oAARfUgUoDQEIMlFVDQrIRHdQLUFGNFhId0JmejE4UWY0QlpYbnNBR0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJqTXpNAQIsLWNfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFKeE1PZmc6IQIsSlRjUWlBQUtBQXhNAWkYek16NXo4NjJZARRVQ0xMa2sNcxBEd1AxRQ0MDEFBQUYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLjUC0HcuLtgCAOAC1uI26gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlpr8gIRCgZBRFZfSUQSBzI4ZXw08gISCgZDUEdfSUQSCDFtVgEVCAVDUAEUAAl1TBDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQAHbegA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8JqAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOe17oB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBAHwBODbpKEBiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBbm-AvoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi0BEAAyAetqQXSBw0VdgE4CNoHBgknROAHAOoHAggA8AfE_weKCAIQAA..&s=24da6e2eea0fbebb805d053eeb34cab085e64bf4&bdref=https%3A%2F%2Fshrinke.me%2F0GNZk&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fshrinke.me%2F0GNZk,https%3A%2F%2Fshrinke.me%2F0GNZk,https%3A%2F%2Fshrinke.me%2F0GNZk&
Frame ID: C81751F69A4E37E336E3DD5EF97A9F54
Requests: 5 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 0955251462071B14BA60976645AE6BDC
Requests: 3 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: B36B1A8763CC169FC61375158669412F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 4309470705D7A5F08D71F111B8F67D05
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B21578EC98C5552E90C3E32458D6F9C5
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 76B2EE83E4F50CCED88354DB82FFC164
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbaPWKA5tqwNvDm9FAAAAAAA&expiration=1650147391&is_secure=true
Frame ID: CA05CFAC9F62DB4259B7D6F72E66AED9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=927618439590507575064
Frame ID: 88869C58406F5F184EAA3AF3BDFF9A4E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOw9zxr2adlUvM7-mU0yat5tDmSfJBY31M2-Y7gZRCwlc0HwopMxbk1ewei2munOEz7DyXHOetrgRSVUqyXMwqzUwrTKaMWy_17XvVubqNm8PKqpTHcogFgWMmhNm7DiR1FmbnjJ2xI9mXdkJrWaetbPuh3JjmQk7sNPOdAmnK2PuxOO9Tvvik_bQFt65RteUFhHHaaV_bMR_VfVvjbWwtk8M-57nyrd0wx2xnAu_g5EutIjUZU67wLB4r1q3Z_d4RCFLuVsvqZ6xlIcqTXnZUfqJnqTAFLnSob5gHhwjqbqiv892ionDn792tvidK80X6fqlBWiRy&sai=AMfl-YRwyXJEqUyc9yk_KjiFqiRBzDlylNzW0nbEe-H3yIqzyxytvq_y2XCcm9qPmt1P-GwkslnHGXROqFCFz-EzUQKNH9-TCGpBwPDP1jJQP4EAOCxEs_9IfH-vgBEKEvU&sig=Cg0ArKJSzBeeHOD5TSJqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 113EE61DFCC410519EF9D7CD16C67D56
Requests: 12 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1650060193&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Frame ID: 9889F810360945ED66E2E848A28691C9
Requests: 11 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 2AF911C02B4A270A31238D12D41F8E4E
Requests: 16 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: AC2BA3FEC6FBC5BC6458105448B56CFC
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Frame ID: 3350C99B34733DD695D12A769AE46B6F
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Frame ID: 63FE01632A712519FCAF6B50CD7C4F7C
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9DC381AEC142CC1408E47271FE050FCF
Requests: 1 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 8C57177758E8F8001CF2AAD35FD13883
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqb2D-DntbjKQ1WbcOi_0hSrgJsrd1N_aSLY1y2TiVj5rC7ACVLYx7-Wk7mafyfkQXrGj6UuQqp_GeqgsmAH0x9BAxe8Gos-QjyIqmhUdPamrxfvAdfb0levG0OorLBwSPDHdiXtwRrtwRhOwOsbd-gC4545P9WYOUz2MAA6EpwwlG3k33meVWKguyTiH78bZ2dCwUclFtq_QHUwZaB2eSOy3mTrOE1WlmS9hzWCa1SdWKVuFHIvpLz_kKfPNvfVSF7sTKqM6oQueBByMLr9lroF5fD5satUceCcnjDVageJZLfyFCuyUaH-NGr0-WUY0dZLEdWRvZ&sig=Cg0ArKJSzLZo718MhoXmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 75B50EB994DCF1207FD84F61CF2F02D6
Requests: 4 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0BA6E40B16597C9B9587AF946EA0158C
Requests: 1 HTTP requests in this frame

Frame: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DEADB028DED675B4C4E198181D39BD0D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/156331/3769725/index.html
Frame ID: FDC4C37348B8CA982868B741BC6FE20C
Requests: 29 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: F8AF55CF74E034FC1A3E0164913ED4AB
Requests: 2 HTTP requests in this frame

Frame: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5439F19DE9BFCD998F67023168725C72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Frame ID: EBED172033744B3EF2C82393E727FF75
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Frame ID: 7DACA4318095092EB8CB39BF6A175A5B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: 79AA749C410622477A8C394A7F014F24
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Frame ID: 8F29F36922D80FEE3EE6E892E75137AF
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Frame ID: 3420D198FED5B4EC24D342AFA37D706F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Frame ID: 79F5382ADB0E1AF59435433B038A6A02
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: 2404E3937B8A45EF947B7E34E40E0A4B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Frame ID: 9456BB5F0D4285B680CB6F1D26052B3E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbNiuCutYPqO_IOZZ-LdMyxXjJwzUgRjU9lq7MR_yZWvb6rwF4G2CZvozpte6eLnxDCaxnytvBAaXCZ3-Ncwo4faEhokI7qkXE5iYubMo00E6Ik1fRQL8z2iD8-RoqLy-zPuHsRIgghEs5CFb57wFDUismWQ&dbm_d=AKAmf-Cv2yA6fkrHqaRgf2mNzBxYJt-hVtjzOnJTFTe1h8_DCDyhO70n3AGlWlMVyRw_OxQoMnG0hBglkzch4ZEUew7YoNrZSX9QoN7N6iAluO1Egpmt-zy8NsXuETNb48qRg_XxlIowO4wemSvPoyY6X7MFt1YE4vvyFngUWpo5AU5eoWnU2oizncAu1m-iWw7f5EADiy2FuZsjiXhVRHeG_eSLhHbLxtPXcagCJeFvxw3-Bq976hzlcDA4U0sA-6l1kyyWibKDm6NP6o07Fz9Zq2XQUQ2Svc_4WdHRX0TOXL2IMAwGXGF_Qf-dXAobWs_leCjtTFradv2iyLp-4wWHXlPKgVaamIAJLTQWMnmMH-OqWKiQErkfVUYgR3QBBa34kdlzy5Y2PhU9SjMFRr5sfY9okL6OYm8hyErmiLzGeWKQNllS61Tuq3O943DTnyGcs0ow6PqIE8CzgfNqVdtEMJwho1RaQhyEwGaHlifytrXWBaoxM4EvsWjG5gsQFi9E9anKnS36W1li8DPGR3OKNhqqtyvdYwTG4RUDDPEUFkZU-0fV3fqK501LZnyJBTEVlE4IBFNrneUWvatwWCrZufUor0F0HU76z54nHjjpkOKIOX2dvzEhpfZp3coHGDqYMKuuqoWtq2IDkGtp_hMeefGFPO7eWyVjrEgHROPlIxyo6solEnp0lHz6FNY6AoVeXUXcVHMrmzObC3tx1_FIsx6Bmjq1dXP_vt_HUKFN51PyHkLQxgi5km_Q5D6Q9hd9QQ4ywSBdE79e7UKgqdbJJKeThJnPNMzXlznosVmOuuHsy979tsdOf7up3Ya8fcrZeYn4DGiRlnxiE0NMd-5v79h03iFRHXj_i5hXLf467vMZxCUsMosfDifhfmDjYn2jN2-y3EiWxA8CFdS4J_btzmEvD3rRKlaLzA1GlLaDKCGREtzQ5m7JsUlv9D5mVAMsGIIC3eXvI0lG_zc4RXSRX5LZSzl2DUpIz9M_woYIpixoqzqYWxDyD9fSF2fVauNTqw1mFV3Fig4CkK7HKiQZ4yNR4b8LfwLGHQ8VJCK4HXijy3UM7NoXqxULP7C_pUd6LU8Z2297GxyNO_soAdkmnqWqeoxtMA63xMP0pQPt0Cz7Dmz8VoBPealEOnrh9AWsHyHtNcITolLfVlNYZCqvKSkQYoNTQ15jHymYUZq9fTRQw81Cyw-1B9cxlFR37Axo5Th6PDzihiLrr_U8dXaQ9vPfXtNYYf75e_eaA5Q9gGsl_SFPZ_LlNM1VHb4Wf2tvKxfYl8uUXQxkn_-c_btX8MwRQxzqZle8loWwSlUetcccv-PnWupKTUUKvqKMqfxUODj-cFu4ilkqe1xPwwofu98sBLVWT_OAVBRb6CC0fgNrZPBTeLibDl8__ub3DZPjNqtMx4_Fa6GuQx-GTTwrpBGW3qtG65L6agsz7oDVs6JDLqRsHc1C6rOL954MQPxUY0phBNCAc1w0KdKpVVEk26T5SfZTv4foj_5671nEVwAT04KBeEOtHTz8oOjIRxvgcHQ3o2lv7BOy3d0wrJZBHs-11tH3PzSoI1IH58dnEdAdSw_evstRlnaKnpLZTIPIiPjSSttTHtOYgpReVrSp38m7T-mczQxmkzHLILmAEJuIbp42AbCgJa6jpj94a7FimWsnuM6J_t1eWGf97-XyWQi2yYi9aX1oCQbPElOiLsNVcIRbzjtZkSoeGuO13fRZ9kgVIJREXku8NhIbwZ4SLEGY7w6sCMCNSEq1bJwXkSc3aWuQVw4yaQZHZm9fBeftFLnq3SB11H7GZOo17R1i5DqSs4lUm-cn5HUc7nIMjuEth1s9zfG2KItt2tP3xuaa3wkXw7oGPN7qVQ5xcA1fy14cdDWmS29Q7IaUVCJa0v_WJToD8NKqBK3eUDLF8ZtUXzvcO9tSxyp-TYLWBHr1DrvQ9lV_TiV7imVa3JNCirN6MdAIo2V3BHLPYr46mI-DaBK5NUtADmqbqIckwQUiOQ0-YVsdvecFSjp20-Fc5fqTVgNRA-ZppEQqCBPPXYK-_4GLiyrF4fRjO6Mg2PNqHh7G84h7Xm2Fa72rVs52YkLJwtIyZgzdFQ1sYEmcKGlp763RHz85lpwCIPdF3qxo0nmVq_BOPYEVRW2dXrtN43htKCODF9T9-ux30h7EBrBEk8SebVXovm8BSlASjbhri771DE3sqAS9od5K1tgIC5RcVb9LE7c2HFuEpffDHdnWS8DahZZn8MC_Ne8oMJmH288z-4A-YWu5EpagDfaYCkDTshCKxArxgHqgu4L8nhrukTb5oQ7lIu1izdglnt37mBK_VYU2WPOdCxVxYi-d6YjIwdQ-Clmk3Uu9vA4M0kYXp4Z_SiyQuR-a6fqA_TxCe2Uwsu-nhlkIULjiohGF-TbX9ncxDszl2oBILSAiJA0YDUHVnCTzTIOHBM_g8Z694vOcxtQH4H7FXIXkuWnzW-xTzotG8rRBcDUHPFcYsEgiXaM5sCW6nIR55Xa2FnAfVsbXIQ_9DFPjBiapnNaTbH1mQUeeZDuB19wZ8FNnsMGkNdE57QoqahjxtFbcreFiMHFKIjONsA&cid=CAASJeRo05EU5Ln1ME7VEXgo3Q9a4NQRtoaIzY9csVtCZNmBYsWZqyo&rfl=2%2Chttps%253A%252F%252Fshrinke.me%252F%240
Frame ID: ACA967975C7860A826CE87181FB74EEE
Requests: 24 HTTP requests in this frame

Frame: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F2291AB5026FC053AEA69F713E23E5C6
Requests: 19 HTTP requests in this frame

Frame: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 71534453AB061845F0FB16E7D37044F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkN-DAhivmJeRATAB&v=APEucNVimBtBKqj_aHYqvSbB4GvfVqQ34p8rJSqBmTwBAkdT-6LyPRQ47ST4c-yqCCu3k6RkF59Dcwpghv-OQX7trbusE0ynwA
Frame ID: CE9279CD23AF8A28B3040DEEDAA754C8
Requests: 4 HTTP requests in this frame

Frame: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Frame ID: A5DC0318FCF3B7544183E01A3FBFD931
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=12290&pub_id=1886142
Frame ID: 10C9B6386C38D2D0815E3DD179894EB3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DAEA2301F-378B-4E0E-B7FB-AD8F6D123282%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: F630F877B39B72E50ED3C75DBD440C08
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&ex=pubmatic.com
Frame ID: 500C3620380DB11652B695DDF94CB3DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6A55CC207D79B4C801E1F58F706F4F7
Requests: 3 HTTP requests in this frame

Frame: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B39133968856545853148AFBEE851359
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Frame ID: CB3DC853C9E47BF02364C1058BB0A3BC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhi145fHATAB&v=APEucNV3ArgDBT_ou0MGzWE87SJx70DZwHuybzyKjQr52Z4V6AHqFrLg4kM39S8qZG7VbBcLXzxvXMsTTQ5CXkfJFtKzc5RO3A
Frame ID: 33E321B33DD0CE3C26B9A3997A607031
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5C2BB7434AAF8FE71626D56FCFA6204
Requests: 3 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Frame ID: 9AB2E1B52F52A585A84DF63879601666
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 72AA3870641CF7B771BFA074F4CD0AB8
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1BFC31400C8D066D805C012A8E0DE62F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 255F9DD055A06D186455BF626236F48F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A50E5941A6034F1FFAC8D7BA3611BB17
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51AEF50CD4320B8E18137165B8B6BB3B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FEED2DF11FE2760134DFFA05266E71BA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7355287C0BBB0228D66A3B9C0EDD0AEE
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/128886/3384958/index.html
Frame ID: B01CA53E52E9ED8EE5C9A1436B8556E0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01BF166FE34B127CDC1361D26A0C7253
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2576.js
Frame ID: C31E942B3B37A3236C982759EEA9F419
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B137BFF939E04E33B2DBA289F750AD16
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 332AD4EC3FC48EB2C49C8A02B600B831
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6724ED124EFF196A586200A6C6E26719
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5A19B16431760AC144273BAD1F1F7464
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE846F5CAF9BC4C8201FE76F8E0083E7
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DDA3D11B40BDB3AC6486E5D413AB329D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 43C3314D10780BDF1A2DB75E7B71DC8B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA7AC20DDF055CA4F841E9585E452A3C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6BC7CD47FC96857D515722E8FDDD027
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: ADF200F9494AD7ED3B47CBF765D7B36A
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: F33BF14106A2B50E9EC0F93F75B959FE
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: D3221F331FB3095A8BCAC2425F47BC90
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650060991094
Frame ID: B33E7CB629BE45C25DEADC25C923E7E5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 324947DBEC517B1C1513BE75A55EE981
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 1F4A685B5A1A2315D10A37E9F0A55A9D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E8BBCA48ED8240FCCA4F53A11F66D4F
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 9E131EDAA644060421E8C2BCDCEA1AD1
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CA95F64D201FAB5D86463B537E42A368
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: F7EF43EADE6207FB144A0CAA4B19FADF
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: C3FD5145FBFF17D42AE81AF81687B150
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 2422BE0EDBB2A894337B7CFA8C579ACB
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650060991083
Frame ID: 187B9F7E65160F5BF489BB4949F51B47
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650060991111
Frame ID: 3F23F6C32FF93771B16B80965318AE92
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: FB9BCB6BD200349A3C1A5B8ECC38FF9F
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 0D7560365081295005DA602E6589D24F
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 75F29187C534A02F721FBC4457C6012A
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: BC6D86B94F6FB4C781B7B08C1552DC81
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A06E1D2ABE03861EC25CBA409ADFD4EF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 67A0A77821DC0F812BFA6CDD97A383C8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: C6EE861F10F9AD7B7790774F73F9EEC8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 4089F18BAD430FD511EE344809DA7A43
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: A4FF95DB8D097F72F62562A22FA4FBD9
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650060991165
Frame ID: 2FE8A2677D2F675859D5927B376BA60E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 7C05888ECD5D8A8A1C621CEECD6B74BD
Requests: 1 HTTP requests in this frame

Frame: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Frame ID: 9780E006E05AE076DCBCF2175657A040
Requests: 28 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 6E7AFDFE985487F77AC3A19EEEE7C480
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlnuwwAItyrlawA-&gdpr=0&gdpr_consent=&_test=YlnuwwAItyrlawA-
Frame ID: B3ED0E523EEF61BD1431F0AE8BB6FC5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:73036259-eec2-4000-9932-c64a5e235247&gdpr=0&gdpr_consent=
Frame ID: 1849FF7EF561E8E52A24ACBEB8598248
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJxRE7Es94AACxz0P3PTg
Frame ID: 348305A4794A0B3D7F264AF90F3B4767
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: FA72A2DE44D17A272E2E36BB095CB7A8
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4CAE309461F573FFBC2D796B63404DBC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Frame ID: E7D8B7B3856D3AA7BF79BBBB3071C151
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b63a6658-bd09-11ec-abc0-b1992d655dbf
Frame ID: 462955CA299C03202B0118A591084ED4
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: EDDE51BA0EAF69DA9D41F781008AFD02
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 058D86B79EC9E14E1510259FBACA2ED2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lQCL2ZUG1NFueZ5&gdpr=0&gdpr_consent=
Frame ID: 3B9F424ECD89B40800D97B3D19D729F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663495379157
Frame ID: 975330306D8E4020CD960E98BD9EC85F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: DD9297956CF05AA667A2302DC954927F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7033473951776023466
Frame ID: 4A74C26430AEC0F01D0B3B9FB2C1DB7F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609951842930625921455251000V10&ovsid=2809753603273993551
Frame ID: 003DE21AB587CE2ACE69153E10588090
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3DPM_UID
Frame ID: 32E35789BE101D5A01B3D3CF223A0041
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952052930625921455251000V10&ovsid=970033154657313410
Frame ID: 2DBDC613C3987F2432893794678391D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3DPM_UID
Frame ID: 4626D185320BA5302C2BA0C0CA2F7717
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952362930625921455251000V10&ovsid=978758878098887620
Frame ID: 2BD6E5F535244EF528A03EC6FE58C2F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3DPM_UID
Frame ID: 77661F582A71F9B7750199476C6800C2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952742930625921455251000V10&ovsid=970033154657313418
Frame ID: 19B1D9D413C3BC01387F84984833D619
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3DPM_UID
Frame ID: 9B0862D73FFBC29B64387949E4EE07A8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: E8E22F373F495E51A1916F90022155BF
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 9E7DFEC1D2F0378B8497A94D79F382FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DC6B3DCB0D3F7B564CCA09D333E6C804
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 28D1B5256F34FF761685FE1BD431F61F
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: EEE362B79CB99B7C904D98583F0944FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0D2E44983C818CDBC9EBE80FECB46D4B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 53E85B5859372318E6FBC91CA598A031
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5FDEFF2E952636AE3E4F79A3A933D6DC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 0D786A7ED3B050C4959C4635771C7FA2
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4F7FCB0E745CBBF8DCADC09BF17A7A36
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0506CCA235018E796C6B4401C5256756
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 4AD602D29BA2E67D0C78571F557CF0DB
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: A5DAC4BFE45629FE5B1365549BA2B3CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C7FCF880F15FE3B6AE8FCF2D7F3FE382
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: BB37A56A0B76231F671589790CA3A793
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 4B98AC4120D723D07C01BD59DF50560A
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F41FC9F3DAE733D240D0DED9368492BD
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 2EA07516BBB2646F50740FBC2659F15D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D1D7F33565D303F8D77C7FA96A4037FD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8D5A9744C694E9F81FE8155E99C74D68
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e0d9300d4640f4daa577bb381009b9e6
Frame ID: 1836C9EC7A3A6394364AAD2C3540BC4A
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=ac59b8426f6f09bc00276e190f679be9
Frame ID: 19B7AE80AC22BF682C273B6D94991905
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f6c16468e542018855cce940367efb8c
Frame ID: D205B66288AFCF58C3E2A327FD8CA75B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: ECCA6229012281602238BB102B5CAFD1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 4E9C7C6F5FED84F694ADDA9740FE1A4B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: B252D5D5D883983928CD471714974E29
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Frame ID: 5C795C7D63CF135F4A4E9215B25776B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Frame ID: 3A268C749777B8B5D8E750817595B3E1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Frame ID: 29CFB5C3BA098B76E605B154292D8A3A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Frame ID: AAA05A95EE78E430CDC78BFE2F0DD012
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Frame ID: 47F43F21998115A11662C891ECA1E3B1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Frame ID: 259A171E9F45C5E9534938E5D1D74853
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Frame ID: EEACDF9A19ACEC457ABA1701A8C1FFA3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Frame ID: 3D443F5C8CE1D863B12F892AB3BCD81C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Frame ID: 0BA6B18CEB0D3717628EC917A0B50F99
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: E4B64BF9D2C5EE43B480CA1D576FBCFC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 90B55D808A3F1966FCB6529FD1F97DC6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: D8F9FD9F63C62D31853AC0C2A6A778B4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Frame ID: 7681107177058954AB97D3759557C100
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Frame ID: EE87D4725AB4F8F7E0A16692F0B79FBA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Frame ID: B69D4BBB4C9747CCD30D0291231DCB3C
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: ECC83BB4EAFD4C89FD98332E04F9B75A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Frame ID: 608A7F2C8E8447CA2044DA851C62EF6D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Frame ID: 02DCFD934B05566E7CB29654FAA85D02
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Frame ID: D348171D0557E7ADFC84AB6F36ADD51F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/fc43bf9f-3070-45d3-83b0-4b9fdaca6f71?gdpr_consent=null&gdpr=0
Frame ID: 8F19359222BFB89396A95AACAB5A23DF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/935f32d4-cd62-46fb-9e24-40e2a3da1ce0?gdpr_consent=null&gdpr=0
Frame ID: 3C6F4E01CC1680AA3F0F2BE24CFF88A2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/fa43785e-4b25-4e31-8ff3-b464f403c1aa?gdpr_consent=null&gdpr=0
Frame ID: F31EAA1615E11BA0C149122D31F7A0E9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Frame ID: B30C1314B255EF18F3F62EC312A8FE84
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Frame ID: 8414685113BF74FCF2001448B116B6E7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Frame ID: 5A54337D8FF45991C854DD332DF29B94
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Frame ID: 1BC02C593634FA90B5FD8399871E58B9
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=8e82fb69-6b51-4f31-baa4-500386e0ddf0
Frame ID: 49369482B5AF7441ED3791265CC86208
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=2697118002783910081
Frame ID: 016B7B8C6EA1E3D05910888B7A191E0D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Frame ID: EDA60862ABEA63B16B8EF7D151BF4193
Requests: 8 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=0XBRe1cabWiJP2Mj0IBi&pi=connectad&tc=1
Frame ID: B91B74D9D3AADE71E909C32108CE9A20
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=6974400712095498966brt57451650060996685746a4
Frame ID: 7E58D181C208DDBDF9F4A814E6771B4F
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=bca34109ab6c8e0f610f67db
Frame ID: 1140A2F9CAFF25CA6CEA9B452B8CA2E4
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Frame ID: E4FFC6D9449B83C4DAE21D3C95926A28
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Frame ID: 34355C97582D6099BE68C50B5536955C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/connectad/V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k
Frame ID: C73EA287A0DFFD81686DFBB851A6F857
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=52ebb55f-282e-4db0-9560-52580402bb53
Frame ID: 6CE9BD0AC92FA7429542E046FB459831
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B5A3FEBAB6EA7437D44F414B0734481A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sC-WAs4xCAyPFFS-xu5ZYg
Frame ID: E2086E8862B5E98A9AF50B0C7E693C17
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E3305C3105A52FA4381A533E398A6B68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=98f9d8a4-c6db-46e8-9cd8-a42812b5714e
Frame ID: C69D9861322166DB4C12DC3AAC4B9BDE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: E7E2A23F031F5089EB2F52415355464B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 485B61767AA4B241A614D0D619B71C42
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6b517f92-c61f-44fc-9add-1184414502cf
Frame ID: 269074B99A04A04F6E91014F10F26613
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
Frame ID: FF27734E29E319B86E1C6A2691F59210
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609951842930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 595EA08734ED0E96CAC781BFEA20D193
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952052930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 3383B29821B72A639FF2BCA4991BB1C5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952362930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 412E45DF1F3550AB6260035D680D24EF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952742930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 61838159F1506A566B93FA7563CC4C5D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 32315B285ED3499354147045BBBBCBB8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: FFC7E1A7927570A4AAA20D169EEE39E4
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 6A91666EC0EF07ED18CED3AFC925994C
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 026289F4CCEF0B8A55D1FB63A9961403
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 04F55049EACEBC9A4706FEE2267EB956
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 60749D400AB7C87EF938D389E9CB5564
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: 4BE301A366A6F48ACCA2957F81E8E042
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data1&uuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Frame ID: AD6CDBA156CF5E4B6891AB58B27898FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShrinkMe.io

Page URL History Show full URLs

  1. https://bit.ly/3NMcN6r HTTP 301
    https://shrinke.me/0GNZk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

898
Requests

81 %
HTTPS

32 %
IPv6

141
Domains

217
Subdomains

137
IPs

12
Countries

6504 kB
Transfer

16686 kB
Size

245
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3NMcN6r HTTP 301
    https://shrinke.me/0GNZk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Request Chain 85
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Request Chain 106
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Request Chain 126
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mlrnel%2Csn-5hne6nsy&ms=au%2Conr&mv=u&mvi=6&pl=23&spc=4ocVCzaEdsX1vShdVls770SfWoQ4&vprv=1&mime=video%2Fmp4&ns=U5FPyilUZdkta5IWts0U7pMG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1650054813&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=t0Ih5gBycUvz6dHxoO3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgMWmfNBNHY6sG6B2HeniS8vSgErc1aORk65QQYQoC0d4CIQDhtv1HajEmdwybbIjmYFsRL-mJlTY_OuaQZIA3KGZ3LA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOEk0v96InKXEvrDyPK4l7BSUsb-LMcnzwVeXw3cQ15XAiEA2VxXDY70hPSdCppPojznbYEAhKKp0_tYG8QMhOm56t0%3D HTTP 302
  • https://r1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCzaEdsX1vShdVls770SfWoQ4&vprv=1&mime=video%2Fmp4&ns=U5FPyilUZdkta5IWts0U7pMG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=t0Ih5gBycUvz6dHxoO3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgMWmfNBNHY6sG6B2HeniS8vSgErc1aORk65QQYQoC0d4CIQDhtv1HajEmdwybbIjmYFsRL-mJlTY_OuaQZIA3KGZ3LA%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::14&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1650060784&mv=m&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVOLYSO0emlikmDu-QwiaEH4O7y-IITgw8WRIDHa2ryoCIGr38Cn8Zv4S3IhK_81-M7tB9wHroLCLRrPiDQyDGrJd
Request Chain 144
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Request Chain 148
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Request Chain 165
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZPEpnnxoWXVObHVoUlpGNmxSaEhsRXBvMW9yUEVPYVVadXZPTTJ0a1JnUEVlbXB6TGtLTFp6OHduVEhQbUFpQ2YzNkVhRVJtU1AwTnZSc2NUanhMRkRIZVdQU2l0Lzl2NmtNdmlSQmNjVVNhQWdFNEpjSjNyaFRIVDdVMzA4V1hXWjNqWVk3RUQ3WHZ6SVo0cHBMdzJUQ2tnZTBDY28vdGxtNUIwUmpwMjlMcm9IZDVaOXBXN1JpNVNkM0R2MVhCaFFVaSs3Z1JZY05hZGdHM294Q20yL1Fmc0dvMk1ab2FXVzlMVTIrYzkwR1pwVzlnPXw&cppv=2
Request Chain 167
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=xJwqhHxJYnd3WS9xbmhlYW9XK1pOdGQvQ2R4eTYxY3VDTmJxRzIyZ1RweTFrYzlVTjB2YktrNHprc3VDanBSMmdZZlVPcWk1bDBGc0xkYmsza3RURlplck5BcWZyYU5iajl0WmdWRHBrV21KTGZKTE5Fa1FlblorN1V6WTVLaDhOdllsYlBFd1dsSjhrRTU4eHpIUi9WYXE0cUFLSWpVWWdMR3F0Q1FrODhXa0xwSjh3RllCU1ZGTlNjd0VLRkFFTFVMbGdHTGV6NFZTS0dxMmhzVUNSQUVBL2ljcnBhVUlxNnNRampqR3Q5QmRsM2NBPXw&cppv=2
Request Chain 185
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=A183E41957ED45CB8401B24CC9FFCD13&ex=simpli.fi&status=ok
Request Chain 186
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VI HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VI HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=CkZZcPL4NgoF1aU-tV_U
Request Chain 194
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=515e71f452151217&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbaPWKA5tqwNvDm9FAAAAAAA&expiration=1650147391&is_secure=true
Request Chain 195
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=927618439590507575064
Request Chain 229
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Request Chain 230
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Request Chain 231
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6974400712095498966
Request Chain 232
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Request Chain 234
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6974400712095498966&pn_id=an
Request Chain 235
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 236
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Request Chain 237
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Request Chain 238
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=lkjrpHEWyYwp&ev=1&pn_id=pp&pid=561118
Request Chain 313
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTGFTa3Axbk1FOGNleTkyRXU0cDRkS0J6dW9rUmdaNTkzSEJHTXozS1FTRjNtSUFZVFBPeU1WRG53UEZsWk5LaU5iVE1qa3dHREpwUg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=EoCrJ3xiSDNxT1JsbjJDTTYvR3Nhc1RhVFFhN1dvbkxub0VHdjRUc05TallzNkFjbjFHQ1MvRGExWHk3TCt3L3BTMFZpbDJIYWlHVm1aL1BlaHlnTFNxWVg1T21VbXZFVm92SWpSYU5Yb1B0akVUVE9jVUZkODlrTS8vUkFMMDlOOTdzb2lnN1ovZ3h0TnZjUW43Q29zVnRnU2ZwV1lJcUp5YUh4T2NZNngyVjJHYlFOOWxZSUQ4cFEzV0ZHRUV2Z1YyQXdzN3NzTy9qcnZNVHQ0NWNPenhqUnlZcDd0eUhRZDBsTlBYck1yVVJLc2hqWmlnK0hQVGR5Vk54emwyZ0h2eXlUdC84dWNkeGk2M1k2TVF3b09wb0tzQT09fA&cppv=2
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1&C=1
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlnuwDbW63m27dBuFkHZqwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGSF9zmvIyMYFsvVunLn-Gw&google_cver=1
Request Chain 337
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3NDQwMDcxMjA5NTQ5ODk2Ng%3D%3D
Request Chain 339
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTGFTa3Axbk1FOGNleTkyRXU0cDRkS0J6dW9rUmdaNTkzSEJHTXozS1FTRjNtSUFZVFBPeU1WRG53UEZsWk5LaU5iVE1qa3dHREpwUg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=paFymnxFRVFYbXlvOWNPeStVNEkrUVIxMTcwUEc5TTZlSWlSSkpRak5NTUIxWFdyR2N1K2xER0JQYWdBOTAyTVB2UHAzOVdQeXFDNmVXb1FzRFBrUVZLcm1EQzdZTS9yTjVvL0szM0drR2lZVjNPd0FEK1B4dVR5RkhHQmxtdW45THhoS1JuaXJJaVFYT3FTUDdWamdrc3RyajliWXNpT1JQeGFMYTNLUzVrY3hOc2paWk11bUNpOHUxeFF6RGJoUUEyNlBTR3JlV0pZS3lIcFZoaFFnZ0ZqNStudHN5TVZVYWxCM083bThJampRL3lSQnpJU3ZQNjVBeFZ2cnZzTkdZYUpHaXEybk9POEd2cnhVTGgyTzRMeFJ2Zz09fA&cppv=2
Request Chain 341
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTGFTa3Axbk1FOGNleTkyRXU0cDRkS0J6dW9rUmdaNTkzSEJHTXozS1FTRjNtSUFZVFBPeU1WRG53UEZsWk5LaU5iVE1qa3dHREpwUg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2y9sznxoN2c2cnFvK1VQYlhSK2IyQUlwcGJtNlg2VTFtaTNiT2pycVgzWEFoY1lneGNhVTkzSktqekEvTi9IdVJBWHdOT2tTc0NOU0ZkVStFY3NpTFdQZ1R3b0J5ZnhNODBpVEJtS0NGUDF2cW56OTV4ZHYrM054Q2ViV05CNWtTVnViTTJLSnJtSCtlU0wyMGVuUllsTUdKSlEwSC9ua0l3QXpZRXZRVFpnUzRMNkpvQ3drQjJDcGx1OVJHR2hULzhUNFBuWUJXMTVDd25MU0p2Q2xlVVNPd2o4QTdXVXFGdXdCYVZlNGw0UUZwa3RwLzEwdElka3dHMFZCbStIbjMyWURZUnJrcjNIUDJSTCt4QThuWlBhUWdCZz09fA&cppv=2
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjcwYTJjNjctMjZiNy0yMjUwLWUxZTctZDE4YTNkODA1OGY3
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEC-iif4S0XSehD-JgINZMts&google_cver=1
Request Chain 348
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5ZTlmNDktMmViNy00NzJkLWFlNzgtNzc5YTE3NDZiZmU5
Request Chain 353
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Dmma%26refUrl%3D%26vid%3D00609928062930625921455251000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928062930625921455251000V10&ovsid=73036259-eec2-4000-9932-c64a5e235247
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjkzMDYyNTkyMTQ1NTI1MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
Request Chain 355
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D00609928062930625921455251000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D00609928062930625921455251000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928062930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Request Chain 356
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
Request Chain 357
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 359
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2930625921455251000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
Request Chain 360
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjkzMDYyNTkyMTQ1NTI1MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
Request Chain 363
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
Request Chain 364
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 366
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2930625921455251000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Request Chain 368
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Dmma%26refUrl%3D%26vid%3D00609928192930625921455251000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928192930625921455251000V10&ovsid=9c026259-eec1-4b00-89ef-7a0ac699afcd
Request Chain 369
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D00609928192930625921455251000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D00609928192930625921455251000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928192930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Request Chain 384
  • https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=1547045236&apnauc=8018516498715904338&bidid=8018516498715904338&dspid=3bc1d7fd2e HTTP 302
  • https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=assets.vlitag.com&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=1547045236&apnauc=8018516498715904338&bidid=8018516498715904338&dspid=3bc1d7fd2e
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEDOKqMtAq5n0hGp3JN-HTAE&google_cver=1
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1&__user_check__=1&sync_id=b526e7f2-bd09-11ec-8bbd-17aa2b400503
Request Chain 391
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=b5269add-bd09-11ec-a55e-1e1026d00403 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUyNmU3MDEtYmQwOS0xMWVjLThiYmQtMTdhYTJiNDAwNTAz
Request Chain 430
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236&adsafe_url=https%3A%2F%2Fshrinke.me&adsafe_type=g&adsafe_url=https%3A%2F%2Fassets.vlitag.com%2F&adsafe_type=ef&adsafe_url=https%3A%2F%2Ffw.adsafeprotected.com%2Frjsi%2Fservedby.flashtalking.com%2F664330%2F55786030%2Fimp%2F1%2F149207%3B5690067%3B201%3Bjsiframe%3BGeniusSports%3BCanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90%2F%3Fft_custom%3D%26imageType%3Dgif%26ftDestID%3D30289913%26ft_width%3D728%26ft_height%3D90%26click%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3D%26ftOBA%3D1%26ftExpTrack%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cachebuster%3D1547045236&adsafe_type=d&adsafe_jsinfo=,id:14418884-f506-68e5-7574-aa7235e1f0ee,c:9Tx8Yk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-764c94599f-25hhk,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,ex:e10,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:BODY,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjsi,et:29,oid:b4f6532f-bd09-11ec-bdf4-daedf06173c0,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41
Request Chain 444
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBiNTQ3Y2YxZS1iZDA5LTExZWMtYjk0OC0wZTk5ODBmOTdhNDE%3D
Request Chain 445
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12bWc0ZnBORTJ1R0dfMnRHNXlodVpZTlBBU2J2RHdLan5B
Request Chain 473
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ&google_hm=bca34109ab6c8e0f610f67db
Request Chain 497
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5BJLHyRJEYw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5BJLHyRJEYw&google_hm=bca34109ab6c8e0f610f67db
Request Chain 529
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2CrxTiPsqOyq5M HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2CrxTiPsqOyq5M&google_hm=bca34109ab6c8e0f610f67db
Request Chain 546
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=dYrx7Xxad2NjR29KM2h5ZzBPa1NXR2JmQ0NKdUx2bVVoRDRNUmFXcmtzQmdJQ0VGWllsV1o2SmEwcnJKYjB4b3o4RVJtU1BOQnBjaXpxTWYyU09yZ0RqSkNHUHBSZ1VXZnlEeVhmbHVkZFdQbDhobEgwTWtnTkd2TzcvdDJIYXFON0taaCttdVdPUVhWckxPZlhRK3lkTkhva1hsaktha1ZCVURvSEova1NVMVQvY29CRG5Bc2hqdTBkOWFSS0w3RWU4cnhyeHJIWFBTdHpLNkNkeno1bElKRmNaV3NNVjI5OWJqSk1GVW9nR1dqaUIzZHBEUXdZUEtYNCtXWjFhTGdhWXhENDNnS3pwK1hsQlZmSFR0V2FHYjJ0QT09fA&cppv=2
Request Chain 576
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F515%3FA%3Dd4393612-11eb-4e6d-9bce-6c1ea2f5d974%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Request Chain 577
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L20ZPO40-P-HI6E&gdpr=0&us_privacy=1---
Request Chain 578
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=544f2531-b8fe-47f1-9555-1b298e97c680 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 579
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=b1b47c4e-5de0-4dec-920a-e9c338f1667f HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 580
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d4393612-11eb-4e6d-9bce-6c1ea2f5d974 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 588
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Request Chain 589
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YlnuwwAItyrlawA- HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlnuwwAItyrlawA-&gdpr=0&gdpr_consent=&_test=YlnuwwAItyrlawA-
Request Chain 590
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:73036259-eec2-4000-9932-c64a5e235247&gdpr=0&gdpr_consent=
Request Chain 591
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKeFJFN0VzOTRBQUN4ejBQM1BUZw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJxRE7Es94AACxz0P3PTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJxRE7Es94AACxz0P3PTg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJxRE7Es94AACxz0P3PTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1407667298119850182 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAJxRE7Es94AACxz0P3PTg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1407667298119850182%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=1407667298119850182&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJxRE7Es94AACxz0P3PTg
Request Chain 592
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 594
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Request Chain 595
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b63a6658-bd09-11ec-abc0-b1992d655dbf
Request Chain 596
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5202d352-a27b-4da3-838a-6778e7af9ed2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Request Chain 597
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 598
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lQCL2ZUG1NFueZ5&gdpr=0&gdpr_consent=
Request Chain 599
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663495379157
Request Chain 600
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650060995183 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 601
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7033473951776023466&uid=Q7033473951776023466&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7033473951776023466
Request Chain 602
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=neiT4Ka5TxevG0lbf8TxCQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 603
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDlERTg5M0UwLUE2QjktNEYxNy1BRjFCLTQ5NUI3RkM0RjEwORAAGg0Iw93nkgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9745ec0943a8afafe627664f42b9f0682b122aa45ec80cd5aeb7166eca2e87e9791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5NzQ1ZWMwOTQzYThhZmFmZTYyNzY2NGY0MmI5ZjA2ODJiMTIyYWE0NWVjODBjZDVhZWI3MTY2ZWNhMmU4N2U5NzkxNDI2YjU0MTdkY2UyMRAAGgwIw93nkgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5NzQ1ZWMwOTQzYThhZmFmZTYyNzY2NGY0MmI5ZjA2ODJiMTIyYWE0NWVjODBjZDVhZWI3MTY2ZWNhMmU4N2U5NzkxNDI2YjU0MTdkY2UyMRAAGgwIw93nkgYSBAgCEABCAEoA&google_gid=CAESEG9ZTdo0IV0Jtsk15RcC_E8&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cfcfd861-115a-44da-b333-a901988e16a0
Request Chain 604
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=73036259-eec2-4000-9932-c64a5e235247
Request Chain 605
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURFODkzRTAtQTZCOS00RjE3LUFGMUItNDk1QjdGQzRGMTA5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 606
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvBxfjkdPyFXzuWXyFcAig&google_cver=1
Request Chain 607
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
Request Chain 608
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 609
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Request Chain 611
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HSN_LLRE2uURUZDqA5q4Z7uRmv9mm7k-~A&gdpr=0&gdpr_consent=
Request Chain 612
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=70cfb835fc201217&is_secure=true&networkId=17100&version=1&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbJL88kmuugNdKvc7AAAAAAA&expiration=1650147395&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 613
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6974400712095498966&gdpr=0&gdpr_consent=
Request Chain 614
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&gdpr=0&gdpr_consent=
Request Chain 615
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a
Request Chain 617
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=98f9d8a4-c6db-46e8-9cd8-a42812b5714e&ssp=pubmatic&expires=30&user_group=5&bsw_param=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 618
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_EE6398FB_6DF84005&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 619
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cdb9b177-83ca-4f23-a66f-dbf900de4272-6259eec3-4341&gdpr=&gdpr_consent=
Request Chain 620
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2697118002783910081
Request Chain 621
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A829E87B40
Request Chain 624
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Request Chain 625
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Request Chain 626
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Request Chain 627
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Request Chain 628
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Request Chain 629
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=62ad56af-4c36-9088-487e-a441903d2169
Request Chain 630
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Request Chain 633
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Request Chain 634
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=90dc3ab6-aae4-564f-f5a8-ea7a34870484
Request Chain 635
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Request Chain 636
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Request Chain 638
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Request Chain 639
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Request Chain 640
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Request Chain 641
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Request Chain 642
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Request Chain 643
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Request Chain 644
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Request Chain 645
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Request Chain 646
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f2992962-8f79-21ce-6056-ec01fdc56d1c
Request Chain 647
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Request Chain 649
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Request Chain 650
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Request Chain 652
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Request Chain 653
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Request Chain 654
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Request Chain 655
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Request Chain 656
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=37dd14da-86e0-156c-ecca-50eee55ffd79
Request Chain 658
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609951842930625921455251000V10&ovsid=2809753603273993551
Request Chain 660
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=0ed5e49e-49ee-46da-a648-45da2b7bcb51
Request Chain 661
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dopx%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609951842930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Request Chain 662
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMJYGQZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMJYGQZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609951842930625921455251000V10&vsid=2930625921455251000V10
Request Chain 663
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952052930625921455251000V10&ovsid=970033154657313410
Request Chain 665
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=4f9a1d51-14d4-49b8-b489-37bd696154f8
Request Chain 666
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dopx%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952052930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Request Chain 667
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRQGUZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRQGUZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952052930625921455251000V10&vsid=2930625921455251000V10
Request Chain 668
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ducfunnel%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=ucfunnel&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 669
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952362930625921455251000V10&ovsid=978758878098887620
Request Chain 671
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=cb21d941-6452-4163-9cbc-8a7281820433
Request Chain 672
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dopx%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952362930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Request Chain 673
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRTGYZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRTGYZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952362930625921455251000V10&vsid=2930625921455251000V10
Request Chain 674
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Ducfunnel%26user_id%3D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=54920c67-c497-4656-975c-d1a928dc114c%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Ducfunnel%2526user_id%253D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=54920c67-c497-4656-975c-d1a928dc114c%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Ducfunnel%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ucfunnel&user_id= HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=
Request Chain 675
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ducfunnel%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=ucfunnel&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 676
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952742930625921455251000V10&ovsid=970033154657313418
Request Chain 678
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=2ff39076-2321-4ad7-920b-9326d28b7741
Request Chain 679
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dopx%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952742930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Request Chain 680
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRXGQZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6VJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDANRQHE4TKMRXGQZDSMZQGYZDKOJSGE2DKNJSGUYTAMBQKYYTAJTWONUWIPJSHEZTANRSGU4TEMJUGU2TENJRGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952742930625921455251000V10&vsid=2930625921455251000V10
Request Chain 709
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Request Chain 711
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Request Chain 712
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Request Chain 713
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188
Request Chain 714
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=14a327a5-908e-47d9-896e-87605a5831ef
Request Chain 715
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2697118002783910081&expiration=1651270595
Request Chain 716
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YlnuwDbW63m27dBuFkHZrwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287302623751
Request Chain 718
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Request Chain 720
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Request Chain 721
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Request Chain 722
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Request Chain 723
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_6259eec3eaa2e&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_6259eec3eaa2e
Request Chain 725
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Request Chain 728
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Request Chain 729
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Request Chain 730
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Request Chain 731
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Request Chain 732
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
Request Chain 734
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b63a6658-bd09-11ec-abc0-b1992d655dbf
Request Chain 739
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Request Chain 741
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Request Chain 742
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Request Chain 743
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=58162d94-2725-4976-b79e-fa0df12771e2
Request Chain 744
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Request Chain 745
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8thcSqGPCkDp2AgW8YlEEKKLXBHp2AxBp4le6n4m
Request Chain 748
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 756
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e0d9300d4640f4daa577bb381009b9e6
Request Chain 758
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=ac59b8426f6f09bc00276e190f679be9
Request Chain 759
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f6c16468e542018855cce940367efb8c
Request Chain 765
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Request Chain 766
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Request Chain 767
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Request Chain 771
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Request Chain 772
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Request Chain 773
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Request Chain 776
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Request Chain 777
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Request Chain 778
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Request Chain 784
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Request Chain 785
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Request Chain 786
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Request Chain 788
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Request Chain 789
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Request Chain 790
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Request Chain 806
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fc43bf9f-3070-45d3-83b0-4b9fdaca6f71?gdpr_consent=null&gdpr=0
Request Chain 807
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/935f32d4-cd62-46fb-9e24-40e2a3da1ce0?gdpr_consent=null&gdpr=0
Request Chain 808
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fa43785e-4b25-4e31-8ff3-b464f403c1aa?gdpr_consent=null&gdpr=0
Request Chain 809
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 810
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 811
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Request Chain 813
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k&gdpr=0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=73036259-eec2-4000-9932-c64a5e235247&expires=30&ssp=rtaplus&bsw_param=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=8e82fb69-6b51-4f31-baa4-500386e0ddf0
Request Chain 814
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID HTTP 303
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=2697118002783910081
Request Chain 816
  • https://creativecdn.com/cm-notify?pi=connectad HTTP 302
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1 HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=0XBRe1cabWiJP2Mj0IBi&pi=connectad&tc=1
Request Chain 817
  • https://cs.emxdgt.com/um?ssp=pbs&us_privacy=1---&redirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Demx%26dataid%3Ddata2%26uuid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Demx%26dataid%3Ddata2%26uuid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLmNvbm5lY3RhZC5pby91bWF0Y2gvMT9iaWRkZXI9ZW14JmRhdGFpZD1kYXRhMiZ1dWlkPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6974400712095498966&redirect=https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLmNvbm5lY3RhZC5pby91bWF0Y2gvMT9iaWRkZXI9ZW14JmRhdGFpZD1kYXRhMiZ1dWlkPSRFTVhVSUQ= HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=6974400712095498966brt57451650060996685746a4
Request Chain 818
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID HTTP 307
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=bca34109ab6c8e0f610f67db
Request Chain 827
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 828
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlnuwwAItyrlawA-
Request Chain 830
  • https://match.adsrvr.org/track/cmf/openx?oxid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0&gdpr_consent=
Request Chain 832
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
Request Chain 837
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Request Chain 838
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=73036259-eec2-4000-9932-c64a5e235247
Request Chain 839
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJxRE7Es94AACxz0P3PTg&expiration=1651270596
Request Chain 840
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9095998362304174636
Request Chain 841
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c22b40bc-506d-4030-bd19-ab24bfbbd6ed
Request Chain 842
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
Request Chain 843
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652996&gdpr=0&gdpr_consent=
Request Chain 848
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=A183E41957ED45CB8401B24CC9FFCD13 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=4EF02F2207334D239595025E9C33732B HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=52ebb55f-282e-4db0-9560-52580402bb53
Request Chain 849
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 850
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sC-WAs4xCAyPFFS-xu5ZYg
Request Chain 852
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=98f9d8a4-c6db-46e8-9cd8-a42812b5714e
Request Chain 854
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 855
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6b517f92-c61f-44fc-9add-1184414502cf
Request Chain 856
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
Request Chain 857
  • https://pixel.onaudience.com/?partner=214&mapped=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2437e4dca5f33073
Request Chain 858
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=&fbounce=1
Request Chain 859
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 861
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6974400712095498966
Request Chain 862
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3cde8ad-1ff0-4177-acc6-884ff3ba91ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 868
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Request Chain 871
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109

898 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0GNZk
shrinke.me/
Redirect Chain
  • https://bit.ly/3NMcN6r
  • https://shrinke.me/0GNZk
68 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94430051fecb7f1362eb51467b7d81a77579127b919430870598b12b803fa9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fc80bc10ca07154-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk4z4TYgNMyMyrPXqkZvTDCI5EGpL8BsmaeJdTDDSwZU1Bx%2BSk%2FvCS9MiZCOb%2FqjGVgG5FYWx3dcFltuuho8P1g7pQAt7ZSIGDMxhRZ4N%2BFC2bZV%2FS%2BdiIbB2uYGxUTmc5spnLdnjevc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
111
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:29 GMT
location
https://shrinke.me/0GNZk
referrer-policy
unsafe-url
server
nginx
via
1.1 google
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 22:16:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Apr 2022 22:16:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Apr 2022 22:16:29 GMT
styles.min.css
shrinke.me/modern_theme/build/css/ 		187 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1909176
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2ec69-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U%2BPyaOs2ifqaviP0hB7toqoTUUbWSpW1jRNczYYxzke3fHYSaHU56l99j8n59Ov1L5LaSyF5vEdzpOldq8LPx2wMVXMnLXc6nhZKO72b%2FNRiabN%2B7kLA7PJV1g8wM3R3Z7%2Fml9%2FgR7B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6fc80bc26e607154-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
sw.js
shrinke.me/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/sw.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1909176
cf-polished
origSize=98240
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17fc0-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSCTiECXEFi0igoSdUv%2B1wbdRGjM6WkBhm4fSNPl4uRUrfPXpDrb6tfleRBhxSUTn6pJeHmheF4nIRYC2dSBCAM6Uz%2BmoNEqoA%2FvVCW1rxp%2BXbYUTuq4mIsVLbuML5a02Nq1M0As5ZHr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6fc80bc26e647154-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
/
d301cxwfymy227.cloudfront.net/ 		290 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e1b7a7252904cc3a7c978b8b501cc4ce55f5e104c9764726d29737213533884

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:29 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
96810
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-id
VaFGAB4ZtRd3mNykWL4pCkYyK1dSl4ARsyIBKofQo27cvfleJj2YPQ==
logo-sm.webp
shrinkme.io/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/logo-sm.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8955 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25551855
vary
User-Agent, Accept-Encoding
content-length
31236
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
etag
"7a04-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJuY7WdTedRmxiIJ8phdvmv0Uw5Qu9p6CgySZhCSHc1r09S8IStITd05Tw02h1fPadZIN%2FsKrClNoePEbxHR7xiAq1wbkyMg3t2sfxkZAd5CbjOYIH4HzTHVMKHJSVXqSg8yGhRk1w4NZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6fc80bc364117136-YUL
expires
Fri, 24 Jun 2022 04:32:15 GMT
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15757980
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9Jw7b0PSnXA9g%2FVwwYjfxcWS2%2F%2FbG4SKrMqAx51TP0hFbnQORVGVRsm1h%2FICcdCjGAeYdUpJQsFszJ4eycln2umTpHA0cf3D7Om%2F1agnlCY6YrS6NaPpRKw2ATvLwVEqUVgzRrutnP31Vj7kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bc3e8a17138-YUL
expires
Mon, 10 Oct 2022 13:03:30 GMT
email-decode.min.js
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFxBVxx8vL%2FYKRm48FXW4t3mAUe3EqptVeDEDnrUHWPDuITXqoUNUXz0mf51gXedv4PZQf1yEwmSiaedWtuHjn0wj7bxxvuH54wSAPF6HhjkwYhBPznqNcfexqTtxU40%2FIILrHIuHEoX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc80bc2fbc44bca-YUL
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 22:16:29 GMT
ads.js
shrinke.me/js/ 		190 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/js/ads.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1909176
cf-polished
origSize=191
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bf-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJadpWI1YoJU7dNPmhylLqPPssuXCrjoO6ItSivNSBqz%2BbxHQUTs9LhVT8%2BmpuSyiV2%2BKMNkJh7%2BG%2FDsBvS%2Fd2nMbowZQrx%2BQbbQZd%2B%2BpCT%2BrqrgsUMNk1ZxvYRrqwHLdAyIpA%2FHtk7S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6fc80bc30be84bca-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
rocket-loader.min.js
shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sb0oZAhhte4uLwWZb0ry%2BrCCeg5e3RjuBTkcR1GuaCOVksENy2LlM4tTjco%2FT2PbdTd8hGByAkqTzpK5fca0PEnJzDwNxqqQhG0k5HuT924RPPONJjQ7dis1%2BhJGZdrdokOlX5ftUhKB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc80bc3dcdc4bca-YUL
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 22:16:30 GMT
RVIwWXQ%2BcEMuKzAgXHtOZzpELQQ2aB92By0gWTcfIHxdPFs2JR4zB2d%2BEioZI3AKaFhnJlE%2BKyw2EmNWcmsCa018cBx7BzAwbzAQd3AKexJ0NAM6TSRhHW4WcGodbUYmax1hQSBiHT1NJGQJOEdxYVRoTWcv
leaderhistliness.info/ 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leaderhistliness.info/RVIwWXQ%2BcEMuKzAgXHtOZzpELQQ2aB92By0gWTcfIHxdPFs2JR4zB2d%2BEioZI3AKaFhnJlE%2BKyw2EmNWcmsCa018cBx7BzAwbzAQd3AKexJ0NAM6TSRhHW4WcGodbUYmax1hQSBiHT1NJGQJOEdxYVRoTWcv
Requested by
Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8bbb20c061450a9b4aa408dd6eb27c487325992874afe87102876dcfbef54090

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"e0ea-HiJk12otushxS7qeDaJE/vQnb3g"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
/
freychang.fun/ 		26 B
715 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6912502efc2e87be3756651a37c02a145d9a5db4871b19d6d3e240c34dc68392

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrFQqh9TIn88BNO96bElmrWv5Olht%2FXhy8Cbjpfnu6Sp2hwQiAbSurjnq6pT29orn6sRqzjcHCfAzdz7u4MnNvoI6q6LQmyZAxOiUSe8fd%2FaPR%2FHUrPrwIZk8sFK0ECPo2gy2w%2Bm429GVna3"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6fc80bc42cdc4bbe-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ystemgthr.com/ 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/utx?cb=G6k3DIp8BpzL&top=shrinke.me&tid=792297
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
veQ1r9H_Sj-5_zsRRDpTX4QVJFEiS-lkw4ff9wvIQwIMsyK2WyA6WQ==
/
freychang.fun/ 		27 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eddcc90ca61e6537fa57a01c9623d71eab1b35987572af9014d914bc57f62b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM185SUh9qzmPzslz4XfQHYg4B5NnS6UmRZjR%2BrWPVVNkLxbd0Pc3r3XjvP8J8oVL%2FiwAqcZOne0x0LU0uOS%2FJJICpyS8pYGZJ7AQvmXzrkuMtVT72%2FBLPkcW2Ww6Hvu7U4wsSjm2%2BYr3oIA"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6fc80bc42cdd4bbe-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ystemgthr.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/utx?cb=9JlKsGXynUD9&top=shrinke.me&tid=829554
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
2bWsXKtN9J54e2WThtFEfeGL5U5-LyQdSwTaQgdc6dZI5BA9xbRHTg==
NXV0anAaShcZTWIfMhg9ckAFKCZSMSM9H3ctNSQWbAIcCTJzFlIeGVFIQ1NCB0xDTABcEUlbVkYBFR4FRkhFTBlbExtXVkNIRURDAVtGX14FUwFXQRMBBAsXCERSGgRBGUlbRgBFRFxADExEWkUM
pertyvaluati.com/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pertyvaluati.com/NXV0anAaShcZTWIfMhg9ckAFKCZSMSM9H3ctNSQWbAIcCTJzFlIeGVFIQ1NCB0xDTABcEUlbVkYBFR4FRkhFTBlbExtXVkNIRURDAVtGX14FUwFXQRMBBAsXCERSGgRBGUlbRgBFRFxADExEWkUM
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHca6OJ0gLCqCvnK2%2FdMso4iKvAIRQyWJXwsj5Iio7awlCYbKs1%2BfHqjx4inxJUstkxHuhv5UdrcZh%2FaHFkZxiz%2BGrFeK2vUa3Q%2Bp04hztDsvUOLEkvqW7EVZ5EflzcX2VjlILfwaNeAhJUQ93uo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6fc80bc469637139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
popunder.gif
pertyvaluati.com/ 		35 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pertyvaluati.com/popunder.gif
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
public
date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 18:11:46 GMT
server
cloudflare
age
14684
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Gfzq7ypgn5%2BM0VmjIQx8%2BHRRBAhrxLSswhCJaf1%2FKxdcLMIFu93DSjFqQRVIwmOKmEBUb%2BqRU2LOJdgH%2BIkBqI%2BfaqYI9FlCMCbAnP7BDJQaD8O%2F9YzDUvNjRT9frrDOGog0RoDqe%2BRKd9UIl7n"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc80bc469647139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ampXVFRFVTQnaT0tbiMFWAI4DD8sEwADZQg7ORowCFtuETFbDXEgPQ5XYG1mWFNvciQDDmplbEwZIzUgHxlqZXIDBDE7aUwcamV6WkRmemRMH2plch4aNjNpW0wnICAGV2ZiYVpaYWRtU1pnYm0
pertyvaluati.com/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pertyvaluati.com/ampXVFRFVTQnaT0tbiMFWAI4DD8sEwADZQg7ORowCFtuETFbDXEgPQ5XYG1mWFNvciQDDmplbEwZIzUgHxlqZXIDBDE7aUwcamV6WkRmemRMH2plch4aNjNpW0wnICAGV2ZiYVpaYWRtU1pnYm0
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyvU2YFYANsOU2ztiJY76kANKrazTfGUV%2F28RWOxm%2FJD5okbnLtdNsG5ClvzvQBod8sZ7FqUg%2BPq52v7FAdOla4BWLgttSTdKYs0CRd1oBwJX557MEaHUHbKZxmqdks2w6UJwIs9I0NVcWhDaFuQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6fc80bc469657139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
WVl3UzYFCH5Hf0ofNxQyGR9+RGAFAiUae0oafkRoXEJ2QmhcSjZId0oYMxQhUV1lBTIYAH5EcFlcc0N2VVVzRXFb
pertyvaluati.com/bGxDdUZDUyAGezY7BkcIXgQUIAchKBQjHD4uJCMXNDooJQcAXGUBLwhRe0d/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pertyvaluati.com/bGxDdUZDUyAGezY7BkcIXgQUIAchKBQjHD4uJCMXNDooJQcAXGUBLwhRe0d/WVl3UzYFCH5Hf0ofNxQyGR9+RGAFAiUae0oafkRoXEJ2QmhcSjZId0oYMxQhUV1lBTIYAH5EcFlcc0N2VVVzRXFb
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BxdQPmkapH69QMn3dM8rfh30%2FFEpKUO7LNYHcoO5%2FRbbgLAdU7bH5La%2BDrBPJREMjT2pZ%2FZVwoiSDtkXMTmhPela9gqjwt5B9B3XOsBkngaYutDZgQgcHozs6Vag4cmXpbzzneHsYgHwEkyAJ60"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6fc80bc469677139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header9.webp
shrinkme.io/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/header9.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8955 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15746365
vary
User-Agent, Accept-Encoding
content-length
130482
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
etag
"1fdb2-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdrJwls908w8znitFZBtIHDX%2Fsa3hRPxx7efN4XBl2KMylKqrDPgsnNvAnGqrtk24wZj9h3SIQvJxjQ11slqxpLbAOvIqjS4gLDZ9WmwO93pa4MdQrXP3xccrVkMkY9OEoMoXlRkeX%2BoMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6fc80bc424447136-YUL
expires
Sat, 15 Oct 2022 16:17:05 GMT
0GNZk
shrinke.me/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinke.me/0GNZk
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc80bc42d504bca-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVGr3MyyJDOLgSYE47tkECNgCZwhXH6ZkNKATpylyUBi00dOx2kcDGNnLv%2F%2FAc6cQ%2BUSAbp4Z97uV7mNz0CM%2FzaEifvFfcksZ1po5Jp04rKN3yVzb9Rj9Ke6iGXnHho6E7oU4Y6cs9Tf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
expires
Thu, 19 Nov 1981 08:52:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shrinke.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 17:00:30 GMT
x-content-type-options
nosniff
age
278160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 17:00:30 GMT
fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Origin
https://shrinke.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2906
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt6R8zuhrGYM0GUwfiFfrL%2FgyErE31pQqJNZcpGYzaJUtPpL6ufm1zPnFteVqI%2FrR%2F5q33jlj8ArleJAd59phH7ifdDOJNtczHLWKRLZhSZIPKy1cOTxSg4q82Gr5Xcj%2F5UGkcOV7SX%2F"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc80bc42d534bca-YUL
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shrinke.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 02:06:39 GMT
x-content-type-options
nosniff
age
158991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Apr 2023 02:06:39 GMT
1844b8e470c024a415cff51a0843d71c.js
roofprison.com/18/44/b8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roofprison.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:30 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
api.js
www.recaptcha.net/recaptcha/ 		921 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
818829c7d0ce7605650b09a07ec00e18bac80f4a183b15d3203c3879b4d455b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Fri, 15 Apr 2022 22:16:30 GMT
script.min.js
shrinke.me/modern_theme/build/js/ 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/0GNZk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1909177
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"32956-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZkT1PpSmgqd7Be6cUjNM53nmiD20sxH981ENkvxIlskHFLvigDa%2B0Uong53JP2viXq%2F4eB8SclajoDWQb2YG%2FXUKo7GXDekQVFM3z5a2dju7RYKgnAqwfSHfhookapq%2BDYFCpMhsZki"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6fc80bc45da54bca-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
11628
tags.orquideassp.com/tag/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/11628
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:de00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
30077e599842195e23d382b85dd6d3ab8bbb43bf3bfb2529422dc6e970bf6632
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2046
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Fri, 15 Apr 2022 21:42:39 GMT
content-length
829
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33d-bgxjTDcdm+XlaWDc7C8HVn0kSGU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
ZlVa-9z9v6WzsEShMpIEmSoLVH1ZrPBOY4P4xDHwBAzqCaCT6GIleA==
12656
tags.orquideassp.com/tag/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/12656
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:de00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
90330951e486dd4303a83f369db490420782093ddeba680cc36e97744de4fd42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
686
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Fri, 15 Apr 2022 22:08:02 GMT
content-length
829
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33d-W4YgcT6ILQyLQIqyYkgXO3XMOEQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
xffug88dVl_XM7ftGz7eXH00byqufw8Izmete124dEasmFNqMrWaEQ==
/
services.vlitag.com/adv1/ 		993 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba6bf7c29cfae74fbfe7f5250fe1ffb2c92ee3c2f89f868558129e3c2080b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Apr 2022 22:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6fc80bc49e80713e-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e4a"
vary
Accept-Encoding
x-hw
1650060990.dop010.dc2.t,1650060990.cds167.dc2.hn,1650060990.cds102.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
765afe2f6054948440805c509a94a644dfd7c4d79e1c5bce5aee814b11b91f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38610
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 22:16:30 GMT
WnVzMmI7FxBfXTtIERQXKBlOF1AcUEF0BmlFQlEaLRMKXxtoR0QcATYaBlYEKBodRkw0EAcXUBw0KWUaIhYYayUbDUtnBwgwNXQ3Yw0rdFceJkB0JhgSOlYpGCMhYhgURzB2CRIwN2A1GxkQdTIbMyFjNAsEMXMrDSFBcyMbHTliBmo4PXQwGEImZw0cNBpZLQ8nJ...
ystemgthr.com/ Frame 06CC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/WnVzMmI7FxBfXTtIERQXKBlOF1AcUEF0BmlFQlEaLRMKXxtoR0QcATYaBlYEKBodRkw0EAcXUBw0KWUaIhYYayUbDUtnBwgwNXQ3Yw0rdFceJkB0JhgSOlYpGCMhYhgURzB2CRIwN2A1GxkQdTIbMyFjNAsEMXMrDSFBcyMbHTliBmo4PXQwGEImZw0cNBpZLQ8nJmMuCAIQcTA9EjBVDgI3ClY7GydHey4tHjJ3JD5FOgMOPCQefDoCMxh0Li0GOnoFD0QidFcYPTd4IwIeNXYGMQEQZCcfMCJ0Vxg3IAouDR4lagYJETljUhNQQXA3ax0qZFEIIzdjTx82OFUjODMxcxYeNxtnMxs3ImpSABYXZCwQJEN4Fx4SInQqIwUyaggQLRd0NxsyMVkICzNGcCQJODRwGm8XKgMGOTAbXVIZEjZnNGkkGWo3HDYSdDQZJyZCR2gzJgIoHSdBfDoCNDpmKxskFnUkPkU6Aw4ZJyRaNQ0ZEHoHayRVWBE1GwMPLBtFHmcUOAdAXA
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
c113fb4c2b0fe64c41990996fd20afed088fac3a50f0f67c7ab512bfef5bec64

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1227
content-type
text/html
date
Fri, 15 Apr 2022 22:16:30 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-amz-cf-id
MDKmkYq148SShxD6DXt0CoZHcnPDOmHy5ZJ9nAGUjRTC_l0236J58g==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
LgN8B1oyRypPVDMCfgEXKVwjQ10sQiNYTWReKUIceHYFZ1cbBS5YcCJ3fVVwHmQVUmEcfgpTCRN8GgZJIXgnWXsCdAZ8bTBHFn1sAFoCQXgLciBBWwJyBXVbD1cLeXsLdRRaaD92GlVzHgIdZG89ARxVCABpD157bwIKZ3tyUgkFARBmJGdbBlgkb2p6cQlnay5VG...
ystemgthr.com/MEw2OUpRLlVUdVFxVB8/QiALHHh2aQR/ Frame 8BB4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/MEw2OUpRLlVUdVFxVB8/QiALHHh2aQR/LgN8B1oyRypPVDMCfgEXKVwjQ10sQiNYTWReKUIceHYFZ1cbBS5YcCJ3fVVwHmQVUmEcfgpTCRN8GgZJIXgnWXsCdAZ8bTBHFn1sAFoCQXgLciBBWwJyBXVbD1cLeXsLdRRaaD92GlVzHgIdZG89ARxVCABpD157bwIKZ3tyUgkFARBmJGdbBlgkb2p6cQlnay5VGgV7D3UeXVsGcg5hfht2ImReIXEOW10NcxoPeih1HVVhHnIiZF4hagtPQQl0GUJ7C3YJemEtQHxnewh8HX5wHGMeAlwARwJVfQhbPnd7Z0gveHEueAhdewhUCnN1ElwjRnEPAAh+VC53KV1NC1MkXmgIYihYay1bBnBAD1YaXV0SUwlkWAhXDUJ+HEgAZ3gYdg9gDClTIFl3HFs4Bm4tBS5gCgh1H1EBH3k7bGgZAA1zaBtAFm5xDHMETk0aUzsQUzlfIkYEPGInXQ8QaT50Sy9FImZPHw
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
f20fec333c5683e1aa2b59379965718b25c4a0e3d3afabed436f7b61d7ba0855

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1221
content-type
text/html
date
Fri, 15 Apr 2022 22:16:30 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-amz-cf-id
I1nPCJOXZdMVBOf5M56nTusDwL_XWVxgL8NuplAqqhj06lQ9Au8LcQ==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
AABlMkQ9IjNlRwImER9cZngHLmc
ystemgthr.com/WDdSTEM5VTEhfDkKMGo2KltvaXEeEmAKJ2sHYy87L1ErITpqBWViIDRYJyglKlg8OG02UiZpcR5FARQzN3ooCTIeZggaBzIHBggCbH03fA08dTUaNR11Ji8bIlsaCwQWVRU2cxx1JRkNHHM1GhEMejcaEhVvGB4wH2ETNDUQQAgdBxBfMQ8VPGM... Frame C6B8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/WDdSTEM5VTEhfDkKMGo2KltvaXEeEmAKJ2sHYy87L1ErITpqBWViIDRYJyglKlg8OG02UiZpcR5FARQzN3ooCTIeZggaBzIHBggCbH03fA08dTUaNR11Ji8bIlsaCwQWVRU2cxx1JRkNHHM1GhEMejcaEhVvGB4wH2ETNDUQQAgdBxBfMQ8VPGM2CXYXZWIJLh1hBBQWIX4WCwYsVR40FhZxBx0sCkAELxAhdgUOBRFiNzY7PH8DCjALcTUuETF2BwgFIHAdIHo5dmN0egAGPQgCEFsHGwEBdBF9ejl2YhUkHnFmBAUQWGYYEh11Hxk7O3A6HnQLUH8gBwlkByoLaW0GBSsVVBQrDghjYz8GEAQiARcJchAVER12AH00NG9jPDQefyYHAR5HMwAFYVYTfRorcAMCIB9wKgUUHnUIAzsNcQQkEW9nFCcHGWA2BxE/VBgvBiBwEA0RK2QUJAINdGouBDRYByk5IFMTDRk2ZAR4FQp/AABlMkQ9IjNlRwImER9cZngHLmc
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
6ab326549c743a2119e94d398e27a27ccb70b38f8cc512637eb83ea5cfea2685

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1232
content-type
text/html
date
Fri, 15 Apr 2022 22:16:30 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-amz-cf-id
ROopCEwoMtFLApLWFjpRyIAdaoMBb2ezZ5fWpEIq_v3c0E1bf1kc7w==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
multi
ystemgthr.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ystemgthr.com/multi?cs=a0JRVjdYc2RiBlhyYWQPU3poYwI&abt=0&red=1&sm=76&k=shrinkme%20highest%20payout%20short%20shortener%20link%20earn%20money&v=1.0.57.0&sts=0&prn=0&emb=0&tid=829554&u=1091333660925711&agec=1650060990&fs=1&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F100.0.4896.75%20safari%2F537.36&tzd=0&uloc=&if=0&_kUnr=1650060990263&crc=1
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-108.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
21056f2ba4990f31d0f7f5757986eb674f84dd9f10ebb7b5675e41d3e76c8cbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
1419
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront)
x-amz-cf-id
1da6Xtx6DkQMZuD3XU98pxmberV7NUYyhE0yoZIeU_x-BID_8MkaCw==
U0JGR2NXXAITIAQeGFd0I1lCRWhWWlcHe1Q
d301cxwfymy227.cloudfront.net/AZWxxckYGAx8UeREFFU9xXF5DS3FDBgIdKBVRPzN2CDkHEDRWAlcGPAFRQVQqBAIWT2AAAhJPd0MNFRB7UUoFAikOURUQLRwcCRggCglXBydYAR4ILwkAEFd0I1lfQmNXXFkFLwsIHgU1QF5BHDJAXkFDdktcVEEEQF5BBS... Frame 06CC 		734 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/AZWxxckYGAx8UeREFFU9xXF5DS3FDBgIdKBVRPzN2CDkHEDRWAlcGPAFRQVQqBAIWT2AAAhJPd0MNFRB7UUoFAikOURUQLRwcCRggCglXBydYAR4ILwkAEFd0I1lfQmNXXFkFLwsIHgU1QF5BHDJAXkFDdktcVEEEQF5BBS8LWkVXdSdJQ0I+U1hYV3RVDQ-ECKgAbFBAtDBhUQABQX0ZcdVNJQ0JuDgQFHypAXjJXdFUAGBkjQF5BFSMGBx5bY1dcEho0CgEUV3QjXUFCaFVCRUp/U0JGR2NXXAITIAQeGFd0I1lCRWhWWlcHe1Q
Requested by
Host: ystemgthr.com
URL: https://ystemgthr.com/WnVzMmI7FxBfXTtIERQXKBlOF1AcUEF0BmlFQlEaLRMKXxtoR0QcATYaBlYEKBodRkw0EAcXUBw0KWUaIhYYayUbDUtnBwgwNXQ3Yw0rdFceJkB0JhgSOlYpGCMhYhgURzB2CRIwN2A1GxkQdTIbMyFjNAsEMXMrDSFBcyMbHTliBmo4PXQwGEImZw0cNBpZLQ8nJmMuCAIQcTA9EjBVDgI3ClY7GydHey4tHjJ3JD5FOgMOPCQefDoCMxh0Li0GOnoFD0QidFcYPTd4IwIeNXYGMQEQZCcfMCJ0Vxg3IAouDR4lagYJETljUhNQQXA3ax0qZFEIIzdjTx82OFUjODMxcxYeNxtnMxs3ImpSABYXZCwQJEN4Fx4SInQqIwUyaggQLRd0NxsyMVkICzNGcCQJODRwGm8XKgMGOTAbXVIZEjZnNGkkGWo3HDYSdDQZJyZCR2gzJgIoHSdBfDoCNDpmKxskFnUkPkU6Aw4ZJyRaNQ0ZEHoHayRVWBE1GwMPLBtFHmcUOAdAXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1c0f37e00b9045caa382b7295e6072c5ff2378889d10b81572dfb8911d7b24c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ystemgthr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
519
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-id
qxy_seTHL59vzWp3su-76GI6t1pV_ieh3eNZNNj2x5I9EpzuZ1olZg==
rSXpoMzEqFQZVDj0TDA4Je0NdBgVvEBtcXzlHGGNbGz0DBwUNDDgVRTMeVQMXJRsGVAxvHwZQDHhcCVdTdE5OR0EmEVVXUyIDGEtbLxUNFUQoRwVcSyAWBFIUezxdHQFsSFgbRiAUDFxGOl9aA189X1oDAHlUWBYCC19aA0YgFF4HFHo4TQEBMUxcGhR7Sg-lDQSU...
d301cxwfymy227.cloudfront.net/ Frame C6B8 		575 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/rSXpoMzEqFQZVDj0TDA4Je0NdBgVvEBtcXzlHGGNbGz0DBwUNDDgVRTMeVQMXJRsGVAxvHwZQDHhcCVdTdE5OR0EmEVVXUyIDGEtbLxUNFUQoRwVcSyAWBFIUezxdHQFsSFgbRiAUDFxGOl9aA189X1oDAHlUWBYCC19aA0YgFF4HFHo4TQEBMUxcGhR7Sg-lDQSUfH1ZTIhMcFgMPT1sEH3pMTQEBYREAR1wlX1pwFHtKBFpaLF9aA1YsGQNcGGxIWFBZOxUFVhR7PFkDAWdKRgcJcExGBARsSFhAUC8bGloUezxdAAZnSV4VRHRL
Requested by
Host: ystemgthr.com
URL: https://ystemgthr.com/WDdSTEM5VTEhfDkKMGo2KltvaXEeEmAKJ2sHYy87L1ErITpqBWViIDRYJyglKlg8OG02UiZpcR5FARQzN3ooCTIeZggaBzIHBggCbH03fA08dTUaNR11Ji8bIlsaCwQWVRU2cxx1JRkNHHM1GhEMejcaEhVvGB4wH2ETNDUQQAgdBxBfMQ8VPGM2CXYXZWIJLh1hBBQWIX4WCwYsVR40FhZxBx0sCkAELxAhdgUOBRFiNzY7PH8DCjALcTUuETF2BwgFIHAdIHo5dmN0egAGPQgCEFsHGwEBdBF9ejl2YhUkHnFmBAUQWGYYEh11Hxk7O3A6HnQLUH8gBwlkByoLaW0GBSsVVBQrDghjYz8GEAQiARcJchAVER12AH00NG9jPDQefyYHAR5HMwAFYVYTfRorcAMCIB9wKgUUHnUIAzsNcQQkEW9nFCcHGWA2BxE/VBgvBiBwEA0RK2QUJAINdGouBDRYByk5IFMTDRk2ZAR4FQp/AABlMkQ9IjNlRwImER9cZngHLmc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4cba1a14b8728cc0d32c9c912622445fe4d7b0d796b8a309c5aea7c9d9b017db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ystemgthr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
436
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-id
h-nHhOu6DoDEhe-MRQLXyGyTSwCbKof1-NdEehCQ-DMZrEmmBDNU7Q==
QB8bE38ZVhQbLhhYS0AEQRdeV3BEERkbLBBWGQFnRgkABmdGCV9CbEQcXTBnRgkZGyxCDUtBAFELXgp0QBBLQHIVSR4eJwNcDBkrAB-xcNHdHDkBBdFELXlopHE0DHmdGektAchhQBRdnRgkJFyEfVkdXcERaBgAtGVxLQARFCV5ccloNVkt0Wg5bV3BESg8UIwZQ...
d301cxwfymy227.cloudfront.net/IQnQ5bnIhG1cITTYdXVNFe0YLV0pkHkoBHDJJTzwZKUJjNwAABlwbHBICbEgGOBAEXlQuFVcJT2QRVw1Pc1JYChB/ Frame 8BB4 		188 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/IQnQ5bnIhG1cITTYdXVNFe0YLV0pkHkoBHDJJTzwZKUJjNwAABlwbHBICbEgGOBAEXlQuFVcJT2QRVw1Pc1JYChB/QB8bE38ZVhQbLhhYS0AEQRdeV3BEERkbLBBWGQFnRgkABmdGCV9CbEQcXTBnRgkZGyxCDUtBAFELXgp0QBBLQHIVSR4eJwNcDBkrAB-xcNHdHDkBBdFELXlopHE0DHmdGektAchhQBRdnRgkJFyEfVkdXcERaBgAtGVxLQARFCV5ccloNVkt0Wg5bV3BESg8UIwZQS0AEQQpZXHFCHxtPcw
Requested by
Host: ystemgthr.com
URL: https://ystemgthr.com/MEw2OUpRLlVUdVFxVB8/QiALHHh2aQR/LgN8B1oyRypPVDMCfgEXKVwjQ10sQiNYTWReKUIceHYFZ1cbBS5YcCJ3fVVwHmQVUmEcfgpTCRN8GgZJIXgnWXsCdAZ8bTBHFn1sAFoCQXgLciBBWwJyBXVbD1cLeXsLdRRaaD92GlVzHgIdZG89ARxVCABpD157bwIKZ3tyUgkFARBmJGdbBlgkb2p6cQlnay5VGgV7D3UeXVsGcg5hfht2ImReIXEOW10NcxoPeih1HVVhHnIiZF4hagtPQQl0GUJ7C3YJemEtQHxnewh8HX5wHGMeAlwARwJVfQhbPnd7Z0gveHEueAhdewhUCnN1ElwjRnEPAAh+VC53KV1NC1MkXmgIYihYay1bBnBAD1YaXV0SUwlkWAhXDUJ+HEgAZ3gYdg9gDClTIFl3HFs4Bm4tBS5gCgh1H1EBH3k7bGgZAA1zaBtAFm5xDHMETk0aUzsQUzlfIkYEPGInXQ8QaT50Sy9FImZPHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cfddab1b205cee06e2f9d5626e92cc0e3ea758ab03bd2aa009e664b2c99b3a10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ystemgthr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
185
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-id
PFbhByA3E1WqTFtT6uwpJ3oeF9GESTB-kSW0wlGT4Zj91OftHxMixw==
utx
motoriesm.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://motoriesm.com/utx?tid=792299&top=shrinke.me&cb=A2GGbAFOqMaa
Requested by
Host: leaderhistliness.info
URL: https://leaderhistliness.info/RVIwWXQ%2BcEMuKzAgXHtOZzpELQQ2aB92By0gWTcfIHxdPFs2JR4zB2d%2BEioZI3AKaFhnJlE%2BKyw2EmNWcmsCa018cBx7BzAwbzAQd3AKexJ0NAM6TSRhHW4WcGodbUYmax1hQSBiHT1NJGQJOEdxYVRoTWcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.118.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-118-70.ewr52.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
via
1.1 233fdf58f872ee4c13da2719cf945c9c.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR52-C3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
aJqVfOwQSyntO5RORO_E8FtW-_0KjPyJWpY2eqw9EtIz6OQCfnV_gA==
/
ithdedukica.com/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ithdedukica.com/
Requested by
Host: leaderhistliness.info
URL: https://leaderhistliness.info/RVIwWXQ%2BcEMuKzAgXHtOZzpELQQ2aB92By0gWTcfIHxdPFs2JR4zB2d%2BEioZI3AKaFhnJlE%2BKyw2EmNWcmsCa018cBx7BzAwbzAQd3AKexJ0NAM6TSRhHW4WcGodbUYmax1hQSBiHT1NJGQJOEdxYVRoTWcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
sw.js
shrinke.me/ Frame 		0
0
/
d301cxwfymy227.cloudfront.net/ 		47 B
444 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
73
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-id
srdeldfQ5sAW51vlAynSfd0fyI50rscd-5VXtwu6FqhYF2b-43eHTQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
e92cafee3154b49923807019a0450b5a82b36253f7155d3adc55070c96332c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28543
x-xss-protection
0
server
sffe
etag
"1188 / 349 of 1000 / last-modified: 1650060417"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Apr 2022 22:16:30 GMT
impress
exchange.adtrue.com/delivery/ Frame 6E55 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
804d6c78c2da5437b8b8885b577965a5dfcfaa1e5a78b8d81a8e29ccabf647cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
nginx
x-adtrue-instance
java3
content-length
4618
content-type
application/javascript
icon.svg
supertruco.com/ 		1 KB
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Fri, 15 Apr 2022 22:16:30 GMT
x-ac
2.yyz _atomic_dca
expires
Fri, 22 Apr 2022 22:16:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5554
date
Fri, 15 Apr 2022 20:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 22:43:56 GMT
impress
exchange.adtrue.com/delivery/ Frame 5BDF 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c57428d27c947f2549a0c55847fcdc4eb1dcb89ab8036e25591440006f93684d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
nginx
x-adtrue-instance
java2
content-length
4618
content-type
application/javascript
vld.json
services.vlitag.com/uv/ 		13 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/vld.json?page_url=https%3A%2F%2Fshrinke.me%2F0GNZk&mtk=8509&ctt=1650060193
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 22:08:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://shrinke.me
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6fc80bc678fa7148-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
x-robots-tag
noindex, nofollow, noarchive, nosnippet
b696d0f5c06dbd9fd83feb568718537b.js
tag.vlitag.com/v1/1650060193/ 		545 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2cc6759776cc50322ffef2d0f7b924f0cdca42bfd6dc4f79a12ffc6941416f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 22:03:14 GMT
server
cloudflare
age
670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6fc80bc67933713e-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Origin
https://shrinke.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:02:15 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=156797749&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=106968285&gjid=558855005&cid=1062149969.1650060991&tid=UA-137383949-1&_gid=1870308712.1650060991&_r=1&gtm=2ou4d0&z=293044581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-6.14.3.js
assets.vlitag.com/prebid/default/ 		597 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1234417
cf-polished
origSize=611403
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Apr 2022 15:22:31 GMT
server
cloudflare
etag
W/"624718b7-9544b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6fc80bc709e5713e-YUL
expires
Fri, 01 Apr 2022 15:52:50 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e92cafee3154b49923807019a0450b5a82b36253f7155d3adc55070c96332c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28543
x-xss-protection
0
server
sffe
etag
"1188 / 211 of 1000 / last-modified: 1650060417"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Apr 2022 22:16:30 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3da958535a6188b8270a226a4602561a9e6bcc0fe31a5b7ce735b84de07226a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128424
x-xss-protection
0
expires
Fri, 15 Apr 2022 22:16:30 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
389826
cf-ray
6fc80bc709e1713e-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 29 Mar 2022 15:38:45 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:36:46 GMT
content-encoding
gzip
age
9583
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
08K39QG8X8EMJDV7TSJ7
etag
ae8d955adf98458335c127f4461070c2
vary
Accept-Encoding
x-amz-version-id
MlwU5qtOK_PY2ISK2FuGgRhrblC50DXG
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
P-a-8i7ayEvyTbSvfuMFey2L7F3LBdmFxJVkJ33rQLv6l1UCiiE23Q==
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 10:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 12 Apr 2023 10:50:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
1764ee79f2be05e9ff5e3d4a6d4725cd6052e8408f89758404980fa03113eba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Fri, 15 Apr 2022 22:16:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137383949-1&cid=1062149969.1650060991&jid=106968285&gjid=558855005&_gid=1870308712.1650060991&_u=YEBAAUAAAAAAAC~&z=748339479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 22:16:30 GMT
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 51EC 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aadde487990736269c60912b1312cd9cd7ed8f5e990ac6be382588e93b076f7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ye/ZuwE7ppsgxHYcKnaoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22855
content-security-policy
script-src 'report-sample' 'nonce-Ye/ZuwE7ppsgxHYcKnaoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 00:26:17 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
78614
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
-cKWThm9Mo_tl1eC25JM7_zkclbWI1QTMr1zodxDbfs7dKz8yhxNjQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 18:07:09 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
age
14961
x-cache
Hit from cloudfront
access-control-allow-origin
https://shrinke.me
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
xLWSDYAq7cBUjIde6apOqWeCeFW-pPOwcs4p2TkyVERupwNbhGEM3A==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220415
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e287704d18c46e8ab000c9c44f0b71ed7f2e0c5b45fe16bc429ce960977a4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26124
x-jsd-version
1.0.1311
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-itm18848-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-ilCna/N2b+u+4BQKPnE1uwebpHU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jb5UuiYV439ntLKNcYwUVTaay25VguWXPnkLQ%2Fn3VLCnBP5L4j4W7S3rnVRtgiZv39BJ6UgRXqA%2FolvoD5U0AC2C2QdVp%2BKey%2BsasKGvIxL5odRyt%2B%2FPQv%2FAkzy2%2BsO4jr%2BJoImGprpoQk9A0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fc80bc8afa27144-YUL
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
373039
x-amz-request-id
tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2
tx0c810f9b689a43feb0d6c-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kbpx074sv4qngY95Jg9TFbL3tjB1j6pNCMN4R5NSUGphMvlhDwdyM230YQyNR5uc1nVtxgH7YIq3uC6mWhYUs%2B8Wo4EcyBefXt338XVeV5gcEHqNJb46oLYvje6bcXutSlmgGS1JXpRNPekA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
6fc80bc8cac94bd7-YUL
prebid
ib.adnxs.com/ut/v3/ 		138 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
664202f9c09652a722daec7d21973cde28957ea4641a54a2be05715aac038edb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:30 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a3885d27-d64a-4b36-9330-2340ce9f66b4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		351 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
835f292f58df7bb6eaa3856a2c083cfd25218b6cecd5e8abaf1449f5c08d9ade

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
55
content-length
229
prebid
prebid.media.net/rtb/ 		1 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
05e0987b1ea7c2f822d6d660928ac93b82ae3d10ff9189552ce81103cb648ac2

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A26293EED8A4D2A044AAE4D67B397B7&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:30 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A2E296777D639DB0BB6499EEA2B227D&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:30 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A284DD36AABB6CBBEEDEE794A4BB3&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:30 GMT
Access-Control-Allow-Credentials
true
Connection
close
/
prebid.smilewanted.com/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bc90e171795-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
useast.quantumdex.io/auction/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bc90f604bd1-YUL
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=48079531724
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ROS
pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F...
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&...
62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
89009591e8e20e31325ae0604d1bab6f907b314d27869b887de9a86d1582544a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
IAD-1213

Redirect headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
openresty
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1213
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F0GNZk&pid=eaOAhredgJJcX&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22300x75%22%2C%22300x100%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
92902d3258e612b58595945ceed3194e1e8bf195eb9dfa3fd8b6eee11b8b9f1c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
AG807X9P7RP8S36SXK6D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
mcMvhSnwV7A-KTvS9CVKHyaEeAEr7CyqE3o4nCKWG7LFWXyvkj5QAg==
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F0GNZk&pid=eaOAhredgJJcX&cb=1&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
91d2fa1a71f9df46a7ed5a1a70dd0166fb5a0d9f8bb47cdbd9cec73df3321826
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
4PYVD8CQH4RGZW00HC97
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
czbsS3LoCJIHlGdHiMH4kQ8x4hKhzy3ZUQpcnybSKCG_cSqGPYCaaw==
pbjs
useast.quantumdex.io/auction/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d175775d8fba5ca4f3c899fdd350bc340e8fa0ee15a2ec093d03e930bb4f6c55

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bc91f7e4bd1-YUL
c
prebid.a-mo.net/a/ 		351 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0c94ed746dee27f0e562e038e5339fb3c68a4013b97bd30312aa2c07738c5fae

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
175
content-length
230
/
prebid.smilewanted.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bc92e431795-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ROS
pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=ht...
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=U...
63 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
91c45bc690ba35338723b17a0915ea4fa4d6c59d20b7bc53fbd3e72f0eabd2c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
63
x-sid
IAD-1213

Redirect headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
openresty
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=300x250_0%3A300x250%2C320x480%2C336x280&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1213
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=1137949414
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		71 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cb8f2330bfb92a365ac0af8fb0be2313de8d8fe15ef5438041695dd5294e19c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:30 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
536c7b3b-2ab7-4746-8506-ac6c0f171465
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
71
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1382f96d609238995339639051b4306f6ac8fe4e22db3b3197fbac6390695a6

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A26293EEEBB8E2D083AAD46927D944&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=320&h=480
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F0GNZk&pid=eaOAhredgJJcX&cb=2&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850992666_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
38a94682655a67eb6c5de40eb7f94a7c3549337990067bbc8e4a9d2162669a00
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
3BFEA4V3R6S05JBA4WS8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
1lHrmgK9VlcdKb33Vwl2ju2EJaFMR1Wr7QlpZa_uF-zc7xI4OyiFTA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNYaPPTRzdNKUZMPwPB-UMaw-PyyM-MZwK-AZaKZPrTBaKrRlmNBYAbTAARdzNwqfftkRqxeNco_MZAaYaPPT_TRwkjNARkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbBT,BAAbTAARwlNqhhftbxl,qdb,dtroqftz,gftzqu,xeyxffts,xeyxffts,xeyxffts,ldostvqfztr,jxqfzxdrtb,ekoztg,ekoztg,thsqffofu,hxwdqzoe,hxwdqzoe,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZjMENacr9sj7N0RlDnxeU3qFQONMMtIGvB2SLjSwl4iPMIoxuuzVn3ZFM%2FbZ%2FrI2ltZJDX3Lo5D70bYKgX05uhQHb%2FSiS1fXXb2xPQYRJs05Q6TrXfjj3yJoFJD0A06J6%2FEQVnDYAqLHmpjsrYR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97d9a715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNqMayPATM-KTqM-PZUt-watr-UTBMYqUAAqZaRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbTAARrdzNqdqmgfRwkjNTRmNYaPPTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kONY%2FnotZw1dkL6xvzMWOUQufZgEIJujL1TnfkFd3mOfXglSRoLj%2BQAEOcVlYx7pp%2BoeE5Yo9uEoeCmg5SHguKOO0F6GUqmK6nVud2FrQ3ZEsuLC76CoNz%2FKV2doV2JVWx83I7Uvhr06Mp5cp7g2sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97d9d715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNteAwYMBT-aTqt-PKta-MPwe-KwPyKwqwYTtTRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hchM47AoYYcs%2BjmWJWyH1kI%2Fe3hjTla6OJJXx7guZPfJZQ%2FNUF9r87aXhqdOz5V394uRJ8y6LQpCqhijdygZXv%2Fb0YMRjVU97G%2BdchuUdgDRd1LVtWmw1%2BFaWr2emm0uH%2F5pIGccj0SqXcddi0Qcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97d9e715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNaYUUURzdNBMAKTBZt-etrU-PBZU-wrrY-qtBZZATraKraRlmNBBUbPMARdzNwqfftkRqxeNco_MZAaaYUUU_wqfftkRwkjNARkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNjxqfzxdrtb,qdb,ldostvqfztr,thsqffofu,kzwigxlt,ekoztg,qhhftbxl,gftzqu,dtroqftz,hxwdqzoe,xeyxfftsRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q50y6UyEhGbkZJx%2FzPFq63XTZooPBJ4%2F81JR5OhBQoIYwRT5k1mf6fE7GwY8TzuJOItzorDIC%2B5nQ71XlNMnWR6%2BWj7k2s4pRV6h4vpNi3KEPjyLj8%2BO%2BfwX9mrlfzPWE2as4EVTCFlCKJxNnwY6mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97d9f715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNaYUUURzdNUqBtTqBa-qywe-PaBB-wKMK-AUwZYPqqAaaURlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_MZAaaYUUU_gxzlzktqdRwkjNARkjmNPTAbYBTRwlNqdb,ekoztg,qhhftbxl,gftzqu,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqLAvaiYvz71J%2B%2FUMZsVOHD5xCZ%2F3WxE3LA8%2F7eOc1jSHRE583aZSMZzYMGDaHBB4cpMIry3Q%2F7U39rphFP%2Fkv7%2FzpxwwkWbGKqSYQr%2BU1JdyWGNNUrBHCuS%2FTrkCETq9qLCTI5j0x4wej%2BtM9hM6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97da0715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNaYUUURzdNUwrPPMqe-KrtT-PMyZ-aqaq-TqeAeePUPqUaRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_MZAaaYUUU_oflzktqdRwkjNARkjmNUPAbPMARwlNqdb,ekoztg,qhhftbxl,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8fQu0QaeIkkiBRvOwANVVSgHdlBnQfSTaXGcoXw3NK0H2xH53C5FzhGGn52gxjRAwgk6zq9yZ%2FJeTKoRn6JkllNpOXNOekPXco%2BrWYYgZDjkG12xSCbdbi4oWLDJbdUj2cTHQchten4bHFWFxGDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc97da1715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNywBKeUZe-ePZr-PtTK-qBtB-MMPYZMeYAtAeRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNaYUUURleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWz%2BORnC%2FviZL%2BPks9XztidD7SDyZ1lcjvJ5byD3%2B7ND944KgtivdAxcCQUUeBzAJYs6CO%2BDsKDiVfhJjumdjBEqXjODHEGWlEOIXLNqaLXSheMEf0HIjZEAnq3dFhx2NRa7iWvTKF4pIxo8yRnwGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc98dbd715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
pbjs
useast.quantumdex.io/auction/ 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b47c0f6eb9dd02ac967ace134e45f7730fd044ab0f43067cfc6edc88f97b413

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bc93fa54bd1-YUL
c
prebid.a-mo.net/a/ 		351 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3a418187250668e8d2c5fd8d4a34217334a7c3ce4c69bd9250b3705c61eab5c1

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
182
content-length
229
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UTF-8&fr=htt...
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UT...
79 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f2d00db756c2b2b28ca33920ee0692083a940b051c6d63323e369db1df504bad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
79
x-sid
IAD-1213

Redirect headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
openresty
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1213
prebid
prebid.media.net/rtb/ 		1 KB
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2e6997ea38778c1d523c76dfafb8510175ebbaefe3b4f4806ae27dfff52435fb

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		257 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
236df3a5edf4170b4253b1b4ce512f21c0fa334d03066c8c4b96b11750ab7196
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cdc3ced1-aa6b-4cf0-af02-b574af9dcfc2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
257
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F0GNZk&pid=eaOAhredgJJcX&cb=3&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
0981516c577730d8564c7979c57e070fdee4460069c7134dffe822c98a2585c9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
JZEB86DK0JNB1B0DB54X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
GHpxfX678z7Ug7mLekZR3MOgIEtTvQXsC7B49r98GLptgtOV5CFU5Q==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNPPPTZRzdNaaKMwwUt-wwUa-PwwY-qtBe-qAUPPeqUPaMTRlmNaKAbaARdzNwqfftkRqxeNco_MZAaPPPTZ_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,qdb,kzwigxlt,gftzqu,hxwdqzoe,thsqffofu,dtroqftz,qhhftbxlRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEgOtGpquFHzWEz0nyTfWf0jj7QKYnlBKli7Cg9ZYvq7SWWCoWWluLam6xpeqweyr6frGIGSByVt5SduSAEXV%2BvQVZ8AdRcLizfGaMEyRbZgRfdH2n%2FrgmHPUdGJUwPYrkj3hkvmbptvyjCHMFQ%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc98dbf715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNPPPTZRzdNBYPPeKer-Mytt-PeMe-MKrU-YTKBTYTqKUePRlmNKYMbaARdzNwqfftkRqxeNco_MZAaPPPTZ_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,qdb,kzwigxlt,gftzqu,hxwdqzoe,thsqffofu,dtroqftz,qhhftbxlRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF2LKSIG9Hjw%2FArMaBeG1SSe9IxQKkaGFdaKFuNke3OHPQ4G3JtEHjCvw%2BMYfsDAF6hTSIO%2Bn9otRiudOo7AxDPQ6pY7%2FzF5m8Wf4zIjmJ51pkhIaDZbc1hILMFu%2FAW1Vaso3mETWyuPva8VLnGJqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc98dc2715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNwrYweMPM-rMyw-PBtP-MKtr-TUKTeePZMrZTRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNPPPTZRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Sh%2B9s4WR5ZTsXnD6QdEidJ4WSaaZ8El%2BK6j9u2VLF4aYMoSUkhvYxFgVTy09zr%2FNiG9Cjf7NI8WxB6fWgJ%2FhrQF8CBCJYESlt7ywxUVe9B%2FcWw1cfDrhtMw74yI7VAUSzvN0ppTKRzjg3ISfLIOcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc98dc3715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAAMMPqtw-UKBe-PKqa-qKyB-qqZAYBZewtUeRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNPPPTZRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kywy2dob3O1sA7F7BOxAaNM2ik4ixCN7%2FWYzr5kaRgQA4LCL4v5E%2Ffha9e2fqnUzIMhb%2FLDBYsFoZcGF9FRKXYxOwzxTqzqNcIImP5F%2BddMkXePTMadQkaHNNkR%2F3r5pStITrHkict4S6EIOzB9mDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bc98dc4715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2365687
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sat, 26 Feb 2022 15:38:46 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6fc80bc99be94bbe-YUL
cf-bgj
imgq:85,h2pri
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=1062149969.1650060991&jid=106968285&_u=YEBAAUAAAAAAAC~&z=378804278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=1062149969.1650060991&jid=106968285&_u=YEBAAUAAAAAAAC~&z=378804278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 6E55 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30887572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etoYHwFc1l3x%2F9lif2VAFAQVoYOj%2FoJvGpFzE1nHntVgH9IylJJl42%2FVxfVCgPN6Or%2BtUcEt89OG6hW1rVLpuToeqhIvl%2Bnc7iWxswY6gc%2Bcrh3VLISMiYX%2BQPU2FYha%2FV0v%2BrpSVaENEfkPEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bc9b9d5ecea-YUL
expires
Mon, 18 Apr 2022 10:23:39 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 6E55 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=77005
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Sat, 16 Apr 2022 19:39:56 GMT
ga.js
cdn-adtrue.com/track/ Frame 6E55 		502 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8421579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFlv8J6ay2QkcHCeY94tYVzXxqgSMV50ULEGgztXB3nNDpMaKVGzocu1S4nF9LaUTN9iAED5hbyleEkD7kioHOnMCuLDiSBBm%2FNrNtKc2SJYJzlW9LugKWdTnqnRzH3hFVzhpQDIKld%2Bl4HMKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bc9cc7e4bb9-YUL
expires
Tue, 03 Jan 2023 10:56:52 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1584848027310101&correlator=4025563806723201&eid=31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3910693916&sfv=1-0-38&ecs=20220415&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650060991013&lmt=1650060991&dlt=1650060989799&idt=1176&biw=1600&bih=1200&adxs=632&adys=164&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fshrinke.me%2F0GNZk&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1062149969.1650060991&ga_sid=1650060991&ga_hid=156797749&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
07c4a24dfb4e8322b02d4c50ca26552f8e537e7ceb4ab6caf81d54019912a63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18533
x-xss-protection
0
google-lineitem-id
5955516387
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385342547
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1584848027310101&correlator=4025563806723201&eid=31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=608930018&sfv=1-0-38&ecs=20220415&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650060991024&lmt=1650060991&dlt=1650060989799&idt=1176&biw=1600&bih=1200&adxs=650&adys=1355&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fshrinke.me%2F0GNZk&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1062149969.1650060991&ga_sid=1650060991&ga_hid=156797749&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
e4025451c52653345965cfb784b162b7cc1608b348c1b7c67e894144e3ae12b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18602
x-xss-protection
0
google-lineitem-id
5955512370
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385342040
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea918a4f6a7fded60ae07579a04631c19ad839844cb7e3b0d6c93da9ecace281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10591
x-xss-protection
0
container.html
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD91 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
Sat, 15 Apr 2023 22:16:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
videoplayback
r1---sn-apaapm4g-apae.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C134%2C135%2C1...
  • https://r1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C13...
135 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCzaEdsX1vShdVls770SfWoQ4&vprv=1&mime=video%2Fmp4&ns=U5FPyilUZdkta5IWts0U7pMG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=t0Ih5gBycUvz6dHxoO3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgMWmfNBNHY6sG6B2HeniS8vSgErc1aORk65QQYQoC0d4CIQDhtv1HajEmdwybbIjmYFsRL-mJlTY_OuaQZIA3KGZ3LA%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::14&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1650060784&mv=m&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVOLYSO0emlikmDu-QwiaEH4O7y-IITgw8WRIDHa2ryoCIGr38Cn8Zv4S3IhK_81-M7tB9wHroLCLRrPiDQyDGrJd
Protocol
H3
Server
2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
x-restrict-formats-hint
None
last-modified
Mon, 21 Sep 2020 08:51:28 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-10427992/10427993
client-protocol
quic
cache-control
private, max-age=15833
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
10427993
x-content-type-options
nosniff
expires
Fri, 15 Apr 2022 22:16:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1650077124&ei=ZNlZYtmDDc7WkgbIhqugDg&ip=184.164.141.146&id=o-AFn4OaSnV5PJrBwkubrjJKRxmS3hC9GU_lYO5unblaIZ&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVCzaEdsX1vShdVls770SfWoQ4&vprv=1&mime=video%2Fmp4&ns=U5FPyilUZdkta5IWts0U7pMG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=t0Ih5gBycUvz6dHxoO3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgMWmfNBNHY6sG6B2HeniS8vSgErc1aORk65QQYQoC0d4CIQDhtv1HajEmdwybbIjmYFsRL-mJlTY_OuaQZIA3KGZ3LA%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::14&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1650060784&mv=m&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVOLYSO0emlikmDu-QwiaEH4O7y-IITgw8WRIDHa2ryoCIGr38Cn8Zv4S3IhK_81-M7tB9wHroLCLRrPiDQyDGrJd
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1319
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 51EC 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:02:15 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 51EC 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:02:15 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 5BDF 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30887572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmSpEvXMM4fqpWRynaqn6QQ1xoThDJPrTqIPFgUAi6L%2FzBayvNmBef0caaPeCiFyAwFztW0fhovkE4XU30QMoUD4TfDwh0a3yPDygYRzjq29pK1MJTNs837XFGUceQQnovoHsKNHr4KJDDzivA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bca3a71ecea-YUL
expires
Mon, 18 Apr 2022 10:23:39 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 5BDF 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=77005
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Sat, 16 Apr 2022 19:39:56 GMT
ga.js
cdn-adtrue.com/track/ Frame 5BDF 		502 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F0GNZk&cb=3391526569&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8421579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYBaSgVC6KNGCk052Bl5eY%2Bk16UMeVpBcPO4bXz5QetT1mEgezFH%2FL3lU%2BoNle1rElcrNf5r0uk%2BzDL2c5A5ClRkgbf3SERoCHbKh02Hhc8OwoaVFO5AzE4XV%2BQwMn7Td%2BU5Zmj7HZ9eIvHPWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bca5f59714b-YUL
expires
Tue, 03 Jan 2023 10:56:52 GMT
pbjs
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bca693f4bd1-YUL
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=82634033451
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
91945f48ec85b7b81c13a32a42dacadd307edf65277f8fe60432034d645bf867

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
content-length
3313
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7A78644BDB3DED077A2366B9E9AA99&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BAB89663A86DDE13A924382D8E2476&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BAB8966326A4E303ED6A2BD62D3A8A&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47BDB4A32BD24694FEE94EDB624287BE&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&w=445&h=250&atype=2
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Fri, 15 Apr 2022 22:16:31 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:31 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6fc80bca78441795-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		58 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65d28b64e60cc999f7a2dd26dd76acb69e3d4b8e63aa077c274774df8b141cb2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 22:16:31 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1e6c11ef-6e61-41bb-ad70-ea1d6492ac1d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshr...
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3...
62 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e3dc078206236d9f38b15ba28555b948847d0c045a8bdb85a51d82f90321262a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Fri, 15 Apr 2022 22:16:31 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
IAD-1213

Redirect headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
openresty
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.19197784338581902&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2F0GNZk&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F0GNZk&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21059909..9543%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=b6a75d3b-f1d8-4e20-89f5-ac09475a0270
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1213
prebid
prebid.media.net/rtb/ 		1 KB
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
da4782202fd7745694c6e8a80352d05f225004bdca743ea1a99c22a54b088d7e

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNYaPPARzdNyBYwZwrA-MBUT-PYeT-wPUq-TAKaYtTPeZATRlmNaKAbYZARdzNwqfftkRqxeNco_MZAaYaPPA_TRwkjNTRkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUA,aKAbUU,aBAbTMA,aZAbaA,aUAbaA,KZAbTAARwlNjxqfzxdrtb,ekoztg,ekoztg,ekoztg,ekoztg,qdb,hxwdqzoe,hxwdqzoe,hxwdqzoe,xeyxffts,xeyxffts,xeyxffts,kzwigxlt,ldostvqfztr,gftzqu,qhhftbxl,thsqffofu,dtroqftzRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vv5hwUUtOk14cbimOvX6q3lQBYMWKcfHKp4GOzCYSLw6MxDu4tVFLlGJcWEoW2BEotg1VxDsSOEiDijKAlXitQ%2F%2B1bNSnaCw9LQa3I2xJ76jQIvHckI%2BUELu%2FbkW5x48Fml%2By0NgJH%2FsaZW6D8erXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bca9aed7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRmNYaPPARzdNwAZqAytr-wPPq-PBqr-MYZr-UYeAAeBABTrMRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_MZAaYaPPA_T_gxzlzktqdRwkjNARkjmNPPZbYZARwlNjxqfzxdrtb,qdb,hxwdqzoe,xeyxffts,qhhftbxlRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BTXHRFGedaYeOg1cGntcTYxHnMZ6TNleoZlYXdBnSk9yWXg9GGtA8k2LyjEs1x1UQmwLt%2B11xVhfJMhGrNg%2BNMRKbqnSQTN9wKaMaEX67Ilus1bIjehX1O3LcPM%2Ba0aGEcv0X8aJ4Z1MKZlf9fWqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bca9af17145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
iu3
s.amazon-adsystem.com/ Frame 1A93
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
320 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bdaa753a6b24b5cf7b0b17690a96da2385bd6bac6e5b93997119a29194ddc50a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
320
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H89M5ACQW78QKNN210B8

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GP34FJ5H5A4DZ15PZNPW
cdb
bidder.criteo.com/ Frame 6E55 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=9095685862
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 6E55 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9d5788166f3467ba82a68dcdf4a236eff897fe4fbb7a80d3bed426d008a3fb85
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 22:16:31 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
aba1159e-5d08-4f85-a35c-398b91505fe3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 6E55 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
gtm.js
www.googletagmanager.com/ Frame 6E55 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b07d7e00ccc63d2aba31ead58e4f755904e25be3e11afd9550584129c1c7920c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39944
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 22:16:31 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
373004
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx97c5d496888d478886cf6-0062543d95
x-amz-id-2
tx97c5d496888d478886cf6-0062543d95
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDYVYon0Y8GtOgS8oiFPkiJa6ZfOberhrG9CBPUDeVVzmSwybHXMgvxOSPUVx6wGrbq5IStq7kYahw3esFZh9jJ1QTsY%2FOA%2B5CUIDq61HgUUj6TGL5XJxTUTVgwU2x%2FNlBnVHlDPCZ%2FSCANa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1649687874851815
cf-ray
6fc80bcae817714b-YUL
access-control-allow-headers
Authorization
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:31 GMT
gtm.js
www.googletagmanager.com/ Frame 5BDF 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2996148f2242bddaaaeac8803eca4b26bb8bfef47982c4422d3a9bf8b1c188c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39945
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 22:16:31 GMT
cdb
bidder.criteo.com/ Frame 5BDF 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=68391998168
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 5BDF 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Fri, 15 Apr 2022 22:16:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5BDF 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5febc78e7f162c18af041363088c5b326002ce66f254bd5f3ac7111beb33348d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f9bc4e4f-e1b9-426b-93c8-eb1f8e1befdf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 51EC 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 51EC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 51EC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:24:45 GMT
x-content-type-options
nosniff
age
103906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 21 Apr 2022 17:24:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 51EC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
281800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 15:59:51 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 51EC 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=f5iy49ss7qg3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 15 Apr 2022 22:16:31 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1799
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5BDF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ZPEpnnxoWXVObHVoUlpGNmxSaEhsRXBvMW9yUEVPYVVadXZPTTJ0a1JnUEVlbXB6TGtLTFp6OHduVEhQbUFpQ2YzNkVhRVJtU1AwTnZSc2NUanhMRkRIZVdQU2l0Lzl2NmtNdmlSQmNjVVNhQWdFNEpjSjNyaFRIVDdVMz...
342 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZPEpnnxoWXVObHVoUlpGNmxSaEhsRXBvMW9yUEVPYVVadXZPTTJ0a1JnUEVlbXB6TGtLTFp6OHduVEhQbUFpQ2YzNkVhRVJtU1AwTnZSc2NUanhMRkRIZVdQU2l0Lzl2NmtNdmlSQmNjVVNhQWdFNEpjSjNyaFRIVDdVMzA4V1hXWjNqWVk3RUQ3WHZ6SVo0cHBMdzJUQ2tnZTBDY28vdGxtNUIwUmpwMjlMcm9IZDVaOXBXN1JpNVNkM0R2MVhCaFFVaSs3Z1JZY05hZGdHM294Q20yL1Fmc0dvMk1ab2FXVzlMVTIrYzkwR1pwVzlnPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f396193a31d8db9be8f309cd97cb6e15106117000f87ba69546d7534b0922ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4463
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
location
https://mug.criteo.com/sid?cpp=ZPEpnnxoWXVObHVoUlpGNmxSaEhsRXBvMW9yUEVPYVVadXZPTTJ0a1JnUEVlbXB6TGtLTFp6OHduVEhQbUFpQ2YzNkVhRVJtU1AwTnZSc2NUanhMRkRIZVdQU2l0Lzl2NmtNdmlSQmNjVVNhQWdFNEpjSjNyaFRIVDdVMzA4V1hXWjNqWVk3RUQ3WHZ6SVo0cHBMdzJUQ2tnZTBDY28vdGxtNUIwUmpwMjlMcm9IZDVaOXBXN1JpNVNkM0R2MVhCaFFVaSs3Z1JZY05hZGdHM294Q20yL1Fmc0dvMk1ab2FXVzlMVTIrYzkwR1pwVzlnPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2059
content-length
482
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1833
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 6E55
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=xJwqhHxJYnd3WS9xbmhlYW9XK1pOdGQvQ2R4eTYxY3VDTmJxRzIyZ1RweTFrYzlVTjB2YktrNHprc3VDanBSMmdZZlVPcWk1bDBGc0xkYmsza3RURlplck5BcWZyYU5iajl0WmdWRHBrV21KTGZKTE5Fa1FlblorN1V6WT...
344 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xJwqhHxJYnd3WS9xbmhlYW9XK1pOdGQvQ2R4eTYxY3VDTmJxRzIyZ1RweTFrYzlVTjB2YktrNHprc3VDanBSMmdZZlVPcWk1bDBGc0xkYmsza3RURlplck5BcWZyYU5iajl0WmdWRHBrV21KTGZKTE5Fa1FlblorN1V6WTVLaDhOdllsYlBFd1dsSjhrRTU4eHpIUi9WYXE0cUFLSWpVWWdMR3F0Q1FrODhXa0xwSjh3RllCU1ZGTlNjd0VLRkFFTFVMbGdHTGV6NFZTS0dxMmhzVUNSQUVBL2ljcnBhVUlxNnNRampqR3Q5QmRsM2NBPXw&cppv=2
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
b3ce230f195e0c8670c48296a9c1c03ae1a9697bfef5d2ec350ee7612fefae24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3622
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
location
https://mug.criteo.com/sid?cpp=xJwqhHxJYnd3WS9xbmhlYW9XK1pOdGQvQ2R4eTYxY3VDTmJxRzIyZ1RweTFrYzlVTjB2YktrNHprc3VDanBSMmdZZlVPcWk1bDBGc0xkYmsza3RURlplck5BcWZyYU5iajl0WmdWRHBrV21KTGZKTE5Fa1FlblorN1V6WTVLaDhOdllsYlBFd1dsSjhrRTU4eHpIUi9WYXE0cUFLSWpVWWdMR3F0Q1FrODhXa0xwSjh3RllCU1ZGTlNjd0VLRkFFTFVMbGdHTGV6NFZTS0dxMmhzVUNSQUVBL2ljcnBhVUlxNnNRampqR3Q5QmRsM2NBPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1990
content-length
482
expires
0
pr
s.amazon-adsystem.com/v3/ Frame 1CFB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ad4e600d8a725ae09cf13dcb37db0e1eba3270d10c2bd3872509005b08be7891
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2108
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
ZFKMJWQ57PVK9ZSSGKWP
js
www.googletagmanager.com/gtag/ Frame 6E55 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37e5e9e475967a3605053f98f911272c028a66f53a1ef4c21aa6727be93325fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67188
x-xss-protection
0
expires
Fri, 15 Apr 2022 22:16:31 GMT
analytics.js
www.google-analytics.com/ Frame 6E55 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5555
date
Fri, 15 Apr 2022 20:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 22:43:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A3A0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
76091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 01:08:20 GMT
expires
Sat, 15 Apr 2023 01:08:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B7B1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d3c1f814f69a2e74128fa99dcd8b3624f1b91455ecdf0272f80c77e4a00aac0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NJt9ZmrVqjl4OoHpPo2o4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NJt9ZmrVqjl4OoHpPo2o4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
Fri, 15 Apr 2022 22:16:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame A5BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuruaHRLOATUI35E6biORf5doZIWTF_D2XE9aStPROWQnx81_cdNrk8k8Eusz7A8OYtTF7vaM5GyKIX33XfHAbOq6dHhghXIC9eBGlSqQIUhr_ewWligSifHjK9362k4rSgHWHmfJcEGIFMqQtqw-q8e0QEP4L1HcCivrHlpbSp7x96dOaWi5Pf50ccWVT_6KxX50BmqxTJPCOfizCxvf0-R-ueHLROPEwiRa4_Lc8fxHiTsgfM7vVppStZtxYexohorzjMPPu5ww0VYp0MCuqMlFv3ASbLCgBGPTfH_HY98gSultuDnu9eDQv96kT8p05TNm88VJCE&sai=AMfl-YSWlAO5ZgxRe_oIsvfFVr_rfchNaC1mZPK2319B6xY23H7HBzq3bdpiaBYjbSsQarZ63Vkqn1_6AazR2F438dnrJfUJB10In5nOrZd-B6jYKznx-tRKELFt7Ll5m9R4&sig=Cg0ArKJSzAcV3iMB73FPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 15 Apr 2022 22:16:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A5BB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:31 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 6559 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea414e347d3a4ff09a98d31bc0a0a18d68e0d55594359b0342393b5c72f6a058
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q2EC2RYrIqPMa5B1z3GhNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-Q2EC2RYrIqPMa5B1z3GhNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 5BDF 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a0321d16b0ba20c7d478408d0f76a9cfa3e14871148cbd5f0392fbaf8dd3247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67141
x-xss-protection
0
expires
Fri, 15 Apr 2022 22:16:31 GMT
analytics.js
www.google-analytics.com/ Frame 5BDF 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5555
date
Fri, 15 Apr 2022 20:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 22:43:56 GMT
/
servedby.flashtalking.com/imp/1/174069;6268017;201;jsiframe;BetGenius;300x250casino/ Frame 37D9 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/174069;6268017;201;jsiframe;BetGenius;300x250casino/?ft_custom=&imageType=gif&ftDestID=32975530&ft_width=300&ft_height=250&click=https://nym1-ib.adnxs.com/click?50CiFTYHwj-amZmZmZm5PwAAAMD1KPQ_bId1mVB3uj9QO_w1WaPCPxJ0bOseXDBr1gKv5X4MymC_7lliAAAAAIR8MgGoGwAAmBwAAAIAAADgLSkUFK4QAAAAAABVU0QAVVNEACwB-gCw8wAAAAABAQUCAAAAAKwAzyVFHgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JxMOfgjbxL0YEODbpKEBGJTcQiAAKAAxMzMzMzMz5z86CU5ZTTI6NDQ3NUCLLkkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjQ0NzU=/bn=87213/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=504734123
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app24.ash11 /
Resource Hash
e9bd68c156d98474886463fb4ef9671f08f59f9232cde1f79f007d8758ae4487

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
2723
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
prod-xre-app24.ash11
X-HW
1650060991.dop072.dc2.t,1650060991.cds202.dc2.shn,1650060991.dop072.dc2.t,1650060991.cds192.dc2.sc,1650060991.cds192.dc2.p
async_usersync.html
acdn.adnxs.com/dmp/ Frame 294D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7080&pub_id=854351
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60891
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257251
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060992.525466,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame C817 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKPDfD9jwYAAAMA1gAFAQi_3eeSBhCS6LHb7oOXmGsY1oW8re6Pg-VgKjYJ50CiFTYHwj8RmpmZmZmZuT8ZAAAAwPUo9D8hbId1mVB3uj8pUDv8NVmjwj8xAAAAoJmZyT8whPnJCTioN0CYOUgCUODbpKEBWJTcQmAAaLDnW3itqQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDI4OTY3ODksIDE2NTAwNjA5OTEpO3VmKCdpJywgNjYyOTY4MCwgMTY1MDA2MDk5MSk7dWYoJ2cnLCAxNjU0NjU1NixCOwAwcycsIDI2OTMyMTg5MUY9ADByJywgMzM4MjQzMDQwNh8A8IuSAp0EIV9XVjRuUWpieEwwWUVPRGJwS0VCR0FBZ2xOeENNQUk0QUVBQVNKZzVVSVQ1eVFsWUFHREdCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQ3FnQkNyQUJBTGtCaW1yVWQxMmp3al9CQVlwcTFIZGRvOElfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBYkRTbEFQMUFXZWFnRDZZQWdDZ0FnRzFBZwEjBEM5CQjYREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJN0phekhSQUxHQUl0QQFDwExvRENVNVpUVEk2TkRRM05lQURpeTZBQkktdGpnaUlCSVhEc1FlUUJBR1lCQUhCQkEBNQkBCHlRUQkJAQEYTmdFQVBFRQELCQFEQ0lCZnNpbUFXampiYUFBYWtGCRgYQUE4RC14QgE7UENBZ0dPUV93UVZuWm1ibVRCUFFQOC4oAARfUgUoDQEIMlFVDQrIRHdQLUFGNFhId0JmejE4UWY0QlpYbnNBR0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJqTXpNAQIsLWNfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFKeE1PZmc6IQIsSlRjUWlBQUtBQXhNAWkYek16NXo4NjJZARRVQ0xMa2sNcxBEd1AxRQ0MDEFBQUYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLjUC0HcuLtgCAOAC1uI26gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlpr8gIRCgZBRFZfSUQSBzI4ZXw08gISCgZDUEdfSUQSCDFtVgEVCAVDUAEUAAl1TBDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQAHbegA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8JqAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOe17oB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDc12gQCCAHgBAHwBODbpKEBiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBbm-AvoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBqkl2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi0BEAAyAetqQXSBw0VdgE4CNoHBgknROAHAOoHAggA8AfE_weKCAIQAA..&s=24da6e2eea0fbebb805d053eeb34cab085e64bf4&bdref=https%3A%2F%2Fshrinke.me%2F0GNZk&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fshrinke.me%2F0GNZk,https%3A%2F%2Fshrinke.me%2F0GNZk,https%3A%2F%2Fshrinke.me%2F0GNZk&
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5feab50b-671b-4f63-bedd-ff76b650da0d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame C817 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:31 GMT
Content-Encoding
gzip
Age
4367883
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12832-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1650060992.535243,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 995535
it
nym1-ib.adnxs.com/ Frame C817 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fshrinke.me%252F0GNZk&e=wqT_3QL4CvD9eAUAAAMA1gAFAQi_3eeSBhCS6LHb7oOXmGsY1oW8re6Pg-VgKjYJ50CiFTYHwj8RmpmZmZmZuT8ZAAAAwPUo9D8hbId1mVB3uj8pUDv8NVmjwj8xAAAAoJmZyT8whPnJCTioN0CYOUgCUODbpKEBWJTcQmAAaLDnW3itqQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDI4OTY3ODksIDE2NTAwNjA5OTEpO3VmKCdpJywgNjYyOTY4MCwgMTY1MDA2MDk5MSk7dWYoJ2cnLCAxNjU0NjU1NixCOwAwcycsIDI2OTMyMTg5MUY9ADByJywgMzM4MjQzMDQwNh8A8IuSAp0EIV9XVjRuUWpieEwwWUVPRGJwS0VCR0FBZ2xOeENNQUk0QUVBQVNKZzVVSVQ1eVFsWUFHREdCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQ3FnQkNyQUJBTGtCaW1yVWQxMmp3al9CQVlwcTFIZGRvOElfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBYkRTbEFQMUFXZWFnRDZZQWdDZ0FnRzFBZwEjBEM5CQjYREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJN0phekhSQUxHQUl0QQFDwExvRENVNVpUVEk2TkRRM05lQURpeTZBQkktdGpnaUlCSVhEc1FlUUJBR1lCQUhCQkEBNQkBCHlRUQkJAQEYTmdFQVBFRQELCQFEQ0lCZnNpbUFXampiYUFBYWtGCRgYQUE4RC14QgE7UENBZ0dPUV93UVZuWm1ibVRCUFFQOC4oAARfUgUoDQEIMlFVDQrIRHdQLUFGNFhId0JmejE4UWY0QlpYbnNBR0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJqTXpNAQIsLWNfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFKeE1PZmc6IQIsSlRjUWlBQUtBQXhNAWkYek16NXo4NjJZARRVQ0xMa2sNcxBEd1AxRQ0MDEFBQUYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLjUC8P13Li7YAgDgAtbiNuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjQ0NzXaBAIIAeAEAfAE4NukoQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5vgL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4tARAAMgHrakF0gcNCRE8ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=74b31e6325d7123159207558af6572ebc653513d
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f8fc8baf-0388-487a-ab83-b7eeae21778f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 0955 		753 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15755182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDBhEZr3glcemcdgNnZ6Fy7EPD2qYQOUj7%2FU%2FheCr66DfSeaX5DVEsffivV4uawbMracAwmBatB1r%2Fi5%2BNeWLiq9PkP4TChNJQ1cEoxy%2Btl9uSXJdXhZXthOhPBcfRULb%2FZCZSXBt53tZV%2FmTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6fc80bccdd77ecea-YUL
expires
Mon, 10 Oct 2022 13:50:09 GMT
/
s.ad.smaato.net/c/ Frame 1CFB 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
ijd3cV0lagU9_SbpDzlEheP6I1NVj57Yd92OeXTPtH9CRtFzqrKXkQ==
x-cache
FunctionGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 1CFB
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=A183E41957ED45CB8401B24CC9FFCD13&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=A183E41957ED45CB8401B24CC9FFCD13&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VVE23ZY4X2KJEY9RYT52
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=A183E41957ED45CB8401B24CC9FFCD13&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 14 Apr 2022 22:16:31 GMT
ecm3
s.amazon-adsystem.com/ Frame 1CFB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPKDNNNFUY2QJQ2E4Z3PIYYWC...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=CkZZcPL4NgoF1aU-tV_U
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=CkZZcPL4NgoF1aU-tV_U
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
93PES0WXRRFYYJNNNX08
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=CkZZcPL4NgoF1aU-tV_U
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1584848027310101&correlator=4025563806723201&eid=31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=3&adks=3910693916&sfv=1-0-38&ecs=20220415&rcs=1&fsapi=false&prev_scp=in2w_key%3D432%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h-sqgz%26in2w_key7%3D1188%26in2w_key8%3D432%252C433%252C434%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D14%26in2w_keypm%3Dgpt-passback_7%26in2w_key9001%3D1&eri=1&cust_params=hb_domain%3Dshrinke.me&sc=1&cookie=ID%3Daba4f620a0c08bc6-22d42d842dd20086%3AT%3D1650060991%3AS%3DALNI_MYV16apgPjXhlLzTm07ulFL8bggJg&gpic=UID%3D000004875590fae4%3AT%3D1650060991%3ART%3D1650060991%3AS%3DALNI_Mbb_fyLWwn0pcJPrNBXCbHK0Deytw&abxe=1&dt=1650060991505&lmt=1650060991&dlt=1650060989799&idt=1176&biw=1600&bih=1200&adxs=632&adys=164&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fshrinke.me%2F0GNZk&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1062149969.1650060991&ga_sid=1650060991&ga_hid=156797749&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
3d68a09735adce584338f7bcfc5385124336a9d99a5160b3e41ea76568348c51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16613
x-xss-protection
0
google-lineitem-id
5956493461
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385363032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame B36B 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
c9f9d427de421ae02ac786708a294abbe02405956da26d05c9baa56115288083

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Fri, 15 Apr 2022 22:16:31 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4309 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30392
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame B215 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.116.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-116-38.compute-1.amazonaws.com
Software
/
Resource Hash
c8ef4d58d93f3e7428d78f75d7138eab8c6483866902ccd7362bc083f201c97a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
usync.html
eus.rubiconproject.com/ Frame 76B2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Apr 2022 22:16:31 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame CA05
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=515e71f452151217&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbaPWKA5tqwNvDm9FAAAAAAA&expiration=1650147391&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbaPWKA5tqwNvDm9FAAAAAAA&expiration=1650147391&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
HDDKX783DGJD9AR2D7YV

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbaPWKA5tqwNvDm9FAAAAAAA&expiration=1650147391&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 8886
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=927618439590507575064
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=927618439590507575064
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
383FG3RPPYKDHZF44MDS

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 15 Apr 2022 22:16:31 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=927618439590507575064
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
analytics.google.com/g/ Frame 6E55 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe4d0&_p=451847654&sr=1600x1200&_z=ccd.ILB&_gaz=1&ul=en-us&cid=1062149969.1650060991&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&dt=&sid=1650060991&sct=1&seg=0&en=gtm.js&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 6E55 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1062149969.1650060991&gtm=2oe4d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ Frame 6E55 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1062149969.1650060991&gtm=2oe4d0&aip=1&z=1037378019
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
passback
exchange.adtrue.com/tag/ Frame 0955 		446 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=233905046&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
904cb51061fb08cdf8aab6293cc564ad3b6f60644af87aafee36c7cfcfb900d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
server
nginx
content-length
446
content-type
application/javascript
collect
www.google-analytics.com/j/ Frame 6E55 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=451847654&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAEABAAAAAC~&jid=820230447&gjid=1824528579&cid=1062149969.1650060991&tid=UA-177299981-5&_gid=1870308712.1650060991&_r=1&gtm=2wg4d0NPLC9ST&z=1386202645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 6559 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:02:15 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 6559 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:02:15 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZPEpnnxoWXVObHVoUlpGNmxSaEhsRXBvMW9yUEVPYVVadXZPTTJ0a1JnUEVlbXB6TGtLTFp6OHduVEhQbUFpQ2YzNkVhRVJtU1AwTnZSc2NUanhMRkRIZVdQU2l0Lzl2NmtNdmlSQmNjVVNhQWdFNEpjSjNyaFRIVDdVMzA4V1hXWjNqWVk3RUQ3WHZ6SVo0cHBMdzJUQ2tnZTBDY28vdGxtNUIwUmpwMjlMcm9IZDVaOXBXN1JpNVNkM0R2MVhCaFFVaSs3Z1JZY05hZGdHM294Q20yL1Fmc0dvMk1ab2FXVzlMVTIrYzkwR1pwVzlnPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1081
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xJwqhHxJYnd3WS9xbmhlYW9XK1pOdGQvQ2R4eTYxY3VDTmJxRzIyZ1RweTFrYzlVTjB2YktrNHprc3VDanBSMmdZZlVPcWk1bDBGc0xkYmsza3RURlplck5BcWZyYU5iajl0WmdWRHBrV21KTGZKTE5Fa1FlblorN1V6WTVLaDhOdllsYlBFd1dsSjhrRTU4eHpIUi9WYXE0cUFLSWpVWWdMR3F0Q1FrODhXa0xwSjh3RllCU1ZGTlNjd0VLRkFFTFVMbGdHTGV6NFZTS0dxMmhzVUNSQUVBL2ljcnBhVUlxNnNRampqR3Q5QmRsM2NBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:30 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1030
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/ Frame 5BDF 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=520592517&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1062149969.1650060991&tid=UA-177299981-5&_gid=1870308712.1650060991&gtm=2wg4d0NPLC9ST&z=1282556816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 12:39:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34600
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 113E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOw9zxr2adlUvM7-mU0yat5tDmSfJBY31M2-Y7gZRCwlc0HwopMxbk1ewei2munOEz7DyXHOetrgRSVUqyXMwqzUwrTKaMWy_17XvVubqNm8PKqpTHcogFgWMmhNm7DiR1FmbnjJ2xI9mXdkJrWaetbPuh3JjmQk7sNPOdAmnK2PuxOO9Tvvik_bQFt65RteUFhHHaaV_bMR_VfVvjbWwtk8M-57nyrd0wx2xnAu_g5EutIjUZU67wLB4r1q3Z_d4RCFLuVsvqZ6xlIcqTXnZUfqJnqTAFLnSob5gHhwjqbqiv892ionDn792tvidK80X6fqlBWiRy&sai=AMfl-YRwyXJEqUyc9yk_KjiFqiRBzDlylNzW0nbEe-H3yIqzyxytvq_y2XCcm9qPmt1P-GwkslnHGXROqFCFz-EzUQKNH9-TCGpBwPDP1jJQP4EAOCxEs_9IfH-vgBEKEvU&sig=Cg0ArKJSzBeeHOD5TSJqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 113E 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
5b9eba0ff18556f6b4771b158aa3afaa00b0c2778895102b0308885e3d5177da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28580
x-xss-protection
0
server
sffe
etag
"1188 / 533 of 1000 / last-modified: 1650021009"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Apr 2022 22:16:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 113E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A5BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIIJjEKIBWiQkT8sBZ1yuKnpEm9476OdOA3n4zj73V6wg82-LxHnUWG2nOylY6QY6DoTZ063GgGmV00szZvpjU4UPoQnw25C_YI_PvFUpHTZBWTTA7vtv8jPVYgUYYTTgK6Se2Sssn-YP_X60KMJAS43cK37BHXCOAncsxZGBlhywvKZ3sMlAUkyuBqX0feHWe7_-ztx6Sqtl3qScwgk7HpLsd2Z1NmbZtsongR-C5JNLdJVoJJ2vF4IBlt2nDIj-CIWhy9lWXlU1vUpoPbGDlSvciRs85p7YhKyZorXrC1BZkpziKEZxZXE0OfDBsiSHzHkCEPmIKE7U&sai=AMfl-YRq4Lm0muZKKYoFOG94RiqHfL9trNhTsY1uiq8wVv8KdLKbg-gUQlg7yAo4jAjMetgYLVxCumbN2uSfNiS9Q7aWpSA3ZsJ1WcDNcaYWCe25RfhAKzWL2zIU3N0v_01K&sig=Cg0ArKJSzNByd27aTOAAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 15 Apr 2022 22:16:31 GMT
async_usersync
ib.adnxs.com/ Frame 294D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7080&pub_id=854351&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7080&pub_id=854351
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
afc9bbfc-b077-445c-a3da-99d6049f9fe8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
tag.vlitag.com/passback/ Frame 9889 		77 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1650060193&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e268c806756ea8aec9f0d9e9e20e99c07c04d65eff4b46c6c199e379090000e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 22:03:17 GMT
server
cloudflare
age
615
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6fc80bce38f74bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
cc.jpeg
px.vliplatform.com/br-v4/ 		0
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNrMYryUUa-tTee-PtrP-qYPt-qTMZYewqBeaZRlmNaKAbaARdzNwqfftkRqxeNco_MZAaPPPTZ_KRysggkNAGATRwkNjxqfzxdrtb|AGAMTKaZ|aKAbaA|wqfftk|YKK|RmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT7iZWeUimyc0QDabuihYE9IP13PUaSEZ8swJjXzX%2B5LBLO3liUR1WwCzd1Xrce3w%2BFZEjME3fWsuKR1EGxgw5xIiyN66fl3vq2kZ2WYA8hXx%2FMt9nSgCiLu9UzkYDqYbqmcsqjCarkf8WXGK0ySwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce3fb47145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
r.html
assets.vlitag.com/plugins/safeframe/src/html/ Frame 2AF9 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b196efd3e54ca3465cefb38e3889ccb523e0487a804ddc8c274fb504fdd1c5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-cache-status
DYNAMIC
cf-ray
6fc80bce59194bbe-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 15 Apr 2022 22:46:31 GMT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
cc.jpeg
px.vliplatform.com/br-v4/ 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNTwtKeTYY-UBTa-PPZY-aywK-BYZKtTZMqKwPRlmNaKAbYZARdzNwqfftkRqxeNco_MZAaYaPPA_TRysggkNAGATRwkNqdb|AGATPAKZZUAaMUTMTYa|KYMbaA|wqfftk|TKB|RmNYaPPARleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0iNthghfgvP2Nj7iNGFN2r0RXr6jY49%2FYPEI%2F%2BdtEhwOHjUYCPyMhOJQRjIIEWsue1QgXt%2Fg6wFKf4fXK6iy8GSgWVyttlXhjMI%2F%2Fdl1abg7ZohfvmC3kAJa2a72IKZs%2FmDdfUsyshO6fQHUVr%2FRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce6ff67145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/br-v4/ 		0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNteeUeYtw-aayY-PKUT-qTTw-UBrAByeMKBAtRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_MZAaYaPPA_T_gxzlzktqdRysggkNAGATRwkNqhhftbxl|AGATYKBB|PPZbYZA|cortg%20gxzlzktqd|BUB|RmNYaPPARleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ce3ZWeuEcAZJDUVoU5LkBckRpQldQfHAnbhBq%2FVIrZXhZCWM03BouFFZtl%2FLZBdvBnxDE66djszxKysSiIOAUeuEg9qpM9aOLaX7e6wQU9tmmEOKne24Hck7tcrPXCe8mCcDGlX48I9A6BMXNsZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce6ff87145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNPtUABPAA-wqYq-PtKy-wtqK-ywYZqKAKMeMyRqxeNco_MZAaYaPPA_TRwNqdbRhNAGATPAKZZUAaMUTMTYaRlmNKYMbaARdzNwqfftkRmNYaPPARleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQPb%2FU%2Fp6GwRWICDBrqp0u7CMN%2BBfyqmMeH0GRunHFJHx6ETW5ouPakpHxD7FcU2APFDtZTAxs1x1DcD1OQM9j8B%2Bt%2BY2JSY5rYoUXhQ7QBhGBJg139oIRxTphWZ89tYvE0jXP7Rr73Te8BNGqyNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce6ffb7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
r.html
assets.vlitag.com/plugins/safeframe/src/html/ Frame AC2B 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30098e53de529cbf8100997a1e95c0e4ec902ef970258be902d1a7815f574969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-cache-status
DYNAMIC
cf-ray
6fc80bce89754bbe-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 15 Apr 2022 22:46:31 GMT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
cc.jpeg
px.vliplatform.com/br-v4/ 		0
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNeaUPaKaK-PZZB-PZZP-qAee-eAqYaKeYTaZeRlmNBBUbPMARdzNwqfftkRqxeNco_MZAaaYUUU_wqfftkRysggkNAGATRwkNjxqfzxdrtb|AGATAPMP|BAAbYZA|wqfftk|YYB|RmNaYUUURleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lfAnN%2FPqdBWg8wWseFVw8jxjCuwdkqa5WLWAYynvCOROTrAih5ksW%2F7HZ9GBrnYJxGj2YHwTh%2BwN6zz4S4ezeTAYrLDXdpFbB%2FovKlLZ82fIv7%2BooN3fm9Pi6%2BQKxZGPbraXKH9GxN1zsFa%2Fr%2Bjug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce884c7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNyUAUPaKY-MraK-PAPt-wAUU-KKetrYBPTwtMRqxeNco_MZAaaYUUU_wqfftkRwNjxqfzxdrtbRhNAGATAPMPRlmNBAAbYZARdzNwqfftkRmNaYUUURleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QbJbpABhL6ZP58m9Luz00owLMCYsZglOxS0dRZ8r44q4GMcPZii0ap238qBEjOsyJhgAfd1kziWBndKPx7Ld%2F8N6fvbTORvGKsTQD7cx2fKxnnr41LuByAvJiwyvI9B2hsEWLD8GLSr3HBE9JFFmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bce884e7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
js
www.googletagmanager.com/gtag/ Frame 3350 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
254a9c3b8a080b4963fca2c9bd72ae30b3ae0998859b307cfe8d669b1bfbf1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38613
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 22:16:31 GMT
js
www.googletagmanager.com/gtag/ Frame 63FE 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1650060193/b696d0f5c06dbd9fd83feb568718537b.js?cc=CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15131d846612eaa69f53a8be47bab0293f9aa4ee956e010ed7dac03133d78f7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38609
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 22:16:31 GMT
vevent
nym1-ib.adnxs.com/ Frame C817 		0
834 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QL4CvD9eAUAAAMA1gAFAQi_3eeSBhCS6LHb7oOXmGsY1oW8re6Pg-VgKjYJ50CiFTYHwj8RmpmZmZmZuT8ZAAAAwPUo9D8hbId1mVB3uj8pUDv8NVmjwj8xAAAAoJmZyT8whPnJCTioN0CYOUgCUODbpKEBWJTcQmAAaLDnW3itqQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDI4OTY3ODksIDE2NTAwNjA5OTEpO3VmKCdpJywgNjYyOTY4MCwgMTY1MDA2MDk5MSk7dWYoJ2cnLCAxNjU0NjU1NixCOwAwcycsIDI2OTMyMTg5MUY9ADByJywgMzM4MjQzMDQwNh8A8IuSAp0EIV9XVjRuUWpieEwwWUVPRGJwS0VCR0FBZ2xOeENNQUk0QUVBQVNKZzVVSVQ1eVFsWUFHREdCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQ3FnQkNyQUJBTGtCaW1yVWQxMmp3al9CQVlwcTFIZGRvOElfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBYkRTbEFQMUFXZWFnRDZZQWdDZ0FnRzFBZwEjBEM5CQjYREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJN0phekhSQUxHQUl0QQFDwExvRENVNVpUVEk2TkRRM05lQURpeTZBQkktdGpnaUlCSVhEc1FlUUJBR1lCQUhCQkEBNQkBCHlRUQkJAQEYTmdFQVBFRQELCQFEQ0lCZnNpbUFXampiYUFBYWtGCRgYQUE4RC14QgE7UENBZ0dPUV93UVZuWm1ibVRCUFFQOC4oAARfUgUoDQEIMlFVDQrIRHdQLUFGNFhId0JmejE4UWY0QlpYbnNBR0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJqTXpNAQIsLWNfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFKeE1PZmc6IQIsSlRjUWlBQUtBQXhNAWkYek16NXo4NjJZARRVQ0xMa2sNcxBEd1AxRQ0MDEFBQUYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLjUC8P13Li7YAgDgAtbiNuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjQ0NzXaBAIIAeAEAfAE4NukoQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5vgL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4tARAAMgHrakF0gcNCRE8ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=74b31e6325d7123159207558af6572ebc653513d&type=nv&nvt=5&jm=1003&px=651&py=1031&bw=300&bh=250&sid=1175019941666628330&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20085892&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2765&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
22eba738-f354-49be-abd4-755fc1561e36
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4309 		60 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4878edac178fe5c6000e020e0b8142a20c3316626e7d3bb87c33c5be432ccdd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:30 GMT
cache-control
private
expires
Thu, 14 Jul 2022 15:10:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
60
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame B7B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=1584848027310101&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame 9DC3 		900 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
r.html
assets.vlitag.com/plugins/safeframe/src/html/ Frame 8C57 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33528256aebe967ab4f7497afc18f3506b531bac8f46f881412fb89078446b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-cache-status
DYNAMIC
cf-ray
6fc80bcf4a9e4bbe-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 15 Apr 2022 22:46:31 GMT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNPqAZBwyK-Maae-PrZt-MTUZ-MqtrUKAAZwryRqxeNco_MZAaPPPTZ_KRwNjxqfzxdrtbRhNAGAMTKaZRlmNaKAbaARdzNwqfftkRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrKlpsq1Vx%2B7YMEvAbNJcWTgqlitLuWso%2BGh6dLB7doX8M2Fs%2FZpDXQA7hugrkRBoV%2Fo9h5YdLUDsoK4K8SgxOt%2BO8mpt1mpWnuSnxOcm%2BmI6E1WLQAxIDYNl2jmrY%2FrJtVeNceo7wDo3568gkhe9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bcf49b07145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
ecm3
s.amazon-adsystem.com/ Frame B36B 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e3c943cb-2137-4651-80fe-6da6e31486de
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
39GE13Z4Y9D8Q89V2DG5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B36B
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame B36B
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame B36B
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6974400712095498966
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6974400712095498966
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
434aa687-6394-49f3-bd85-2c58b6a7ee47
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B36B
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.209.87.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-87-113.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
ecm3
s.amazon-adsystem.com/ Frame B215 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gaf953e5e8065b61488f
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AQWF2S0XYWQG4ARK00KE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame B215
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6974400712095498966&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6974400712095498966&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
67edef1c-b996-4ed1-9519-de0a2466e03d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:31 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e50162cf-53fe-4f24-8528-411aa58bacea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6974400712095498966&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame B215
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.208.119.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-119-163.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Fri, 15 Apr 2022 22:16:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame B215
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.208.119.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-119-163.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame B215
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=AP8EVQGzTy5vBQIVpKVbRJU4mbg
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.208.119.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-119-163.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Date
Fri, 15 Apr 2022 22:16:32 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame B215
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=lkjrpHEWyYwp&ev=1&pn_id=pp&pid=561118
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=lkjrpHEWyYwp&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.152.116.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-116-38.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=lkjrpHEWyYwp&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84dd458cf8-mkfrw
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame A5BB 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 75B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqb2D-DntbjKQ1WbcOi_0hSrgJsrd1N_aSLY1y2TiVj5rC7ACVLYx7-Wk7mafyfkQXrGj6UuQqp_GeqgsmAH0x9BAxe8Gos-QjyIqmhUdPamrxfvAdfb0levG0OorLBwSPDHdiXtwRrtwRhOwOsbd-gC4545P9WYOUz2MAA6EpwwlG3k33meVWKguyTiH78bZ2dCwUclFtq_QHUwZaB2eSOy3mTrOE1WlmS9hzWCa1SdWKVuFHIvpLz_kKfPNvfVSF7sTKqM6oQueBByMLr9lroF5fD5satUceCcnjDVageJZLfyFCuyUaH-NGr0-WUY0dZLEdWRvZ&sig=Cg0ArKJSzLZo718MhoXmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75B5 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:31 GMT
usync.js
eus.rubiconproject.com/ Frame 76B2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
40d5c6d31376c8c952e2ca6d4c78aa717bff53ee6338a47c9851ba8e9edbbf20

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52675
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sat, 16 Apr 2022 12:54:26 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame A3A0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
invoke.js
roofprison.com/2b7825b40010ad17ac7b5777c664449c/ Frame 0955 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roofprison.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:31 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
j-6268017-3769725.js
cdn.flashtalking.com/xre/626/6268017/3769725/js/ Frame 37D9 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/626/6268017/3769725/js/j-6268017-3769725.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/174069;6268017;201;jsiframe;BetGenius;300x250casino/?ft_custom=&imageType=gif&ftDestID=32975530&ft_width=300&ft_height=250&click=https://nym1-ib.adnxs.com/click?50CiFTYHwj-amZmZmZm5PwAAAMD1KPQ_bId1mVB3uj9QO_w1WaPCPxJ0bOseXDBr1gKv5X4MymC_7lliAAAAAIR8MgGoGwAAmBwAAAIAAADgLSkUFK4QAAAAAABVU0QAVVNEACwB-gCw8wAAAAABAQUCAAAAAKwAzyVFHgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21JxMOfgjbxL0YEODbpKEBGJTcQiAAKAAxMzMzMzMz5z86CU5ZTTI6NDQ3NUCLLkkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjQ0NzU=/bn=87213/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=504734123
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d593cab2e45b1d4a4f93dca7a1782ebe09cd0434b1ebd42c5ed1b61a484b65d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jan 2022 09:55:08 GMT
Server
Flashtalking (AKA)
ETag
W/"75877beca03e5fc13ba05b6c23a01c6b"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
138517932
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
19850
Expires
Fri, 15 Apr 2022 22:36:32 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Apr 2022 22:16:32 GMT
11630
tags.orquideassp.com/tag/ Frame 9889 		826 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/11630
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1650060193&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:de00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a9eecf41513b97d5590668384112bc961ba71eb372afb5cd07caee94dc366642
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
887
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Fri, 15 Apr 2022 22:03:14 GMT
content-length
826
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33a-G6ENEqNBXqZge1NtSeqeXuENJdQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
Cj7c47LZzG7FFdU5C4UJWqZ-2-GYqfVU-_tMp9AoisrWJVf7dSjVqw==
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1584848027310101&correlator=4025563806723201&eid=31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=4&adks=3910693916&sfv=1-0-38&ecs=20220415&rcs=2&fsapi=false&prev_scp=hb_domain%3Dshrinke.me%26in2w_key%3D433%26in2w_key15%3Do0%26in2w_key16%3D2%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2--s%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h-sqgz%26in2w_key7%3D1188%26in2w_key8%3D432%2C433%2C434%26in2w_key9001%3D2%26in2w_keypm%3Dgpt-passback_7%26in2w_key3%3Dadx1188%26in2w_key12%3Doptimization&eri=1&cust_params=hb_domain%3Dshrinke.me&sc=1&cookie=ID%3Daba4f620a0c08bc6%3AT%3D1650060991%3AS%3DALNI_MZvcqmLSR9-DjthuN_Xg3zAfjwLUw&gpic=UID%3D0000048754d05dbd%3AT%3D1650060991%3ART%3D1650060991%3AS%3DALNI_Mbnm57TSAkNp56dVK0Izz9UnXX93g&abxe=1&dt=1650060991988&lmt=1650060991&dlt=1650060989799&idt=1176&biw=1600&bih=1200&adxs=632&adys=164&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fshrinke.me%2F0GNZk&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=0&ohw=0&psts=AGkb-H8RLSctPgjZW6qvrP1pNOB1jo3ph7Q0oIpHXnKHfw32B711SoJddtDjOaxEDwtzRM7MuoipsvEl9k3X0yKftjjljfnb&ga_vid=1062149969.1650060991&ga_sid=1650060991&ga_hid=156797749&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
5f223a0f142c29d39e22026d57a4a25283db9de1d5419a4068fa8102fb3eb18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11009
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rocket-loader.min.js
assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2AF9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6fc80bd00b654bbe-YUL
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 22:16:32 GMT
pubads_impl_2022041301.js
securepubads.g.doubleclick.net/gpt/ Frame 113E 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125956
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 08:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Apr 2023 01:00:38 GMT
rocket-loader.min.js
assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame AC2B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6fc80bd06bd84bbe-YUL
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 22:16:32 GMT
truncated
/ Frame 113E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bad13516b3682b5c29e2413ddfa5caf94cf5dcba68759972bf352317d9902309

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
rocket-loader.min.js
assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 8C57 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6fc80bd09c074bbe-YUL
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 22:16:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9889 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11630
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
574016c3a1297c02a9c81814f4a0cae4f99e612995fef293ff6389dd6273e8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28587
x-xss-protection
0
server
sffe
etag
"1188 / 723 of 1000 / last-modified: 1650021009"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Apr 2022 22:16:32 GMT
icon.svg
supertruco.com/ Frame 9889 		1 KB
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Fri, 15 Apr 2022 22:16:32 GMT
x-ac
2.yyz _atomic_dca
expires
Fri, 22 Apr 2022 22:16:32 GMT
analytics.js
www.google-analytics.com/ Frame 3350 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5556
date
Fri, 15 Apr 2022 20:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 22:43:56 GMT
analytics.js
www.google-analytics.com/ Frame 63FE 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212001089-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5556
date
Fri, 15 Apr 2022 20:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 22:43:56 GMT
sf_ext.min.js
assets.vlitag.com/plugins/safeframe/src/js/ Frame 2AF9 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
389736
cf-ray
6fc80bd0dc464bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-5aed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 29 Mar 2022 15:38:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 75B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunt1jk1ILruRxD37fr3Ra9CrjQyi59vN7EzYsuSQ1hICFfDvs6tEzbMtp03jKLnvInyYa1jbOUpEy6AsYjQ3Xyq-zQz78zwd6-kk3z6ugdfX6QRk7AuGd_1w0Rkz9FD57e6sUp0FjSzzh_q2wu_wPVfTzlhcz_yGIKSGoqJaLv5QMtVItvpFuA_bK0XIpRUklwHbs9ur0w2ct5JGGybU7ktPE2F-mEwxjWcQh-uooJajwxKS2ognxShiGjwadVMS5_YtYFymF48WrU4N6TJdGPfH_RbC1soYucr2f1abUA7PWK9q8bNWZoS9WHAri0MeOODXb2tEsaH5s&sig=Cg0ArKJSzOiMdetT0kseEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 15 Apr 2022 22:16:32 GMT
sf_ext.min.js
assets.vlitag.com/plugins/safeframe/src/js/ Frame AC2B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
389736
cf-ray
6fc80bd10c8e4bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-5aed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 29 Mar 2022 15:38:51 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0BA6 		728 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f98e801db152eb8b478fe8e954abb6764c5e6b1ac3d3740c1ecaa94090bcea4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6E55 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Apr 2022 22:16:32 GMT
integrator.js
adservice.google.ca/adsid/ Frame 113E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 113E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 113E 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3973692546035952&correlator=2446653712520936&eid=31067111&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&tfcd=0&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2104153220&sfv=1-0-38&ecs=20220415&fsapi=false&prev_scp=in2w_key9001%3D1%26in2w_key%3D462%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--2---%2C--2---%26in2w_key5%3Doptimization%26in2w_key6%3D--2h--h11qgz%26in2w_key7%3D1188%26in2w_key8%3D462%252C463%252C464%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D17&eri=4&sc=1&cookie=ID%3Daba4f620a0c08bc6%3AT%3D1650060991%3AS%3DALNI_MZvcqmLSR9-DjthuN_Xg3zAfjwLUw&cdm=shrinke.me&gpic=UID%3D0000048754d05dbd%3AT%3D1650060991%3ART%3D1650060991%3AS%3DALNI_Mbnm57TSAkNp56dVK0Izz9UnXX93g&abxe=1&dt=1650060992205&dlt=1650060991638&idt=542&biw=1600&bih=1200&isw=300&ish=250&adxs=650&adys=1360&ucis=6gaeqaqbj453&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fshrinke.me&loc=https%3A%2F%2Fshrinke.me%2F0GNZk&top=shrinke.me&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1062149969.1650060991&ga_sid=1650060992&ga_hid=172047142&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
139783d2aa01dec67f0eb6722276ad3f2aa6be989e2c608d2c030333c5723f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8114
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DEAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sat, 15 Apr 2023 22:16:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sf_ext.min.js
assets.vlitag.com/plugins/safeframe/src/js/ Frame 8C57 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
389736
cf-ray
6fc80bd16ce54bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-5aed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 29 Mar 2022 15:38:51 GMT
index.html
cdn.flashtalking.com/156331/3769725/ Frame FDC4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/156331/3769725/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/626/6268017/3769725/js/j-6268017-3769725.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b4df95e697a914a5cadcb45be0a57acf92b616b83826455bfc64b97878a9b488

Request headers

Referer
https://servedby.flashtalking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1195
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:32 GMT
ETag
W/"ba6041a229afeac0bed74717716e9c2d"
Expires
Fri, 15 Apr 2022 22:36:32 GMT
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-FT-Origin
us
X-Varnish
263334840
syncframe
gum.criteo.com/ Frame F8AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
server-processing-duration-in-ticks
2803
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Apr 2022 22:16:32 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5BDF 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Apr 2022 22:16:32 GMT
collect
www.google-analytics.com/j/ Frame 3350 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=355168274&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&dt=amx_shrinke.me_8509_0.01407556098618129_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.01407556098618129&cs=shrinke.me_8509&cm=amx&cc=Default&_u=QACAAUABAAAAAC~&jid=1518597555&gjid=791224513&cid=1062149969.1650060991&tid=UA-212001089-2&_gid=1870308712.1650060991&_r=1&gtm=2ou4d0&z=252575247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 3350 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=355168274&t=pageview&_s=2&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&dt=quantumdex_shrinke.me_8509_0.081795_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.081795&cs=shrinke.me_8509&cm=quantumdex&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1062149969.1650060991&tid=UA-212001089-2&_gid=1870308712.1650060991&gtm=2ou4d0&z=1129048579
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 12:39:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34601
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75B5 		0
0
container.html
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5439 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:31 GMT
expires
Sat, 15 Apr 2023 22:16:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ Frame 63FE 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=892562391&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&ul=en-us&de=UTF-8&dt=quantumdex_shrinke.me_8509_0.010484_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.010484&cs=shrinke.me_8509&cm=quantumdex&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=1062149969.1650060991&tid=UA-212001089-2&_gid=1870308712.1650060991&gtm=2ou4d0&z=553550718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 12:39:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34601
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ Frame 9889 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 06:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Apr 2023 06:44:25 GMT
c.js
assets.a-mo.net/js/ Frame 2AF9 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70b863d5e81ef9fb2f0c821a4c07077a142f192f9c21e820d2054d5dd3ac5e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
via
1.1 28b8fcaccf73021230d8e4a6c3d9e81e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
539
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Mon, 21 Mar 2022 20:20:32 GMT
server
cloudflare
etag
W/"7fd895edce6d991f4493b4d02ca72bb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
YTO50-C1
cf-ray
6fc80bd2984eecf6-YUL
x-amz-cf-id
mfzKdNUTXMyAeXTrAa6zJF2iMfagKDxMR43byI4TNCCR94LZfVeTZA==
expires
Fri, 15 Apr 2022 23:16:32 GMT
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 2AF9 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNtZZMqByA-wqTA-PrwM-MZAe-KrYrYyayPqwqRqxeNco_MZAaYaPPA_TRwNqdbRhNAGATPAKZZUAaMUTMTYaRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNYaPPARleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0dRfIWpIuUFzywE2LDDCNduxLJ0BKZkV5%2F5yyo3gLiGUl6aQq1izLYDOskMyju6JBDLoZSZEM94HzyJL9IwOl1y3lGERydjvlhSoA9TBjLPYyEca2GJCpIDiNGtwjeMqwBY4pZXNQLsGPu2S5UXfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd25e207145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bannerify.css
cdn.flashtalking.com/156331/3769725/ Frame FDC4 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/156331/3769725/bannerify.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
38f2bf8acd3f54857821465c16527f8b91dde5b53664eb0cc4fec5347e477739

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
6199
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"901af42322556dc6ab5e8396e2c459ae"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
263083085
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
text/css
Expires
Fri, 15 Apr 2022 22:36:32 GMT
909254.jpg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/909254.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e0034c68a36afacd7a8c6954e62654fd527a3b56c8baafcf36e79be725400884

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
9519
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"053c1299eb7c96736349f36f9c51f3a3"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
420744236
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/jpeg
Expires
Fri, 15 Apr 2022 22:36:32 GMT
909255.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		148 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/909255.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
bacfe93b6ae4e987b0a28b23dedf7724f72f283b5d9ac8f554f0854802d03a58

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
148
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"5eb09eedc4523b0a3f9786e13a8e3a44"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
206980412
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912289.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912289.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e55718ce29c2c658c3fe1e5d6660b9239e92501dd50607a6bed06ffce40cf355

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
13549
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"05847cc4169aed75a4d36a3af55f4158"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
139578835
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912290.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912290.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
869cbfb17183eeee3ab0288fe71fcad2edce039b1e927f797605bfc00dc9f6df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
15566
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b5f1b1661bbaa365d6c32f44c91aa18c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
179119095
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912291.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912291.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
078acf0eb1f0bd7721bbfb4d7d738cf781d7c7062a87b8617043bda59abe61e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
15115
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"fc85a0b079c4653191b9a52d3f0a49ee"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
212377630
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912292.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912292.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0942df3240229558c0b38833e12054a5f7d67678c32587e2442eb565d8216144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
12306
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b4328cf9c07571e039ef33193c818646"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
373225570 374842875
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912293.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912293.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
9cdc2149ead7ab7ab157554f351697ff48fc4894dfe107b10d883ffba37130eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
20666
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"732e2a1453ae71cc55bb77ea4a557e3d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
151059162
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912269.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912269.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
564d2222eeccbc1820ea8d052c223170ab6910016d2f83a1a1059a6cb3d8fcae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
5765
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"13f7739e90538d361ec391d1b88f5016"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
496065349
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912270.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912270.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
5e9fc483b5d1c2af629329618ed4dabe2738ba056dab01f879b4da41814b4253

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1545
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"79d32ec21edfaf496a7ec08ea1f55991"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
208030558
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912272.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		42 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912272.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7e21165340a76c4c585350c2fbd8b9919f988fd450577eabecdf6220d3694c7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
9582
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b3e7524a7f1ec19d9628afde2bd0f901"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
193996725
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912273.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912273.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
c5739c91ef36dcfeba5404513d2a8895e3d61cf6e89a889bcfeb9cb1fae231e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1743
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"512a396135ea0a807c9dcf8307829e48"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
744607506
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912275.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912275.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
9784e67bbb57893bd3f92b9bad6403be0de0b8cccfa003a8773844c51d344175

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1882
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"7e478e2ab5e77e648f75d8ca342d7738"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
179831032
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
bannerify.js
cdn.flashtalking.com/156331/3769725/ Frame FDC4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/156331/3769725/bannerify.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
865e87de4650b965bda7982e448b9c30a7f71734c9dadb5683937f0616ab996d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
597
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"c1fbd2288f90b19b561f74374e8a165f"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
178388430
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Fri, 15 Apr 2022 22:36:32 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame FDC4 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 15:35:29 GMT
Server
Flashtalking (AKA)
ETag
W/"db3a9e799b66fd834e149105a04e7840"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
501857423 294574981
Cache-Control
max-age=17932
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
31158
Expires
Sat, 16 Apr 2022 03:15:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EBED 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Fri, 15 Apr 2022 22:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7DAC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:32 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257260
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060992.412116,VS0,VE0
ad
googleads.g.doubleclick.net/dbm/ Frame AC2B 		74 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2MY6t7EHkn-nQ-VW1EFkn43wH3Va6rA0Fj6uBy8xQ8E-VFcbzrnq-Noa50bLea_0KJpANziA42GP6WeW6cpUO4dtRzkCNYo2l7jdNzvoeq-qZPCtZzC_mLttelaLhLSABlKjcUYrrVcmsxpwKxpvf-PEo1Q&cry=1&dbm_d=AKAmf-DYpPS0g-khDwpVThCMXTOad_Emz1kncaYBhLcFnazTHZMVmxEgVi4MENovnvDjFJcH5c4vp7dx_Ga6AHZ7MEaX7hzUtwo01g6JtoUaxRxW4Mstzz_DkHHdbz7qJj4knWExbhuR5WeQE28ON__KqkMpGd1gK8QFS8LkmIzEXEw-lxGMRESXij7rUADPsgSWUCSmWDQjvZoBKqFSy2bKuyfv3apiTtxY0GYOwgMNQKnDv1LLaLyYRqhB55SP2dwiU-RAJoRRDwtjzRBTnprjJHN3CtZRue4tq_9qEWKBlbFBJeYnNbAzf1HpMsvPTtcpKvxvytQ_8nxQgxRtQhi8IGK0_0IN-TVc4-Mazxo5MO7qjoo3psfMDbKw7vbH6GK8QxS3jd-u5cAZZYW0xHMIYuArFzIaSXNCJW76RfhqZiR4B3vYde87I2DKVe8x-2oMvE5-McrKkyVIPz83Xhxvxrz2-jiJiAm8NscXkFUy0llzib3XZeChUgzd8mn_LExHmqQTr3YojgLe5jAfEP9lgkLJTXVT6zimnodn1WmX4DDzgMrlgAgkUFwnWH7F4WTKytPEUsk2IrYNrECrBCW3MSGWVWtKVdkZFMWGGSVGl4KYCI4DPReq-yBZBnYHyEKOlDj-_Acf6gA1krzVuWAeZF_BmWryNLG25PB7GRL6vWUGSSi0Asq4lXejCHlEeM_-lG-Ld4ZhdNuR7OIgTIlPHA0kINMmXA7T4sfHAIGbwDCfsazykxR2xpkkYUV2V_Dr0SckCUjczbQhEo3l7qh0e4ONTFTQeIKlOQ3gA3ZuX7qv7XoOqKLSn5PXuh97XN92FH32d2vyZEQvFZg-XmhnTi38sbpaE6zC00ebwIk2ULfZUX2-ENyfydjsfJkhtJRvVckYU174DThFIHR_wfNNL4tUaJ1Q1REEYfCzHCkRMUky60wuDnBaE39VmWRTfnV8DhuiPK0rKj-I2c4RoT_9SJ2KrCZNex5axKibZ_eUOZ4Ykj27wPFnO5f-hkvbaQ4yoZhO71vGtUIjjIdwwORYX_E2hZ2bTyLWZY6YogUxiJJ7gSdZqN3eSIOTY1wiDNRM6g6CZQOVW93N1nfYANuzHfOx76gqNwM-gT5b3fFLO-israv64SAWjr0NAUqsz0BvtH-_8p6-_nh-8wI6lXjnjG86ulLiVm-r2nPlnN2sOsSUQLbcAehXyQx9gqaPEtFQJaffQm7kRsir8z5gaVgLgNAvPI4d_TykZ_pqKsLOlQcjWQWNA2GrOP1_gD0_5LUlubuEFcY0ILXD9ieVVyoO6zJNHQeuW7lK6BzNJSrYf8GNzqfr9_4hhPHLscEL_OZidbiYyYNPLOf5VpeYoSP0Fqp8HWI68ppM1hscmSGhSwvZavhyiX-qTRy5Ud43Jg2JNj2WQs1P2Pcon2YqdcIrxqhwWcDnSzKgygivejWE3fGPcjtrt0cybtXxV3uwGtC3M3fLd4thVkjHq-QFnmY4WXtB7tUOfvoaMY-cR4jA6Cb_lO4LCbvjj1W0-nrVyKovrzjM31uTjQ-i_WjzGeEGgstmqVb3owdTghPOChCycQ7RotfjAp0kEKbLP4ExOdTYqmSRYmiAgBr5rVYp3Xz6g3GJXmaHCexP6wFLw2DMSpejq6uuW1w-y_lqdXwXj5QsV0gbE28mzVRUuJRrYq0V9l2awpoSyvNeDXj1zLWcEtKvWWgKQLw6RHRskWRZSAm3rZy91hlno4xDjHdQpF6OK87j6sGRI8phBhMcDdN9z2UI3yW9l-cs7x3vjyz8TDO65-0ivuF4xtY86DcxhtwiOkbeSD6slxZitogoO0LmutmjQ4ZhJaPZFAPcp7JXaEl2bw_1GpDgVzdUh0RCWU_xyKeGUYL-yPmvVhMqGCHooSCEfI6eUeoryq_-MuZfkI2C8Lt22zLcIYqz6iZRJwraLiqU4m4UvzYp-2--ovavAwf_juwnrMD3sFXwvfgy6R6Qna39konu5Ub6LK1956PPmEoDWtHHSf2eDTTTtwpWVutEY2qVBM6ZlwM_Fj5SGNFp1i2Yoe8VjFolVm7GvU0eoi5lBNwaISr01-Qb3k-e4qCwaGaYo6WiA0Vze899LcHGDhej-E5BSz3rp8qXEKZgGCXN-fgDaECHr3tF_v8OMPQRPo9nel1tMlLorrtlg3FATIqxDJTgjuEglp52RcoQsukmy49lTtNU9DVU31JbYzo0-PqAPh42CoDQ9Oq4oJ9KT47LqUuYUu2t0KJLNASTxrA8UrWFaIr5sAWkNmOG3E4jlwgIKxdNgId7z6rFjwMgCOpS7CurH5zPQP7woK7LPSJOt5h4SAa1XUQQWC1DXaKfFc0NbYnEwSoulIKxUAguMVvPJztdeujyYdXG_W73960Zt1ulI8Wu5vNq_1DrEk3h_d4zAbLyV7n7LKPBX3v-ZumBYiI2VH7PtLrdYa0z0Kpm7HD3ky8tt5XRAoOaMJqwmWeiu-pu6g4eernieAehrIvMr3HUhpdiv2EZtlBwm0g8ZUqudqSbjsXV6iDVjOjKIyrhEVuNAJag9Xf6n3t21BrabyliOqYJMjKr3cW7xm8R2_M2SNMCcmgeKKP4iPDYxLTLbDa5GrhHdaewvIGsvRGTC_t2gN5bgCAEBDTBaPJKoRCrApC5ipcSC5Rh4sAJWLr1NRHnCzvF8sf8CaVPJugnVh-SUSQX8OV9y9MEtDeMYngSirsmhTOnjlMh2kXv4dKkoM9hom0OTCVbYa7oSOW8ENVtGi08YPZJamlARKoBAtDDcPiKzIYC7K0k6lgzeXd28Q0yAu_0Y8JNoAgAv-ub9AReiHKP6_P_GHMNxw4fzZMTW1KPU1hIhPMRSV3vHLmdwmU_zjpRFNRRr45-7YqhHhQy4KOiS1C6al_qrMJ-nz5GOGUECa4KF5wQobN0QEy018k_cIB6-4914iS1XP7XFqJSLUJBVGothmdVbpAHLy4GVDiD7enzbYcnxwWUzLBQ184UcWzo0OnddmGYDKNoWaBTrQZcLHwg5xd-cnlddzgdSv1xS2z36B3n0Nc4PzAjB9GYym2TIPBfj3_7YMFVz9TI3YD6ePWn85lMKCx9tqyZW_nG8cB5pxSpMsnPRHQLajYXpLRk5XY1bRKow55QXotakuIbt6KwRrR7ZfNqwdQpu6j0WBl-XUwppCva-52zNrqWc3daNw4hg2JqdHYGcA9mbSM5LgpssSWX2L7vEkJti6GR-RwDgT4malcLgraUF8HZDhAUgDz_wsQw9F-uczA3&cid=CAASBORoK7I&rfl=1%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
557a1b84866897f8ebc26d057855c727fe0ef814c60b6c64709990fb41d91152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC2B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C62qxDynbyp-IBCHiH9ZGur2Aw18Qoiz1oBeu9FjOLZ8IZUy6v_LEnXygj5DgrJTvUYnpe6jBvWdf8srRSgngRoZ-yVDkM6DrNGJDGQGl44yYgMK0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
it
nym1-ib.adnxs.com/ Frame AC2B 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKVC_BMlQUAAAMA1gAFAQi-3eeSBhCqyOSfpaL5-n0YpO6QrMH-ouMwKjYJ5e0IpwUvij8RCOwgZXp4hT8ZAAAA4HoU5j8hCOwgZXp4hT8p5e0JJAAxARvAUbiePzCr4YEKOINZQLwJSGVQ1OyLlgFY9-KIAWAAaOCqrQF4sM8FgAEBigEDVVNEkgUG8F6YAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACgeJW6gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlprgAMAiAMBkAMAmAMUoAMBqgO6BgqBBmh0dAUu9KIEYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3pUUmp2dTVaWXZxek91ZVlvUE1QcTQyRXNBZnFqODNBYVk2WXFZNjJEb1hkbzZmWkFoQUJJT2FYMWlWZ19laWlnZkFEb0FHUjlzQ1JBY2dCQ2FrQ2oxZmVKeFdkcWo2b0F3R3FCTmNCVDlEMVotX3ItdzVDOHphS1VfeTB6RGpieE40a1dwWUo3N1lvVGhyNzdoZGs3VmYzOGZLSmpSQnBzY1NnZ1cyM20wUkNDMlNJbHBqU2NuV0tfaFFSUURfY3V6Ul8tUHJVRmlxRVY5Xzc5cDEyTEZlNWxXRDFrckM1Q0Nha0ZPVXNzRzFYNFpDOGhZRFBRMXZwdU1NRG9qSWU4eWtyWkZzSDNZc3RTdkU0WUJwMWRndlN5UXhtdnVFMDZsZjkwcVk3aHJXVTk4X3dqUG52OC1tbGhnLWkyWXFfZ2x5Tm14SzZsb215NUpKbVpRSnBJWnQ5eEFlY3YwRlRTTkpvSmhkY2tFMHhiT1JTZ0dLRXBWTFZXN2tDUjMzbjdsWFpOcFhBQk1TRDdKRGZBLUFFQTRnRnE1SHRuVGVTQlFZSUhSQUVHQUdTQlFZSUhSQUJHQUdTQlFZSUhoQUJHQUdRQmdHZ0JqMkFCOWVKdi00Q3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIcEtPeEFxZ0gxY2ticUFlbXZodllCd0R5QndrUThXTVk0b0RmdFFIU0NBY0lnR0VRQVJnZjhnZ09ZbWxrWkdWeUxUVTFNVFF3TXpDQUNnVElDd0d3RV8tSjV3N0lFOURLeE40RDBCTUEyQk1LMkJRQjBCVUJnQmNCc2hjSUNnWUlBQklBR0FBJnNpZ2g9MXVLemJiS2FBSXcmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0JPUm9LN0kmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzkwNzY0MTI0OTA5MTYxMTE0MDIiCTMxNDc2NjkzMioJNzYxODcyNDkyOgkzODExNDEwOTDAA6wCyAMA2AOe17oB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQVMjYwNzo1MzAwOjYwOjc4Njc6OjE0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBNTsi5YB-gQSCQAAAIB82EVAEQAAAKDE8FPAiAUBmAUAoAWMgt2XsJ7W5S-qBSRmYTNjYWRiMi0xZDAxLTQ3MDQtOWRjMi03YmIyMDgxYjczNzXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX_4jX6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGz9wC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTQ4MjY1NTU1NjO6Bw8IABAAGAAgADAAOLQEQADIB7DPBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH-_wHiggCEAA.&s=19adc3ba283c62926977d7245077de6033b61632&pp=0.010484
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a369f7c-afd1-43dd-bb4e-77cac4eb6823
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
229ae9c9-e238-4c71-ac8b-9082175143da
quantumsyndication.com/pixel/ Frame AC2B 		43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quantumsyndication.com/pixel/229ae9c9-e238-4c71-ac8b-9082175143da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8e10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueTmQUyClAlUAxOZK4qVR0ngpdMvafrdEXxdBgU52bxMZurO3VTAGLK94%2F%2FaSsl0bqwZ%2FMUCgSTvMMY2O0SGbWJ2%2FBIq50k27ZyiSeYiDVCKRzznC50OoW%2FEyVLIX96TK5fvcjInYLzjEUP%2FKSWuS2524Lfy"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6fc80bd2dcb67138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cc.jpeg
px.vliplatform.com/imp-v4/ Frame AC2B 		0
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNqwqeAAqK-PaaK-PYra-qMTq-PPUYwPeKPtMaRqxeNco_MZAaaYUUU_wqfftkRwNjxqfzxdrtbRhNAGATAPMPRlmNBAAbYZARdzNwqfftkRrdzNRwkhNRmNaYUUURleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFzIbxn1aXouYbi9EteFIvPv0gCvu0kTLTHLbsByfJpy9MVWS7mrtIm6LHJN57UxNa4Gr7SiqSR08DHcF5n6Vwny3lxMBn3bi8YMv4FMbk%2BbDNjjzLb0c3F%2FIC5KBpx4z6DHS9GP%2Fjh8vjdmA7jpJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd29e877145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
syncframe
gum.criteo.com/ Frame 79AA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
server-processing-duration-in-ticks
6236
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 8F29 		30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d31905c9b5d16be2ea4fde8b9db9f47856d28929840cf23610b942f8970de29
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10529
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sun, 17 Apr 2022 22:16:32 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 3420 		30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d31905c9b5d16be2ea4fde8b9db9f47856d28929840cf23610b942f8970de29
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10529
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sun, 17 Apr 2022 22:16:32 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 79F5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:32 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257261
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060992.450837,VS0,VE0
nmedianet.js
contextual.media.net/ Frame 8C57 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUJEM1AO
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6600c716db5430eff37c4e26b9125cd8dcedc4b7b16e5fe5aee4b36802461ac3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
10-4
content-encoding
gzip
server
Apache
etag
"e346c52f7479b03e5fa01112fd15eaba"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 15 Apr 2022 22:16:32 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-18
expires
Fri, 15 Apr 2022 22:21:32 GMT
log
qsearch-a.akamaihd.net/ Frame 8C57 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=21000363&app_type=prod&bdr_typ=1&ogerpm=0.15&dn=shrinke.me&stid=21000363&other_prv=4&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=cedd1bded3704785b6dc72fda12057f0&req_id=2972122848349753970&bidfp=0.0780&pvag_id=&ugd=4&infl=0&o_ver=NT+10.0&br_ver=100.0.4896.75&exp=&ver=8.11.0&totalTimeBucket=30-40&visibility=0&second_bidder=*&totalTime=30857590&e_rpm=&dmm_m22=0.1500&gpid_format=&gdpr=&vsid=&seat=BID_API&size=970x90&f_seg=&prdp=0.1050&gpid_sent=false&ogerpm_used=false&cid=8CUQYHE04&bcrid=351144871&ogcbdp=0.1500&dfpbd=0.1050&server=2&ogerpm_wd_bkt=0-1&viewability=0.46&rawbid=0.15&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=QC&send_erpm=true&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-appnexus-57d7676996-jw2s5.SC&adblk=&ugd_ver=&requrl=shrinke.me%2F0GNZk&itype=appnexus_experiment&pvid_seat=4_BID_API&bidrestime=0&cc=CA&strg=HARMONY&ss=&cliIP=0&advurl=https%3A%2F%2Frelated.360topics.com&crid=482645036&time_stamp=2022-04-15+22%3A16%3A31&sat=1&rvshhon=&bdp=0.1500&br_id=265&ct=Montr%C3%83%C2%A9al&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=4&capd=0&algo=server_default&other_bids=0.15&dc=east_sc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-185.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 15 Apr 2022 22:16:32 GMT
it
nym1-ib.adnxs.com/ Frame 8C57 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKOBfBMjgIAAAMA1gAFAQi-3eeSBhDRuIP1jdHm6CYYkeuB6-nt_N8oKjYJ4XoUrkfhuj8RG_D5YYTwtD8ZAAAA4HoU5j8hG_D5YYTwtD8p4XoJJNgxuB6F61G4rj8wq-GBCjiDWUDqXEjgA1Cnl7inAVj34ogBYABo4KqtAXjiygWAAQGKAQNVU0SSBQbw_ZgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAoHiVuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDQhIYMjk3MjEyMjg0ODM0OTc1Mzk3MF9zYmlkGhMyNzk3MTg2NzU2MjE1MTAyNTQ1IgkzNTExNDQ4NzEqBk0xMTg4MsADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyNjA3OjUzMDA6NjA6Nzg2Nzo6MTSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEJSLwXvoEEgkAAACAfNhFQBEAAACgxPBTwIgFAZgFAKAF8qTW5by_xp8pqgUkYzc1ZmE4YzYtMzYyOS00NzFlLWFiMGItZTgxZDRmZWYzYWQywAUAyQUAAAAAAADwP9IFCQkABQw8AADYBQHgBQHwBcWUIfoFBAGYKJAGAJgGALgGAMEGCSQs8D_QBrDxAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSQgYACAB4TC0BEAAyAfiygXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAH-_wHiggCEAA.&s=2076d1b814060dfbe8a562a5c529623f1bc695d0&pp=0.081795
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
754f1af7-2059-4166-899e-3710fdcffc48
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
563d76ee-a07d-462c-b3c7-fe97885c090a
quantumsyndication.com/pixel/ Frame 8C57 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quantumsyndication.com/pixel/563d76ee-a07d-462c-b3c7-fe97885c090a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8e10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BYNnaAYCDTCdpbkyaxNdF6XuOz1f1QZMJgq0uwujwn%2F10W0TWpTWJ0ii6HCL4aibisM1JbGme4Rf7JVSzLBS%2FC%2FVv3lqBHfjoGI6L11urOEjtHqev1%2FWZXM5h1%2FvSbSql4ZqQG0dtamUQhXHU%2FhggqsMyIc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6fc80bd2ecc37138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 8C57 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNAyeMqaya-wrBM-PrYt-aUqY-ePYBwqTTrTZeRqxeNco_MZAaPPPTZ_KRwNjxqfzxdrtbRhNAGAMTKaZRlmNaKAbaARdzNwqfftkRrdzNRwkhNRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6jzsW7GtNT4X8pqoj4qyCrrD0Ua4ixXDDAGBX3J3TXk1CXATiLXihxNqSzI0jqwc9tCbpAeKyVYoMBc4ENs4k8oI%2FPYY76NrWfZvl0C8TJyaEIKwe0RqLrT1cEKyxt%2BoFzeIipWT2Qs%2F%2FKIrnqpbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd2ef057145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
sid
mug.criteo.com/ Frame F8AF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTG...
  • https://mug.criteo.com/sid?cpp=EoCrJ3xiSDNxT1JsbjJDTTYvR3Nhc1RhVFFhN1dvbkxub0VHdjRUc05TallzNkFjbjFHQ1MvRGExWHk3TCt3L3BTMFZpbDJIYWlHVm1aL1BlaHlnTFNxWVg1T21VbXZFVm92SWpSYU5Yb1B0akVUVE9jVUZkODlrTS8vUk...
425 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EoCrJ3xiSDNxT1JsbjJDTTYvR3Nhc1RhVFFhN1dvbkxub0VHdjRUc05TallzNkFjbjFHQ1MvRGExWHk3TCt3L3BTMFZpbDJIYWlHVm1aL1BlaHlnTFNxWVg1T21VbXZFVm92SWpSYU5Yb1B0akVUVE9jVUZkODlrTS8vUkFMMDlOOTdzb2lnN1ovZ3h0TnZjUW43Q29zVnRnU2ZwV1lJcUp5YUh4T2NZNngyVjJHYlFOOWxZSUQ4cFEzV0ZHRUV2Z1YyQXdzN3NzTy9qcnZNVHQ0NWNPenhqUnlZcDd0eUhRZDBsTlBYck1yVVJLc2hqWmlnK0hQVGR5Vk54emwyZ0h2eXlUdC84dWNkeGk2M1k2TVF3b09wb0tzQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
068335815f64176b3dbf8b58dab7c113ddd25ef25d4c99fc42642e6c7eb41319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3641
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=EoCrJ3xiSDNxT1JsbjJDTTYvR3Nhc1RhVFFhN1dvbkxub0VHdjRUc05TallzNkFjbjFHQ1MvRGExWHk3TCt3L3BTMFZpbDJIYWlHVm1aL1BlaHlnTFNxWVg1T21VbXZFVm92SWpSYU5Yb1B0akVUVE9jVUZkODlrTS8vUkFMMDlOOTdzb2lnN1ovZ3h0TnZjUW43Q29zVnRnU2ZwV1lJcUp5YUh4T2NZNngyVjJHYlFOOWxZSUQ4cFEzV0ZHRUV2Z1YyQXdzN3NzTy9qcnZNVHQ0NWNPenhqUnlZcDd0eUhRZDBsTlBYck1yVVJLc2hqWmlnK0hQVGR5Vk54emwyZ0h2eXlUdC84dWNkeGk2M1k2TVF3b09wb0tzQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2969
content-length
541
expires
0
syncframe
gum.criteo.com/ Frame 2404 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:31 GMT
server-processing-duration-in-ticks
4090
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9456 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame ACA9 		14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbNiuCutYPqO_IOZZ-LdMyxXjJwzUgRjU9lq7MR_yZWvb6rwF4G2CZvozpte6eLnxDCaxnytvBAaXCZ3-Ncwo4faEhokI7qkXE5iYubMo00E6Ik1fRQL8z2iD8-RoqLy-zPuHsRIgghEs5CFb57wFDUismWQ&dbm_d=AKAmf-Cv2yA6fkrHqaRgf2mNzBxYJt-hVtjzOnJTFTe1h8_DCDyhO70n3AGlWlMVyRw_OxQoMnG0hBglkzch4ZEUew7YoNrZSX9QoN7N6iAluO1Egpmt-zy8NsXuETNb48qRg_XxlIowO4wemSvPoyY6X7MFt1YE4vvyFngUWpo5AU5eoWnU2oizncAu1m-iWw7f5EADiy2FuZsjiXhVRHeG_eSLhHbLxtPXcagCJeFvxw3-Bq976hzlcDA4U0sA-6l1kyyWibKDm6NP6o07Fz9Zq2XQUQ2Svc_4WdHRX0TOXL2IMAwGXGF_Qf-dXAobWs_leCjtTFradv2iyLp-4wWHXlPKgVaamIAJLTQWMnmMH-OqWKiQErkfVUYgR3QBBa34kdlzy5Y2PhU9SjMFRr5sfY9okL6OYm8hyErmiLzGeWKQNllS61Tuq3O943DTnyGcs0ow6PqIE8CzgfNqVdtEMJwho1RaQhyEwGaHlifytrXWBaoxM4EvsWjG5gsQFi9E9anKnS36W1li8DPGR3OKNhqqtyvdYwTG4RUDDPEUFkZU-0fV3fqK501LZnyJBTEVlE4IBFNrneUWvatwWCrZufUor0F0HU76z54nHjjpkOKIOX2dvzEhpfZp3coHGDqYMKuuqoWtq2IDkGtp_hMeefGFPO7eWyVjrEgHROPlIxyo6solEnp0lHz6FNY6AoVeXUXcVHMrmzObC3tx1_FIsx6Bmjq1dXP_vt_HUKFN51PyHkLQxgi5km_Q5D6Q9hd9QQ4ywSBdE79e7UKgqdbJJKeThJnPNMzXlznosVmOuuHsy979tsdOf7up3Ya8fcrZeYn4DGiRlnxiE0NMd-5v79h03iFRHXj_i5hXLf467vMZxCUsMosfDifhfmDjYn2jN2-y3EiWxA8CFdS4J_btzmEvD3rRKlaLzA1GlLaDKCGREtzQ5m7JsUlv9D5mVAMsGIIC3eXvI0lG_zc4RXSRX5LZSzl2DUpIz9M_woYIpixoqzqYWxDyD9fSF2fVauNTqw1mFV3Fig4CkK7HKiQZ4yNR4b8LfwLGHQ8VJCK4HXijy3UM7NoXqxULP7C_pUd6LU8Z2297GxyNO_soAdkmnqWqeoxtMA63xMP0pQPt0Cz7Dmz8VoBPealEOnrh9AWsHyHtNcITolLfVlNYZCqvKSkQYoNTQ15jHymYUZq9fTRQw81Cyw-1B9cxlFR37Axo5Th6PDzihiLrr_U8dXaQ9vPfXtNYYf75e_eaA5Q9gGsl_SFPZ_LlNM1VHb4Wf2tvKxfYl8uUXQxkn_-c_btX8MwRQxzqZle8loWwSlUetcccv-PnWupKTUUKvqKMqfxUODj-cFu4ilkqe1xPwwofu98sBLVWT_OAVBRb6CC0fgNrZPBTeLibDl8__ub3DZPjNqtMx4_Fa6GuQx-GTTwrpBGW3qtG65L6agsz7oDVs6JDLqRsHc1C6rOL954MQPxUY0phBNCAc1w0KdKpVVEk26T5SfZTv4foj_5671nEVwAT04KBeEOtHTz8oOjIRxvgcHQ3o2lv7BOy3d0wrJZBHs-11tH3PzSoI1IH58dnEdAdSw_evstRlnaKnpLZTIPIiPjSSttTHtOYgpReVrSp38m7T-mczQxmkzHLILmAEJuIbp42AbCgJa6jpj94a7FimWsnuM6J_t1eWGf97-XyWQi2yYi9aX1oCQbPElOiLsNVcIRbzjtZkSoeGuO13fRZ9kgVIJREXku8NhIbwZ4SLEGY7w6sCMCNSEq1bJwXkSc3aWuQVw4yaQZHZm9fBeftFLnq3SB11H7GZOo17R1i5DqSs4lUm-cn5HUc7nIMjuEth1s9zfG2KItt2tP3xuaa3wkXw7oGPN7qVQ5xcA1fy14cdDWmS29Q7IaUVCJa0v_WJToD8NKqBK3eUDLF8ZtUXzvcO9tSxyp-TYLWBHr1DrvQ9lV_TiV7imVa3JNCirN6MdAIo2V3BHLPYr46mI-DaBK5NUtADmqbqIckwQUiOQ0-YVsdvecFSjp20-Fc5fqTVgNRA-ZppEQqCBPPXYK-_4GLiyrF4fRjO6Mg2PNqHh7G84h7Xm2Fa72rVs52YkLJwtIyZgzdFQ1sYEmcKGlp763RHz85lpwCIPdF3qxo0nmVq_BOPYEVRW2dXrtN43htKCODF9T9-ux30h7EBrBEk8SebVXovm8BSlASjbhri771DE3sqAS9od5K1tgIC5RcVb9LE7c2HFuEpffDHdnWS8DahZZn8MC_Ne8oMJmH288z-4A-YWu5EpagDfaYCkDTshCKxArxgHqgu4L8nhrukTb5oQ7lIu1izdglnt37mBK_VYU2WPOdCxVxYi-d6YjIwdQ-Clmk3Uu9vA4M0kYXp4Z_SiyQuR-a6fqA_TxCe2Uwsu-nhlkIULjiohGF-TbX9ncxDszl2oBILSAiJA0YDUHVnCTzTIOHBM_g8Z694vOcxtQH4H7FXIXkuWnzW-xTzotG8rRBcDUHPFcYsEgiXaM5sCW6nIR55Xa2FnAfVsbXIQ_9DFPjBiapnNaTbH1mQUeeZDuB19wZ8FNnsMGkNdE57QoqahjxtFbcreFiMHFKIjONsA&cid=CAASJeRo05EU5Ln1ME7VEXgo3Q9a4NQRtoaIzY9csVtCZNmBYsWZqyo&rfl=2%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
406c49b17460cca9a44e091dd579f2100e2b4d0a9f469a3b6dd3c223cf043aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10566
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame ACA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=971108&cmp=26835944&plc=320967054&sid=6522286&aufilter1=1024534&prr=1&ppid=103&autt=1&auevent=ABAjH0iVHv9chAXWczJjqnGNGitz&c1=1024534&auorder=25295742&aucmp=15412340841&aucrtv=393340935&auxch=1&pltfrm=1&ausite=946981363646&turl=https://shrinke.me/0GNZk&aubndl=&dvregion=0&unit=300x250
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Apr 2022 08:39:57 GMT
Server
Microsoft-IIS/10.0
ETag
"978bff5b4ad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
dvtp_src.js
cdn.doubleverify.com/ Frame ACA9 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
af35e2cd67ed585f7d12b4b001e933defc926a1d7437b9b2ed7d7a3bddea93c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Apr 2022 11:03:01 GMT
Server
Microsoft-IIS/10.0
ETag
"8060db34ef4fd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame ACA9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:04:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame ACA9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:10:43 GMT
l
www.google.com/ads/measurement/ Frame ACA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0s_C_0k7QbGMa8S3ClNxuqcfC0AFffksotShtjW7ajaFhGxP5ZqqDMwD4nQwMIEIPM5_SxRdoOe6d2uyjYRps91WaLA
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACA9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQ3zSnvzhXA95OrTbA0oRTJZjiOps-8jdHUrHbFAzjXBR35xVkV8xxF03U_GUbF_NmcdsUhKynYEevDBnMY0hj7DECt602SYXp5IBK7HLHr6I1Khs
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A3A0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S5B-pg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F229 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sat, 15 Apr 2023 22:16:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame 9889 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9889 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9889 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1591588300020253&correlator=3064195420187622&eid=31067133%2C31061829&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display320x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=3180898069&sfv=1-0-38&ecs=20220415&fsapi=false&sc=1&cookie=ID%3Daba4f620a0c08bc6%3AT%3D1650060991%3AS%3DALNI_MZvcqmLSR9-DjthuN_Xg3zAfjwLUw&cdm=shrinke.me&gpic=UID%3D0000048754d05dbd%3AT%3D1650060991%3ART%3D1650060991%3AS%3DALNI_Mbnm57TSAkNp56dVK0Izz9UnXX93g&abxe=1&dt=1650060992612&lmt=1650060992&dlt=1650060991702&idt=889&biw=1600&bih=1200&isw=320&ish=100&adxs=640&adys=906&ucis=x7tahp21b3of&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fshrinke.me%2F0GNZk&top=https%3A%2F%2Fshrinke.me%2F0GNZk&frm=23&vis=1&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&fws=256&ohw=0&ea=0&ga_vid=1870308712.1650060991&ga_sid=1650060993&ga_hid=2063040662&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
a69ec1986f8dd30d2b8574a20aa273f01a17c6616cbd10d71145380f776caab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8019
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7153 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sat, 15 Apr 2023 22:16:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 7DAC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f687057-d3c4-4a49-bd56-442a79aabddc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
himp
1x1.a-mo.net/hbx/ Frame 2AF9 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CqUCqAHYBeADnnTIAQDoAgHgBQFaCHBiYTEuMy4x8gUOMzNCNUtaRFVDNk9HTEPYBQFqCnNocmlua2UubWVCDnZpXzg1MDkyOTQ0MF8x6gUHZGVza3RvcKABWjHgyNDlzQOQPzoFbW9uZXSiAxpkbUZzZFdWcGJYQnlaWE56YVc5dUxtTnZiUSIKbWFxb3Mwbm1pccAB4sYKUg5hYXMtZmU4Yzg4NDUtYdIFCTEwNTE5OTM2MegBAHgBmAKcAagDKuoDDzM2YTZmYTQzZTA1N2VkNooBCGUyZWRlZDYwSgpzaHJpbmtlLm1lqQIAAAAAAAAAAIgDvt3nkgbyAQ83OTQ1ODE4NTY5OTI0MjP6AQY2LjE0LjCqBANEQ0iyAgliZXR3YXkubXg&C=nfe&M=11&c1=nfe&cn3=0&sw=970&sh=0&c4=native_dom&lng=en-US&cv=c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.2.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-2-87.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 2AF9 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CusCygMENzMyMNoCCDIwODk2ODg20AECqAHYBZIBATC6AgkzMDEyNzc1NzHgA550yAEA6AIB4AUBWghwYmExLjMuMfIFDjMzQjVLWkRVQzZPR0xD2AUBagpzaHJpbmtlLm1lQg52aV84NTA5Mjk0NDBfMcoFBTUxMDcx6gUHZGVza3RvcKABWsICBDczMjAxdjdPdcjNoD86CGFwcG5leHVzogMaZG1Gc2RXVnBiWEJ5WlhOemFXOXVMbU52YlEiC19tYXFvczBubWlxwAHkxgpSDmFhcy1mZThjODg0NS1h0gUJMTA1MTk5MzYxwgUBMugBAHgBmALIAqgDKpEC4MjQ5c0DkD_qAw8zNmE2ZmE0M2UwNTdlZDaKAQhlMmVkZWQ2MEoKc2hyaW5rZS5tZakCAAAAAAAAAACIA77d55IG8gEPNzk0NTgxODU2OTkyNDIz-gEGNi4xNC4wqgQDRENIsgIJYmV0d2F5Lm14&C=nfe&M=11&c1=nfe&cn3=0&sw=970&sh=0&c4=native_dom&lng=en-US&cv=c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.2.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-2-87.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ab
nym1-ib.adnxs.com/ Frame 2AF9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QLYDfBM2AYAAAMA1gAFAQi_3eeSBhDSksjc2Mjfo28Yns-qzfy0_rE3KjYJRBK9jGK5pT8R2wdJNLvNoD8ZAAAAYLgeA0Ah2wdJNLvNoD8pRBIJJNgxAAAA4FG4vj8w9rj7CTiCYECYOUgCUIPD1I8BWLGTkAFgAGj1ha4BeO2oBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCAxNDM1NDg2LCAxNjUwMDYwOTkxKTt1ZignaScsIDU1MzY4ODksIDE2Nh0AAGcBOhg2MDY3ODI4RjsAMHMnLCAyNjc0NDM5MDFGHwAscicsIDMwMTI3NzU3Oh8A8IuSAsUEIWxHdWxZZ2pCdTU0WUVJUEQxSThCR0FBZ3NaT1FBVEFDT0FCQUFFaVlPVkQydVBzSldBQmdqZ1JvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWVZZ1F1cmR1YVVfd1FIbUlFTHEzYm1sUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSDUtTkVDOVFHQ0l3RV9tQUlBb0FJQnRRSQUkAHYNCPBxd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJR3l2aHNRQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTlRuZ0E0c3VnQVRqeUk0SWlBVDZ5STRJa0FRQm1BUUJ1Z1FhQ08wSUVRBX8UQUFOQV9HBUgJASBJTV8waXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfSEFBQ0lCZXNpbUFXOXZjTl9xUVUNGxREd1A3RUYBDSBRSEFrNERfQkIBRxxFQndKT0FfeS4oAAA5CSgJAQREWgUoAQElQKhXVElmQUY5Tm5VQl9nRjNzNVhnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWXpNBQIwUG5QNmdHQkxJR0pBawFGCQEAQh2zBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhd2hQYWRROkkCNExHVGtBRWdBQ2dBTVRNBW8YTS1jX09nbD2BGGxBaXk1SkENAQw4RDlSDQsQQUFBQloBBgkBBEJoCQgUQUEwRDlwEQwMQUFCeB0MDDRBSWs1jNg4RDgu2AIA4ALY1VvqAhhodHRwczovL3Nocmlua2UubWUvMEdOWmvyAhEKBkFEVl9JRBIHMTQzYaQc8gISCgZDUEcBFAQIMW1-ARUIBUNQARQACXV0PPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQgHNTWFEADyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwgYADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTllNMjo0NDU52gQCCAHgBADwBIOhgTD6BBIJAAAAoCHBRkARAQkwnmVSwIgFAZgFAKAF_xEBZAGqBRBFNjVJT1k3TFk0TFdOVk1BwAUAyQUABQEQ8D_SBQkBRwUBcNgFAeAFAfAF_44D-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAQHETOAGAfIGAggAgAcBiAcAoAcBugcPAUgAGAneLLQEQADIB-2oBdIHDRV2ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=d5b34be9ced2b9fad1102ddeba367f842046655b&pp=0.03282
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7c78091e70e8c290ce7283b169b6858a218392c6ee45fbc021e09114eb0984c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
X-Creative-ID
301277571
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7409365c-39ca-418f-8f47-eb2ed82c02fc
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EBED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:32 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 15 Apr 2022 22:16:32 GMT
rum
dsum-sec.casalemedia.com/ Frame EBED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlnuwDbW63m27dBuFkHZqwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgyjy-IsjQ1HTjhAkYhOV8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EBED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGSF9zmvIyMYFsvVunLn-Gw&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSF9zmvIyMYFsvVunLn-Gw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Protocol
HTTP/1.1
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
465bea2a-1e41-4937-8e34-b57c05bb4cef
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSF9zmvIyMYFsvVunLn-Gw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3NDQwMDcxMjA5NTQ5ODk2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3NDQwMDcxMjA5NTQ5ODk2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyApesCEJv1z-8CGOKA37UBMAE&v=APEucNX7_3Qrr7AwmKNqeWLUWTUKmdJg7_XzfZ12H-vkY40Ii8N5JJgMeKkP-EMUsz1foCQFckts0zcDGVJpmzAgtRTnbF-1jA
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b94d0967-f436-4f15-941e-b5ae5ac1c399
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3NDQwMDcxMjA5NTQ5ODk2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 79F5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ca535173-23fe-418c-b727-5743a54ccab8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 79AA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTG...
  • https://mug.criteo.com/sid?cpp=paFymnxFRVFYbXlvOWNPeStVNEkrUVIxMTcwUEc5TTZlSWlSSkpRak5NTUIxWFdyR2N1K2xER0JQYWdBOTAyTVB2UHAzOVdQeXFDNmVXb1FzRFBrUVZLcm1EQzdZTS9yTjVvL0szM0drR2lZVjNPd0FEK1B4dVR5RkhHQm...
422 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=paFymnxFRVFYbXlvOWNPeStVNEkrUVIxMTcwUEc5TTZlSWlSSkpRak5NTUIxWFdyR2N1K2xER0JQYWdBOTAyTVB2UHAzOVdQeXFDNmVXb1FzRFBrUVZLcm1EQzdZTS9yTjVvL0szM0drR2lZVjNPd0FEK1B4dVR5RkhHQmxtdW45THhoS1JuaXJJaVFYT3FTUDdWamdrc3RyajliWXNpT1JQeGFMYTNLUzVrY3hOc2paWk11bUNpOHUxeFF6RGJoUUEyNlBTR3JlV0pZS3lIcFZoaFFnZ0ZqNStudHN5TVZVYWxCM083bThJampRL3lSQnpJU3ZQNjVBeFZ2cnZzTkdZYUpHaXEybk9POEd2cnhVTGgyTzRMeFJ2Zz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
c13d7a15a72cbd1dd8202afde3b5d7789e58273e9dd8c204a7e717b1f625649e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4352
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=paFymnxFRVFYbXlvOWNPeStVNEkrUVIxMTcwUEc5TTZlSWlSSkpRak5NTUIxWFdyR2N1K2xER0JQYWdBOTAyTVB2UHAzOVdQeXFDNmVXb1FzRFBrUVZLcm1EQzdZTS9yTjVvL0szM0drR2lZVjNPd0FEK1B4dVR5RkhHQmxtdW45THhoS1JuaXJJaVFYT3FTUDdWamdrc3RyajliWXNpT1JQeGFMYTNLUzVrY3hOc2paWk11bUNpOHUxeFF6RGJoUUEyNlBTR3JlV0pZS3lIcFZoaFFnZ0ZqNStudHN5TVZVYWxCM083bThJampRL3lSQnpJU3ZQNjVBeFZ2cnZzTkdZYUpHaXEybk9POEd2cnhVTGgyTzRMeFJ2Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2027
content-length
541
expires
0
async_usersync
ib.adnxs.com/ Frame 294D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7080&pub_id=854351&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7080&pub_id=854351
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
575072e3-60ca-4c47-b51f-4ef03cd54949
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 2404
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTG...
  • https://mug.criteo.com/sid?cpp=2y9sznxoN2c2cnFvK1VQYlhSK2IyQUlwcGJtNlg2VTFtaTNiT2pycVgzWEFoY1lneGNhVTkzSktqekEvTi9IdVJBWHdOT2tTc0NOU0ZkVStFY3NpTFdQZ1R3b0J5ZnhNODBpVEJtS0NGUDF2cW56OTV4ZHYrM054Q2ViV0...
444 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2y9sznxoN2c2cnFvK1VQYlhSK2IyQUlwcGJtNlg2VTFtaTNiT2pycVgzWEFoY1lneGNhVTkzSktqekEvTi9IdVJBWHdOT2tTc0NOU0ZkVStFY3NpTFdQZ1R3b0J5ZnhNODBpVEJtS0NGUDF2cW56OTV4ZHYrM054Q2ViV05CNWtTVnViTTJLSnJtSCtlU0wyMGVuUllsTUdKSlEwSC9ua0l3QXpZRXZRVFpnUzRMNkpvQ3drQjJDcGx1OVJHR2hULzhUNFBuWUJXMTVDd25MU0p2Q2xlVVNPd2o4QTdXVXFGdXdCYVZlNGw0UUZwa3RwLzEwdElka3dHMFZCbStIbjMyWURZUnJrcjNIUDJSTCt4QThuWlBhUWdCZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
4378976cfe4f31e037f063fd8271f2962ac834ef8f339782a42487e1329cb03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4369
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=2y9sznxoN2c2cnFvK1VQYlhSK2IyQUlwcGJtNlg2VTFtaTNiT2pycVgzWEFoY1lneGNhVTkzSktqekEvTi9IdVJBWHdOT2tTc0NOU0ZkVStFY3NpTFdQZ1R3b0J5ZnhNODBpVEJtS0NGUDF2cW56OTV4ZHYrM054Q2ViV05CNWtTVnViTTJLSnJtSCtlU0wyMGVuUllsTUdKSlEwSC9ua0l3QXpZRXZRVFpnUzRMNkpvQ3drQjJDcGx1OVJHR2hULzhUNFBuWUJXMTVDd25MU0p2Q2xlVVNPd2o4QTdXVXFGdXdCYVZlNGw0UUZwa3RwLzEwdElka3dHMFZCbStIbjMyWURZUnJrcjNIUDJSTCt4QThuWlBhUWdCZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2777
content-length
541
expires
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame AC2B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.vlitag.com/
Origin
https://assets.vlitag.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 05:56:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame AC2B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame AC2B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:22 GMT
sd
us-u.openx.net/w/1.0/ Frame 9456
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9456
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjcwYTJjNjctMjZiNy0yMjUwLWUxZTctZDE4YTNkODA1OGY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjcwYTJjNjctMjZiNy0yMjUwLWUxZTctZDE4YTNkODA1OGY3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjcwYTJjNjctMjZiNy0yMjUwLWUxZTctZDE4YTNkODA1OGY3
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 9456
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEC-iif4S0XSehD-JgINZMts&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEC-iif4S0XSehD-JgINZMts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Protocol
H2
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 15 Apr 2022 22:16:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEC-iif4S0XSehD-JgINZMts&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9456
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5ZTlmNDktMmViNy00NzJkLWFlNzgtNzc5YTE3NDZiZmU5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5ZTlmNDktMmViNy00NzJkLWFlNzgtNzc5YTE3NDZiZmU5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhDG_rKdAhiH0Me7ATAB&v=APEucNW2ckjMn1oixun6PY6YGOly2KCB82gjB3Bv78CwGyrOjEHmt5vKCAyXDsy9T3A-JB353Y1Du7yEYIfQ5W1VA08q5O6u9g
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5ZTlmNDktMmViNy00NzJkLWFlNzgtNzc5YTE3NDZiZmU5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 15 Apr 2022 22:16:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ACA9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbNiuCutYPqO_IOZZ-LdMyxXjJwzUgRjU9lq7MR_yZWvb6rwF4G2CZvozpte6eLnxDCaxnytvBAaXCZ3-Ncwo4faEhokI7qkXE5iYubMo00E6Ik1fRQL8z2iD8-RoqLy-zPuHsRIgghEs5CFb57wFDUismWQ&dbm_d=AKAmf-Cv2yA6fkrHqaRgf2mNzBxYJt-hVtjzOnJTFTe1h8_DCDyhO70n3AGlWlMVyRw_OxQoMnG0hBglkzch4ZEUew7YoNrZSX9QoN7N6iAluO1Egpmt-zy8NsXuETNb48qRg_XxlIowO4wemSvPoyY6X7MFt1YE4vvyFngUWpo5AU5eoWnU2oizncAu1m-iWw7f5EADiy2FuZsjiXhVRHeG_eSLhHbLxtPXcagCJeFvxw3-Bq976hzlcDA4U0sA-6l1kyyWibKDm6NP6o07Fz9Zq2XQUQ2Svc_4WdHRX0TOXL2IMAwGXGF_Qf-dXAobWs_leCjtTFradv2iyLp-4wWHXlPKgVaamIAJLTQWMnmMH-OqWKiQErkfVUYgR3QBBa34kdlzy5Y2PhU9SjMFRr5sfY9okL6OYm8hyErmiLzGeWKQNllS61Tuq3O943DTnyGcs0ow6PqIE8CzgfNqVdtEMJwho1RaQhyEwGaHlifytrXWBaoxM4EvsWjG5gsQFi9E9anKnS36W1li8DPGR3OKNhqqtyvdYwTG4RUDDPEUFkZU-0fV3fqK501LZnyJBTEVlE4IBFNrneUWvatwWCrZufUor0F0HU76z54nHjjpkOKIOX2dvzEhpfZp3coHGDqYMKuuqoWtq2IDkGtp_hMeefGFPO7eWyVjrEgHROPlIxyo6solEnp0lHz6FNY6AoVeXUXcVHMrmzObC3tx1_FIsx6Bmjq1dXP_vt_HUKFN51PyHkLQxgi5km_Q5D6Q9hd9QQ4ywSBdE79e7UKgqdbJJKeThJnPNMzXlznosVmOuuHsy979tsdOf7up3Ya8fcrZeYn4DGiRlnxiE0NMd-5v79h03iFRHXj_i5hXLf467vMZxCUsMosfDifhfmDjYn2jN2-y3EiWxA8CFdS4J_btzmEvD3rRKlaLzA1GlLaDKCGREtzQ5m7JsUlv9D5mVAMsGIIC3eXvI0lG_zc4RXSRX5LZSzl2DUpIz9M_woYIpixoqzqYWxDyD9fSF2fVauNTqw1mFV3Fig4CkK7HKiQZ4yNR4b8LfwLGHQ8VJCK4HXijy3UM7NoXqxULP7C_pUd6LU8Z2297GxyNO_soAdkmnqWqeoxtMA63xMP0pQPt0Cz7Dmz8VoBPealEOnrh9AWsHyHtNcITolLfVlNYZCqvKSkQYoNTQ15jHymYUZq9fTRQw81Cyw-1B9cxlFR37Axo5Th6PDzihiLrr_U8dXaQ9vPfXtNYYf75e_eaA5Q9gGsl_SFPZ_LlNM1VHb4Wf2tvKxfYl8uUXQxkn_-c_btX8MwRQxzqZle8loWwSlUetcccv-PnWupKTUUKvqKMqfxUODj-cFu4ilkqe1xPwwofu98sBLVWT_OAVBRb6CC0fgNrZPBTeLibDl8__ub3DZPjNqtMx4_Fa6GuQx-GTTwrpBGW3qtG65L6agsz7oDVs6JDLqRsHc1C6rOL954MQPxUY0phBNCAc1w0KdKpVVEk26T5SfZTv4foj_5671nEVwAT04KBeEOtHTz8oOjIRxvgcHQ3o2lv7BOy3d0wrJZBHs-11tH3PzSoI1IH58dnEdAdSw_evstRlnaKnpLZTIPIiPjSSttTHtOYgpReVrSp38m7T-mczQxmkzHLILmAEJuIbp42AbCgJa6jpj94a7FimWsnuM6J_t1eWGf97-XyWQi2yYi9aX1oCQbPElOiLsNVcIRbzjtZkSoeGuO13fRZ9kgVIJREXku8NhIbwZ4SLEGY7w6sCMCNSEq1bJwXkSc3aWuQVw4yaQZHZm9fBeftFLnq3SB11H7GZOo17R1i5DqSs4lUm-cn5HUc7nIMjuEth1s9zfG2KItt2tP3xuaa3wkXw7oGPN7qVQ5xcA1fy14cdDWmS29Q7IaUVCJa0v_WJToD8NKqBK3eUDLF8ZtUXzvcO9tSxyp-TYLWBHr1DrvQ9lV_TiV7imVa3JNCirN6MdAIo2V3BHLPYr46mI-DaBK5NUtADmqbqIckwQUiOQ0-YVsdvecFSjp20-Fc5fqTVgNRA-ZppEQqCBPPXYK-_4GLiyrF4fRjO6Mg2PNqHh7G84h7Xm2Fa72rVs52YkLJwtIyZgzdFQ1sYEmcKGlp763RHz85lpwCIPdF3qxo0nmVq_BOPYEVRW2dXrtN43htKCODF9T9-ux30h7EBrBEk8SebVXovm8BSlASjbhri771DE3sqAS9od5K1tgIC5RcVb9LE7c2HFuEpffDHdnWS8DahZZn8MC_Ne8oMJmH288z-4A-YWu5EpagDfaYCkDTshCKxArxgHqgu4L8nhrukTb5oQ7lIu1izdglnt37mBK_VYU2WPOdCxVxYi-d6YjIwdQ-Clmk3Uu9vA4M0kYXp4Z_SiyQuR-a6fqA_TxCe2Uwsu-nhlkIULjiohGF-TbX9ncxDszl2oBILSAiJA0YDUHVnCTzTIOHBM_g8Z694vOcxtQH4H7FXIXkuWnzW-xTzotG8rRBcDUHPFcYsEgiXaM5sCW6nIR55Xa2FnAfVsbXIQ_9DFPjBiapnNaTbH1mQUeeZDuB19wZ8FNnsMGkNdE57QoqahjxtFbcreFiMHFKIjONsA&cid=CAASJeRo05EU5Ln1ME7VEXgo3Q9a4NQRtoaIzY9csVtCZNmBYsWZqyo&rfl=2%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 05:56:24 GMT
dvbs_src_internal102.js
cdn.doubleverify.com/ Frame ACA9 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=971108&cmp=26835944&plc=320967054&sid=6522286&aufilter1=1024534&prr=1&ppid=103&autt=1&auevent=ABAjH0iVHv9chAXWczJjqnGNGitz&c1=1024534&auorder=25295742&aucmp=15412340841&aucrtv=393340935&auxch=1&pltfrm=1&ausite=946981363646&turl=https://shrinke.me/0GNZk&aubndl=&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Mar 2022 09:23:34 GMT
Server
Microsoft-IIS/10.0
ETag
"06fa3a94e43d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18094
manifest.js
cdn.flashtalking.com/156331/3769725/ Frame FDC4 		151 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/156331/3769725/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f0774d3588c5daef43fef7c92938a924545cd09205b5e294deb38e7dbd4c3d37

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
151
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"d7c2ae94e6cc4e5594b74921eda2507d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
151399872
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Fri, 15 Apr 2022 22:36:32 GMT
sync
gum.criteo.com/ Frame 3420 		88 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
ea32ea155bcf98383b2ec26207f42c3de1de30be3345f7dbdaf02847c5935f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3712
strict-transport-security
max-age=31536000; preload;
content-length
209
expires
60
cksync.php
contextual.media.net/ Frame 3420
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Dmma%26refUrl%3D%26vid%3D00609928062930625921455...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928062930625921455251000V10&ovsid=73036259-eec2-4000-9932-c64a5e235247
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928062930625921455251000V10&ovsid=73036259-eec2-4000-9932-c64a5e235247
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
MT3 4335 2c68c00 master hkg-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928062930625921455251000V10&ovsid=73036259-eec2-4000-9932-c64a5e235247
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Apr 2022 22:16:32 GMT
cksync
cs.media.net/ Frame 3420
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjkzMDYyNTkyMTQ1NTI1MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
45 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3420
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D0060992806293062592145...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D0060992806293062...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928062930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928062930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928062930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3420
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1988004
content-length
0
expires
Fri, 15 Apr 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3420
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 3420 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 3420
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2930625921455251000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:32 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
date
Fri, 15 Apr 2022 22:16:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 3420
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
gum.criteo.com/ Frame 8F29 		88 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
16a175368bb28caafb3b81a9c8432a2722a65e6101cc1c3a00e8277c1a5f1cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3927
strict-transport-security
max-age=31536000; preload;
content-length
208
expires
60
cksync
cs.media.net/ Frame 8F29
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MjkzMDYyNTkyMTQ1NTI1MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
45 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESECG86XVj8yahAoCZIgRnzjQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8F29
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f1881972-904d-44c3-b02a-8f14e8f1182b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2032289
content-length
0
expires
Fri, 15 Apr 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8F29
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 15 Apr 2022 22:16:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
dmp.adblade.com/srv/sync/gateway/ Frame 8F29 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 8F29
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2930625921455251000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:32 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=4b35a3d9-d4dc-4aa0-b126-382b8c18160e&cs=1
date
Fri, 15 Apr 2022 22:16:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 8F29
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
HTTP/1.1
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync.php
contextual.media.net/ Frame 8F29
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Dmma%26refUrl%3D%26vid%3D00609928192930625921455...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928192930625921455251000V10&ovsid=9c026259-eec1-4b00-89ef-7a0ac699afcd
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928192930625921455251000V10&ovsid=9c026259-eec1-4b00-89ef-7a0ac699afcd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
MT3 4335 2c68c00 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=mma&refUrl=&vid=00609928192930625921455251000V10&ovsid=9c026259-eec1-4b00-89ef-7a0ac699afcd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Apr 2022 22:16:32 GMT
cksync.php
contextual.media.net/ Frame 8F29
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D0060992819293062592145...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D10%26vsid%3D2930625921455251000V10%26type%3Ddxu%26refUrl%3D%26vid%3D0060992819293062...
  • https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928192930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928192930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:33 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=10&vsid=2930625921455251000V10&type=dxu&refUrl=&vid=00609928192930625921455251000V10&ovsid=lQCL2ZUG1NFueZ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE92 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkN-DAhivmJeRATAB&v=APEucNVimBtBKqj_aHYqvSbB4GvfVqQ34p8rJSqBmTwBAkdT-6LyPRQ47ST4c-yqCCu3k6RkF59Dcwpghv-OQX7trbusE0ynwA
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F229 		63 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2f01b509b8cf141d0ed1965597e282937cf62f2d84d420f9619ba359c0da372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31663
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F229 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B6moi-ICWFxKPRKJvlSCOJrV7hEuMb_YiALTmAdB-OL-96YLQk7VHLH27j1GcDLgnT_LU85WqiQcs-r57Nw_hDJ6PhIaRDp8EWKcjTpZ1kr4MwOEc
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F229 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:04:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F229 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:10:43 GMT
l
www.google.com/ads/measurement/ Frame F229 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTppx5BSNYEVk-yTNMClNLRQU8jmXnv65uD-bIH46aWFm2Oxb1Ms6frPZRyZ9P-sjnos0wLZDpOmGgCycFD0QoPoHL-6w
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F229 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:32 GMT
smtr
contextual.media.net/ Frame 8C57 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUJEM1AO&cpcd=DuJl579aiL4RndvsLJI4xA%3D%3D&crid=173588971&size=970x90&cc=CA&chnm=HARMONY&pid=8PO3BF8JJ&tpid=TJUNCZ9&https=1&vif=2&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&nse=5&vi=1650060992674449439&lw=1&ugd=4&adt1=8CUQYHE04&adt2=482645036&bcpf=B4z8fOnRrolnfOur8ee4BzaB&bdrId=4&ntv=0&matchstring=hr%3D0%7C&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808076879&kapc=21&ekals=775EJvu99ui%7C%7CENvfu%7C%7Ck17vf%7C%7C7Gk7vu&kata=aton&ekalog=%3DVvfFhA%7C%7CPPVrvfV1U_idVUai5VIOzbF%7C%7CqVrv9%7C%7CbVvAhu%7C%7CbVrvW%7C%7Cc0_rvFH9%7C%7C_0_rvH9uAfuWfiHfhfH&pgid=p01172461371t202204152216&nb=1&cadomain=tzR-hLcl-L-HShN42-uufdV3aTJmADGXGdtTl7u2al8%3D&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUJEM1AO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de0484d3b31a4df5bafe78f3359c1a131c9e80d667d91dea50ee3939fa943de1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 15 Apr 2022 22:16:33 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-7qsl
strict-transport-security
max-age=604800
timing-allow-origin
*
content-length
27734
x-sc-w
22-d0t3
bping.php
lg3.media.net/ Frame 8C57 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=514&&gdpr=0&prid=8PRVCXX19&cid=8CUJEM1AO&crid=173588971&vi=1650060992674449439&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781335&r=1650060992855&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1650060992180170516&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUQYHE04&vgd_hb_audit_2=482645036&vgd_pgid=p01172461371t202204152216&vgd_pgids=1&vgd_uspa=0&hvsid=00001650060992852025035145529556&gdpr=0&vgd_end=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 15 Apr 2022 22:16:33 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 8C57 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 15 Apr 2022 22:16:32 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=16553
access-control-allow-credentials
true
content-length
62892
expires
Sat, 16 Apr 2022 02:52:25 GMT
clog
hblg.media.net/ Frame 8C57 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=2972122848349753970&s_city=new+york&ugd=4&cliIPV6=2607%3A5300%3A60%3A7867%3A%3A14&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&usp_status=0&seat=BID_API&og_cbdp=0.150&size=970x90&mx_TAS=1&mx_gpid_sent=false&xtmax=150&commit_id=f691ca6f&scrid=351144871&itypeid=21&mx_SPRIG=2&viewability=46&renderer=0&be=0&rtime=18.0&adj0=0.0&tmax=150&s_ip=68.67.161.154&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=2972122848349753970&sc=QC&mowxReqId=cedd1bded3704785b6dc72fda12057f0_1&ifdp=0&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&bidrestime=1650060991016&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUJEM1AO-173588971-16-3&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.150&ct=Montr%C3%83%C2%A9al&spIsReq=3&s=1&abs=0%7C0%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUJEM1AO&dnt_enf=false&mx_ssBucket=0&vls=0&asn=514&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=shrinke.me&pgcatiab2=58&dt=O&acid=cedd1bded3704785b6dc72fda12057f0&actltime=31&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.105&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=11395&bfs=103&rfc=1&prvApiId=8CUJEM1AO&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CUQYHE04&bcrid=351144871&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=970x90&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-exp&__expireat=1650061591298&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=173588971&ckfl=0&lper=1&mx_tgs=970x90&cbdp=0.105&pvdTmax=104&ltime=31.0&epc=173588971&prvReqId=37946655538613_1383983576_48264503641&zip=H3A+2N4&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v6&pexid=APPNEXUS_EXPERIMENT-1777764&ybnca_erpm=0.15&brsrclk=0&sbdrid=196&rtttime=65&mx_PC=1&wsip=mowx-lite-6cfbdb9475-9cdgn&currsrc_date=2022-04-14+00%3A00%3A00&mx_divid=21000363&gender=O&geoll=true&debug_ts=2022-04-15+22%3A16%3A31&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.078&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=21000363&snm=SUCCESS&mx_IAB2=1&usp_enf=0&bidflr=0.078&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=0.69&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-appnexus-57d7676996-jw2s5.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=21000363&ptype=23&media=0&smsrc=1&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.15&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=482645036&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44086%23%2344085%23%2344091%23%237142%23%237141%23%2355664%23%2352765%23%237147%23%2317195%23%2317138&dfpDiv=21000363&opbidflr=0.078&impId=2797186756215102545&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vis_sd%3D378~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022041518~iurl_b%3D3281.81~url_tkc%3D0~std%3D21000363~last%3D~vis_url_b%3D0.75~ip%3D19L3rJI3XCx4oZWOSnN11G~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D14~rc%3D1~rps_sd%3D2022041518~vis_b%3D813.66~url_b%3D0.3~url_tvi%3D0~ecp_eer%3D4.6~url_l%3D20~gcat%3D500897~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~bm%3D1~sid%3Da9449d9f0e0e5cb6a7700cb9afc134df~sd%3D0~uid%3D2IaaJi3fEf16KSSwj6~btd%3D233228136252206331302784509816101472939285524829731188469153199902223237120~3pcf%3D1005.74~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D0.31~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D57.88~vurl_l%3D30~CI%3D2669~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D3.23~isif%3D0~lc%3D1~bid%3D0.15~dc%3D8~vl2r_b%3D3.03~ivurl_l%3D30~supply_tag_id%3D21000363%7Eviewability%3D0.464661%7Ecbdp%3D0.105%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3Dserver_default%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.078%7Eogbid%3D0.150%7Eitype_id%3D21%7Eseller_tag_id%3D21000363%7EcarrierId%3D0%7E~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D970x90~bsb%3D0~bsp%3D0~tmx%3D104&utime=1810&sf=1&cpr=0.30861093495518954
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 15 Apr 2022 22:16:32 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 16 Apr 2022 04:16:32 GMT
/
fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/ Frame A5DC 		232 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.66.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-66-96.compute-1.amazonaws.com
Software
/
Resource Hash
e0bb6f72ccc32af59e787e4f549a1d0ff5040e5bea27fd71c297300369c6b3c8

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 15 Apr 2022 22:16:33 GMT
expires
Wed, 31 Dec 1969 23:59:59 GMT
pragma
no-cache
vary
accept-encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 10C9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=12290&pub_id=1886142
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60892
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:32 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257265
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060993.886278,VS0,VE0
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 2AF9 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
24d3345526f5bb7cdd3e21a689dfe8ea413e989f45fc964b86ca03554e684bae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:32 GMT
Content-Encoding
gzip
Age
60689
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
40598
X-Served-By
cache-lga21923-LGA, cache-yul12820-YUL
Access-Control-Allow-Origin
*
Last-Modified
Mon, 04 Apr 2022 18:58:56 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1650060993.915903,VS0,VE0
ETag
W/"624b3ff0-1c7dd"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 13 Apr 2022 05:28:13 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 18845
controller
ssl.connextra.com/servlet/ Frame 2AF9
Redirect Chain
  • https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=1547045236&apnauc=8018516498715904338&bidid=8018516498715904338&dspid=3bc1d...
  • https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=assets.vlitag.com&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impressio...
68 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=assets.vlitag.com&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=1547045236&apnauc=8018516498715904338&bidid=8018516498715904338&dspid=3bc1d7fd2e
Protocol
H2
Server
104.105.35.116 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-35-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-length
68
content-type
image/gif
x-served-by
vlp-cxtadsrv07.connextra.net
expires
Fri, 15 Apr 2022 22:17:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
vary
*
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
location
https://ssl.connextra.com:443/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=assets.vlitag.com&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=1547045236&apnauc=8018516498715904338&bidid=8018516498715904338&dspid=3bc1d7fd2e
expires
Fri, 15 Apr 2022 22:16:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
x-served-by
vlp-cxtadsrv07.connextra.net
it
nym1-ib.adnxs.com/ Frame 2AF9 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QK_C_BMvwUAAAMA1gAFAQi_3eeSBhDSksjc2Mjfo28Yns-qzfy0_rE3KjYJRBK9jGK5pT8R2wdJNLvNoD8ZAAAAYLgeA0Ah2wdJNLvNoD8pRBIJJNgxAAAA4FG4vj8w9rj7CTiCYECYOUgCUIPD1I8BWLGTkAFgAGj1ha4BeO2oBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCAxNDM1NDg2LCAxNjUwMDYwOTkxKTt1ZignaScsIDU1MzY4ODksIDE2Nh0AAGcBOhg2MDY3ODI4RjsAMHMnLCAyNjc0NDM5MDFGHwAscicsIDMwMTI3NzU3Oh8A8IuSAsUEIWxHdWxZZ2pCdTU0WUVJUEQxSThCR0FBZ3NaT1FBVEFDT0FCQUFFaVlPVkQydVBzSldBQmdqZ1JvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWVZZ1F1cmR1YVVfd1FIbUlFTHEzYm1sUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSDUtTkVDOVFHQ0l3RV9tQUlBb0FJQnRRSQUkAHYNCPBxd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJR3l2aHNRQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTlRuZ0E0c3VnQVRqeUk0SWlBVDZ5STRJa0FRQm1BUUJ1Z1FhQ08wSUVRBX8UQUFOQV9HBUgJASBJTV8waXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfSEFBQ0lCZXNpbUFXOXZjTl9xUVUNGxREd1A3RUYBDSBRSEFrNERfQkIBRxxFQndKT0FfeS4oAAA5CSgJAQREWgUoAQElQKhXVElmQUY5Tm5VQl9nRjNzNVhnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWXpNBQIwUG5QNmdHQkxJR0pBawFGCQEAQh2zBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhd2hQYWRROkkCNExHVGtBRWdBQ2dBTVRNBW8YTS1jX09nbD2BGGxBaXk1SkENAQw4RDlSDQsQQUFBQloBBgkBBEJoCQgUQUEwRDlwEQwMQUFCeB0MDDRBSWs1jPQ0AThEOC7YAgDgAtjVW-oCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDU52gQCCAHgBADwBIPD1I8B-gQSCQAAAKAhwUZAEQAAAKCeZVLAiAUBmAUAoAX___________8BqgUQRTY1SU9ZN0xZNExXTlZNQcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBf-OA_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAAAAAAAAAFHBQEBxFDgBgHyBgIIAIAHAYgHAKAHAboHDwgFGgXeMLQEQADIB-2oBdIHDQkFNQQAAAUeCNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=fcbbbc5da17fc2072de14fd2ed5b4765e05c97b5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:32 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
45453d25-e005-4c18-a2cb-876634ee73c6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNoc-qwqeAAqK-PaaK-PYra-qMTq-PPUYwPeKPtMaRqxeNco_MZAaaYUUU_wqfftkRwNjxqfzxdrtbRlmNBAAbYZARdzNwqfftkRrdzNRmNaYUUURleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:32 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vICg9H%2B1MyxmG8nneD1QfMJWQMloeyQnfMsXgnfaxwGLpjatj2mTvOMxNQf5eI88SPXnhzN6%2FZZOpSaLJCf%2BxRmd3%2F%2FVSiSIhuqjCeCFI8%2F8rMhU3GlSHsAn02JRStVjHjvErhc2lYWH4PFtGTKHLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd5db2c7145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cl_partner.html
ads.pubmatic.com/AdServer/js/ Frame F630 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DAEA2301F-378B-4E0E-B7FB-AD8F6D123282%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=126486
content-encoding
gzip
content-length
953
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:32 GMT
etag
"fa18f0-6b8-53a413358bd01"
expires
Sun, 17 Apr 2022 09:24:38 GMT
last-modified
Wed, 17 Aug 2016 09:36:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 500C 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&ex=pubmatic.com
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=AEA2301F-378B-4E0E-B7FB-AD8F6D123282&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
85DN5GH08J6BARX9FN08
sync
partners.tremorhub.com/ Frame CE92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEDOKqMtAq5n0hGp3JN-HTAE&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEDOKqMtAq5n0hGp3JN-HTAE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkN-DAhivmJeRATAB&v=APEucNVimBtBKqj_aHYqvSbB4GvfVqQ34p8rJSqBmTwBAkdT-6LyPRQ47ST4c-yqCCu3k6RkF59Dcwpghv-OQX7trbusE0ynwA
Protocol
H2
Server
2600:1f18:612b:4200:c095:ee73:9876:f5ea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEDOKqMtAq5n0hGp3JN-HTAE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame CE92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1&__user_check__=1&sync_id=b526e7f2-bd09-11ec-8bbd-17aa2b400503
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1&__user_check__=1&sync_id=b526e7f2-bd09-11ec-8bbd-17aa2b400503
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkN-DAhivmJeRATAB&v=APEucNVimBtBKqj_aHYqvSbB4GvfVqQ34p8rJSqBmTwBAkdT-6LyPRQ47ST4c-yqCCu3k6RkF59Dcwpghv-OQX7trbusE0ynwA
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
128
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEPMftjeMGGq3XJDgtH_JGRw&google_cver=1&__user_check__=1&sync_id=b526e7f2-bd09-11ec-8bbd-17aa2b400503
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
270
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame CE92
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUyNmU3MDEtYmQwOS0xMWVjLThiYmQtMTdhYTJiNDAwNTAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUyNmU3MDEtYmQwOS0xMWVjLThiYmQtMTdhYTJiNDAwNTAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQkN-DAhivmJeRATAB&v=APEucNVimBtBKqj_aHYqvSbB4GvfVqQ34p8rJSqBmTwBAkdT-6LyPRQ47ST4c-yqCCu3k6RkF59Dcwpghv-OQX7trbusE0ynwA
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjUyNmU3MDEtYmQwOS0xMWVjLThiYmQtMTdhYTJiNDAwNTAz
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
171
Connection
keep-alive
Content-Length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B6A5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58808
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 05:56:24 GMT
expires
Sat, 15 Apr 2023 05:56:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9889 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c477d8b5a35da2af36f604ec8436217ddac42aa5707d994a86ec5cac09ab20fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10607
x-xss-protection
0
container.html
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B391 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:32 GMT
expires
Sat, 15 Apr 2023 22:16:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
c21lg-d.media.net/ Frame 3420 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=eVXYINazH7S8GNyMq00iqCRlDflqPpjF&cs=15&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 15 Apr 2022 22:16:33 GMT
verify.js
rtb0.doubleverify.com/ Frame ACA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_406099270228&jsTagObjCallback=__tagObject_callback_406099270228&num=6&ctx=971108&cmp=26835944&plc=320967054&sid=6522286&advid=&adsrv=&unit=300x250&isdvvid=&uid=406099270228&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=100&bridua=3&dup=null&ppid=103&auevent=ABAjH0iVHv9chAXWczJjqnGNGitz&aucmp=15412340841&aucrtv=393340935&auorder=25295742&ausite=946981363646&auxch=1&pltfrm=1&aufilter1=1024534&autt=1&c1=1024534&turl=https://shrinke.me/0GNZk&chro=1&hist=3&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=28&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6Tar9EEADTbpTauTau5cc423g736h5d62e2_h_gh6_6ae7hdh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau5cc423g736h5d62e2_h_gh6_6ae7hdh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6Tau_v%7D%2B%3C&dvp_exetime=8.40&aubndl=&callbackName=__verify_callback_406099270228
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0d4bb51367f4e802fbe75ddac3b05ea5c0602f0a6894c3b128c38797a282a6e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
04/14/2022 22:16:33
log
c21lg-d.media.net/ Frame 8F29 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=zedVZ-jFl6I0jKygnYvwca98BGSEnVHm&cs=15&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQYHE04&prvid=2033%2C171%2C175%2C132%2C157%2C3018%2C159%2C238%2C239%2C97%2C99%2C77%2C56%2C241%2C3008%2C147%2C246%2C4%2C10000%2C80%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS_EXPERIMENT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 15 Apr 2022 22:16:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC2B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:33 GMT
index.html
s0.2mdn.net/sadbundle/6193854350124385521/ Frame CB3D 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6f24eb4863543b4f2f8cfed6d0cbdd4f41e46817c1347b568ec8e80245c0682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
395132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5054
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 08:31:01 GMT
expires
Tue, 11 Apr 2023 08:31:01 GMT
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AC2B 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzdyZxPrpF_7Yag3GAT9y8CVfWakZS1lQ5QJZFcM8Iw3mH8HlrcvQiawcGsrkVVEOZB_JnzWNLjh-rmX_-_L0CD_brdLuk6B4Rfxyc3brnww-1LzW3cEmAmr-plhaVbTgHCp4aAslA09A&sai=AMfl-YSeF8jxsWOrCG7kLp4IgFzYhnPiTsm9mwsZOxw7FhsmsXfsxHYOJ4d5jDan5Nd9MLAymPXkbyb7BLLw_TqnHan5yV81PzhoOwk&sig=Cg0ArKJSzPfGJz3flHxWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=236&cisv=r20220413.14182&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame F229 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame F229 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F229 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssswlhAq7-Fr13BgDfvqlQlpw4RXTu_LzekD95mV8W28hsarnLvDz4-ea27Zs9TQyNY5hVF_QtOEHjLFpudEPyvDlAOeMM7QFG9UfJTj07W4QiJId2X1TuanQMdid8PL1_FBNr4ebDz0Oaz3eMyyaf8hVghvTj0HD2FaP987mCW6NKDSTQxDv8EyxQxxkih8uxZycrHag6Q1Tjg5S7QvW1QKNdXibwlc_tReILEuWXtKoqIEHtP3edQno-POlxuqki3zHSwkRnpSTcOzMni-P8Ea9-_TLVn30FqeRTSYK3ZWvcqvcjzMddIt6cBwS9Z-RY5422WZeCUcVk_5Dukqih890EZI51zAF9eiinjCkSNQT-iYots4y2Hs1kTMBjL4Zz15TYsGt88iQtakonXDu8tlmh9o3VxpZZgCGmvtFb2f-2oQhuwYLfAvqWyQozJ4wZS8gFJHWmPZxpCiVGXfU43ZO4ai5IRbLLZGBGFKiZxuyoTXAevVN7rumWQHR22CIzE0Ps7JeySSxNMxxGtfcfgMf1NSFDt_JvNhY6k2a8fwZEvXHuzGAkWVS6Uh7WNMcYpjKCqoAt01ZyeXoFf1mERfyItTuXteIi-JW7Dphk95tAMmkH74v4hOVIf3u9tyAhAItr0WmornatucjFwJWF8C3hZZL3p09tNLukMdFqVdTaN2aOw03ND_oqXebrOtUcHY8gwelTgRBvrBazAHfI2dM0aFJJAaQ7-hJpOcLd8n2Wedoln6dbes0BcAGRPY_gszakSBKX3x2ZVTQ1QgFbNFmLV0LCTKIbgi_IdsWRKRAyBYrRPKJvT4Zvt0xrjSuWcK0WvbgvGVksDypX91EBJhn3GhF7LBmOTLda5cNIM5htnI-9c4xThMlzUJZ6S8ts2ISTDye7UdtLdteYZfkVXUvMpktVtge05XfJhLTOzMunmVg7PE0ZMp4B_JKXgGOo1Wj9_Y-iJAkvpP4FLsEDW0egVbp15lL59t32kMXzz5HjK6ebGepaxYe8SUIJiJ_22dGQR2UKYkSt4CRrRHfwv-JKCiVjRYRNgJqGwRjMXELyT7sG9r4baQmMxK5imkZOHIkyGQkqL8jZIoGuzg46pvPhrokya7R_RoGgLVEyeqCe2M0ojWr0b1VG4LQFcT3_pnplSP2OPkYQgijwWDA_5R2CB5FleqfCsGSfHiYkDyIOyyyRCchjpaDXA5faVCdjHfl_Iwb5BKEj03x2nl8z0bAe8AkR_Iw&sai=AMfl-YTdwdqz_VHt7sMHo2tQzlrAeVGsz72LZZkkdz4feVD8g88ox0bNV00wblqQ-zw8sNZVl1KaP4wMdTRIdYUTcTxdt-1GEbJiTrjG3uK2iuI26bwUFRhZKazwqRGIB-7sLnNPPl-QUxCjDDo-IwLLFZchjhmbb5Hkhq5QDnNiLyrXnRDQ1O2NJMi_7qZ4ZdPRuUizEZTqRQjenY_hu00kNUwLffRfnGWi8CFaxrn5JmrZu8rS&sig=Cg0ArKJSzGSbZGdI-J9oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220413.10667&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
moatad.js
z.moatads.com/linkedindcmdisplay501882038263/ Frame F229 		319 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/linkedindcmdisplay501882038263/moatad.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c33a27297bca539137c87262176cf320249e5515ee2616f21d80652ea6e5463e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:04:27 GMT
server
AmazonS3
x-amz-request-id
FWKFAW01Y87ENXQ0
etag
"e98f065a5f77733fa36e728bc6fca54a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30205
accept-ranges
bytes
content-length
109563
x-amz-id-2
qG+k2RDATfDqXfaZq1QU6sEv7SkE5b4rqUU2vmaqYqy8n9eL8KK5/3CAfhd8WDVIXtOxEaYzSaA=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F229 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 05:56:24 GMT
12121761741305688944
s0.2mdn.net/simgad/ Frame F229 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12121761741305688944
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6310787b5d8759bb95f242a38f62f6c2bd4504555ad5657e79bf7ac8b75fe4c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 23:28:05 GMT
x-content-type-options
nosniff
age
427708
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15139
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 17:28:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Apr 2023 23:28:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AC2B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 05:56:24 GMT
rd_log
nym1-ib.adnxs.com/ Frame AC2B 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QLaBPBMWgIAAAMA1gAFAQi-3eeSBhCqyOSfpaL5-n0YpO6QrMH-ouMwKjYJ5e0IpwUvij8RCOwgZXp4hT8ZAAAA4HoU5j8hCOwgZXp4hT8p5e0JJAAxARvAUbiePzCr4YEKOINZQLwJSGVQ1OyLlgFY9-KIAWAAaOCqrQF4sM8FgAEBigEDVVNEkgUG8LyYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACgeJW6gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlprgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDnte6AeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFTI2MDc6NTMwMDo2MDo3ODY3OjoxNKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQF4fBe-gQSCQAAAIB82EVAEQAAAKDE8FPAiAUBmAUAoAWMgt2XsJ7W5S-qBSRmYTNjYWRiMi0xZDAxLTQ3MDQtOWRjMi03YmIyMDgxYjczNzXABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAF_-I1-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBs_cAtoGFgoQCRIZAQHHiOAGAfIGAggAgAcBiAcAoAcBqgcLMTQ4MjY1NTU1NjO6Bw8IBSgAIAHvLLQEQADIB7DPBdIHDQHfBQEBRgjaBwYBfkwYAOAHAOoHAggA8Af7_AeKCAIQAA..&s=96bd320d8f379528e7825d47a835b1d375bb5fde&bdref=https%3A%2F%2Fshrinke.me%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshrinke.me%2F,https%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d86a1c62-38d7-49c9-a2b4-ff5199411c35
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame C817 		0
834 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QL4CvD9eAUAAAMA1gAFAQi_3eeSBhCS6LHb7oOXmGsY1oW8re6Pg-VgKjYJ50CiFTYHwj8RmpmZmZmZuT8ZAAAAwPUo9D8hbId1mVB3uj8pUDv8NVmjwj8xAAAAoJmZyT8whPnJCTioN0CYOUgCUODbpKEBWJTcQmAAaLDnW3itqQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDI4OTY3ODksIDE2NTAwNjA5OTEpO3VmKCdpJywgNjYyOTY4MCwgMTY1MDA2MDk5MSk7dWYoJ2cnLCAxNjU0NjU1NixCOwAwcycsIDI2OTMyMTg5MUY9ADByJywgMzM4MjQzMDQwNh8A8IuSAp0EIV9XVjRuUWpieEwwWUVPRGJwS0VCR0FBZ2xOeENNQUk0QUVBQVNKZzVVSVQ1eVFsWUFHREdCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQ3FnQkNyQUJBTGtCaW1yVWQxMmp3al9CQVlwcTFIZGRvOElfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBYkRTbEFQMUFXZWFnRDZZQWdDZ0FnRzFBZwEjBEM5CQjYREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJN0phekhSQUxHQUl0QQFDwExvRENVNVpUVEk2TkRRM05lQURpeTZBQkktdGpnaUlCSVhEc1FlUUJBR1lCQUhCQkEBNQkBCHlRUQkJAQEYTmdFQVBFRQELCQFEQ0lCZnNpbUFXampiYUFBYWtGCRgYQUE4RC14QgE7UENBZ0dPUV93UVZuWm1ibVRCUFFQOC4oAARfUgUoDQEIMlFVDQrIRHdQLUFGNFhId0JmejE4UWY0QlpYbnNBR0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJqTXpNAQIsLWNfcUFZRXNnWWtDAYANAQBFHQwARx0MAEkdDDh1QVlLmgKZASFKeE1PZmc6IQIsSlRjUWlBQUtBQXhNAWkYek16NXo4NjJZARRVQ0xMa2sNcxBEd1AxRQ0MDEFBQUYRGAxBQUFHHRgARx0YAEgdGAxIZ0FpLjUC8P13Li7YAgDgAtbiNuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODSoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjQ0NzXaBAIIAeAEAfAE4NukoQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW5vgL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0AapJdoGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4tARAAMgHrakF0gcNCRE8ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=74b31e6325d7123159207558af6572ebc653513d&type=pv&jm=1003&px=651&py=1031&bw=300&bh=250&sf=0.68&sid=1175019941666628330&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20085892&cid=3&cr=nv&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7d66717e-bac0-473a-b553-e0c0000d6e58
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 10C9 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=12290&pub_id=1886142&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=12290&pub_id=1886142
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
80e53b6e-9475-452c-b1b1-df76b1dba098
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9889 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:33 GMT
rd_log
nym1-ib.adnxs.com/ Frame 8C57 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QLMBPBMTAIAAAMA1gAFAQi-3eeSBhDRuIP1jdHm6CYYkeuB6-nt_N8oKjYJ4XoUrkfhuj8RG_D5YYTwtD8ZAAAA4HoU5j8hG_D5YYTwtD8p4XoJJNgxuB6F61G4rj8wq-GBCjiDWUDqXEjgA1Cnl7inAVj34ogBYABo4KqtAXjiygWAAQGKAQNVU0SSBQb0XgGYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AKB4lbqAhhodHRwczovL3Nocmlua2UubWUvMEdOWmuAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOe17oB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQVMjYwNzo1MzAwOjYwOjc4Njc6OjE0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKeXuKcB-gQSCQAAAIB82EVAEQAAAKDE8FPAiAUBmAUAoAXypNblvL_GnymqBSRjNzVmYThjNi0zNjI5LTQ3MWUtYWIwYi1lODFkNGZlZjNhZDLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGsPEB2gYWChAAAAAAAAAAAAAJPmAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlMGAAgADAAOLQEQADIB-LKBdIHDQkNNwU4CNoHBgknROAHAOoHAggA8Af7_AeKCAIQAA..&s=1b5602668ce81ec3df9092cf30431314c97bfafb&bdref=https%3A%2F%2Fshrinke.me%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshrinke.me%2F,https%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b924bb97-b1c0-4583-beb7-86b8a5f4b4c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://assets.vlitag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 15 Apr 2022 22:16:33 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 2AF9 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.vlitag.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rd_log
nym1-ib.adnxs.com/ Frame 2AF9 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QLWDfBM1gYAAAMA1gAFAQi_3eeSBhDSksjc2Mjfo28Yns-qzfy0_rE3KjYJRBK9jGK5pT8R2wdJNLvNoD8ZAAAAYLgeA0Ah2wdJNLvNoD8pRBIJJNgxAAAA4FG4vj8w9rj7CTiCYECYOUgCUIPD1I8BWLGTkAFgAGj1ha4BeO2oBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCAxNDM1NDg2LCAxNjUwMDYwOTkxKTt1ZignaScsIDU1MzY4ODksIDE2Nh0AAGcBOhg2MDY3ODI4RjsAMHMnLCAyNjc0NDM5MDFGHwAscicsIDMwMTI3NzU3Oh8A8IuSAsUEIWxHdWxZZ2pCdTU0WUVJUEQxSThCR0FBZ3NaT1FBVEFDT0FCQUFFaVlPVkQydVBzSldBQmdqZ1JvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWVZZ1F1cmR1YVVfd1FIbUlFTHEzYm1sUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSDUtTkVDOVFHQ0l3RV9tQUlBb0FJQnRRSQUkAHYNCPBxd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJR3l2aHNRQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTlRuZ0E0c3VnQVRqeUk0SWlBVDZ5STRJa0FRQm1BUUJ1Z1FhQ08wSUVRBX8UQUFOQV9HBUgJASBJTV8waXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfSEFBQ0lCZXNpbUFXOXZjTl9xUVUNGxREd1A3RUYBDSBRSEFrNERfQkIBRxxFQndKT0FfeS4oAAA5CSgJAQREWgUoAQElQKhXVElmQUY5Tm5VQl9nRjNzNVhnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWXpNBQIwUG5QNmdHQkxJR0pBawFGCQEAQh2zBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhd2hQYWRROkkCNExHVGtBRWdBQ2dBTVRNBW8YTS1jX09nbD2BGGxBaXk1SkENAQw4RDlSDQsQQUFBQloBBgkBBEJoCQgUQUEwRDlwEQwMQUFCeB0MDDRBSWs1jNg4RDgu2AIA4ALY1VvqAhhodHRwczovL3Nocmlua2UubWUvMEdOWmvyAhEKBkFEVl9JRBIHMTQzYaQc8gISCgZDUEcBFAQIMW1-ARUIBUNQARQACXV0PPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQgHNTWFEADyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwgYADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDU52gQCCAHgBADwBIOhgTD6BBIJAAAAoCHBRkARAQkwnmVSwIgFAZgFAKAF_xEBZAGqBRBFNjVJT1k3TFk0TFdOVk1BwAUAyQUABQEQ8D_SBQkBRwUBcNgFAeAFAfAF_44D-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAQHETOAGAfIGAggAgAcBiAcAoAcBugcPAUgAGAneLLQEQADIB-2oBdIHDRV2ATgI2gcGCSc84AcA6gcCCADwBwCKCAIQAA..&s=2e6c951b14369ee1bf024400d2ea5998654dbf01&bdref=https%3A%2F%2Fshrinke.me%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshrinke.me%2F,https%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4812bf5-037f-4246-a431-700e977a6b3c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNoc-tZZMqByA-wqTA-PrwM-MZAe-KrYrYyayPqwqRqxeNco_MZAaYaPPA_TRwNqdbRlmNKYMbaARdzNwqfftkRrdzNRmNYaPPARleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzQd49AlQDugQzE4hQUafGj2xlHkAFWTwXjGsOmIlUgD0HQNvIU3T1fKQGtNlXeHrHuOst5WdvTEEGgHQltw%2B5Fzy1xui1f2lRDhhakzTA0GJingzzOi4F8QErPpKqSfF7Vs8r2yuM%2FlnIm0bQ8j%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd70cf67145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
i.js
mathid.mathtag.com/d/ Frame F630 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 33E3 		363 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhi145fHATAB&v=APEucNV3ArgDBT_ou0MGzWE87SJx70DZwHuybzyKjQr52Z4V6AHqFrLg4kM39S8qZG7VbBcLXzxvXMsTTQ5CXkfJFtKzc5RO3A
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B391 		59 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc8ccf8a6fdf20e70ac1017066e18fb11576f5dff97dcd833faf018d7d0d1816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29970
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B391 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHj0T9-BH_1mvzlCex_IXQ-9Rxi2ukJ-WsYQjdFbBx7-wPkQhgzMowSrK2TmnaMox2x7gFPYxYXlLd9BHEYPF-QQPvGJ1GKmIteduw85UlXH1wabE
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame B391 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:04:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame B391 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:10:43 GMT
l
www.google.com/ads/measurement/ Frame B391 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtGc8erKIjD8UNjvu8rDPsakqvBDIy_gMv1_n0BNd5RKzmT2YHzBYCOKqj7mQ17CT50lwsCnrcKJuHczxkgV0IYN7KDQ
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B391 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F229 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssswlhAq7-Fr13BgDfvqlQlpw4RXTu_LzekD95mV8W28hsarnLvDz4-ea27Zs9TQyNY5hVF_QtOEHjLFpudEPyvDlAOeMM7QFG9UfJTj07W4QiJId2X1TuanQMdid8PL1_FBNr4ebDz0Oaz3eMyyaf8hVghvTj0HD2FaP987mCW6NKDSTQxDv8EyxQxxkih8uxZycrHag6Q1Tjg5S7QvW1QKNdXibwlc_tReILEuWXtKoqIEHtP3edQno-POlxuqki3zHSwkRnpSTcOzMni-P8Ea9-_TLVn30FqeRTSYK3ZWvcqvcjzMddIt6cBwS9Z-RY5422WZeCUcVk_5Dukqih890EZI51zAF9eiinjCkSNQT-iYots4y2Hs1kTMBjL4Zz15TYsGt88iQtakonXDu8tlmh9o3VxpZZgCGmvtFb2f-2oQhuwYLfAvqWyQozJ4wZS8gFJHWmPZxpCiVGXfU43ZO4ai5IRbLLZGBGFKiZxuyoTXAevVN7rumWQHR22CIzE0Ps7JeySSxNMxxGtfcfgMf1NSFDt_JvNhY6k2a8fwZEvXHuzGAkWVS6Uh7WNMcYpjKCqoAt01ZyeXoFf1mERfyItTuXteIi-JW7Dphk95tAMmkH74v4hOVIf3u9tyAhAItr0WmornatucjFwJWF8C3hZZL3p09tNLukMdFqVdTaN2aOw03ND_oqXebrOtUcHY8gwelTgRBvrBazAHfI2dM0aFJJAaQ7-hJpOcLd8n2Wedoln6dbes0BcAGRPY_gszakSBKX3x2ZVTQ1QgFbNFmLV0LCTKIbgi_IdsWRKRAyBYrRPKJvT4Zvt0xrjSuWcK0WvbgvGVksDypX91EBJhn3GhF7LBmOTLda5cNIM5htnI-9c4xThMlzUJZ6S8ts2ISTDye7UdtLdteYZfkVXUvMpktVtge05XfJhLTOzMunmVg7PE0ZMp4B_JKXgGOo1Wj9_Y-iJAkvpP4FLsEDW0egVbp15lL59t32kMXzz5HjK6ebGepaxYe8SUIJiJ_22dGQR2UKYkSt4CRrRHfwv-JKCiVjRYRNgJqGwRjMXELyT7sG9r4baQmMxK5imkZOHIkyGQkqL8jZIoGuzg46pvPhrokya7R_RoGgLVEyeqCe2M0ojWr0b1VG4LQFcT3_pnplSP2OPkYQgijwWDA_5R2CB5FleqfCsGSfHiYkDyIOyyyRCchjpaDXA5faVCdjHfl_Iwb5BKEj03x2nl8z0bAe8AkR_Iw&sai=AMfl-YTdwdqz_VHt7sMHo2tQzlrAeVGsz72LZZkkdz4feVD8g88ox0bNV00wblqQ-zw8sNZVl1KaP4wMdTRIdYUTcTxdt-1GEbJiTrjG3uK2iuI26bwUFRhZKazwqRGIB-7sLnNPPl-QUxCjDDo-IwLLFZchjhmbb5Hkhq5QDnNiLyrXnRDQ1O2NJMi_7qZ4ZdPRuUizEZTqRQjenY_hu00kNUwLffRfnGWi8CFaxrn5JmrZu8rS&sig=Cg0ArKJSzGSbZGdI-J9oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&vt=11&dtpt=152&dett=2&cstd=0&cisv=r20220413.10667&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS14Oi3KADkW6lHMj7vCek62WcV-Onp_Sh9vYT9BseCWIN0ggbGsbIBGstfYDf-IYHkPxHoxs6IUBqTM8_YGQlaXnnLGOIcuqinB9VlqFivWRlxMRPhCWR_e37igqEBNegTIk0KmF3ayTKDqBxg4HO1nsUlA&dbm_d=AKAmf-AO8wI8PRR7fMYn2j4zQzQlq9apbcWtaRtiBXzvaQdFXz8mA88MQeDR60aFpRKdVhYrNsU4L7U9bz6QvErUpMePPArr8eN6g8AwQTNWNOQaBDlcZ7yc4WRVbpJsNITt8hj2-3eIfmTcyjtqjf155TPH-Oc-AceZIFYGIQpAi0nk0jbNKp6Pcx1Kk_1yPEKOLjrj3_dth0Jh718Xea0IyW6CP-c5q1LcgD3tYsfiu4KAiog1MpZMuV8kOmbU8a3rt9tigke6NYqVoar1mnlgwEdbNmjOLgH36OgBPoQGalALVpwuss3SRZCkuijIg3g0uSH4firjrSWu4uh74uosaCnhLVLz7OyJWfD2mUR_GK4iRxBc9Sz90ztlt2uuIWl4h3VobQAhjT4QNi1TJquEsgPVAtBWuH2yJAOmfokODJTvF9wrxNVAfCWliaznrM95qg6BGdprodcx3BdzDK71YUjzd_DQ1gWGnaCWhez1grIvunZRLOPvf3i35i81tAvqAjINS82CY8ddNs27tjL3hLt7dKVCStURKrMkPsWcNna8TN30d3Se_cMkwzNxP2GDK5OE-VDcKCPH9GDwyy6b-tvM0pjrkSY2fdV6p6dh04Fzh2SYdR_YMbMUt0BQTglVFfzZy005XkpVEApC1XxAuL-QUsOqqcvyJjBn-rlDgoQ3rrXXx8yO4W6R15xj0aLDX2xx1P6yeG6g6-p24w7VGkhVx_ksUbFw1f6MmYayvnyEbxyKKxDzAgHRoissr02yiCdVNm33Pri_aq285MV9UArpUv8SoCC3cbtiqgtt7LulWPUDq6fDerrQHVmbdUNgVcxTGqoq-zMss1sX-0K0ZU_TkLAcAp_Pe58F0f8S6prh6aIUB9Q62m4XO1Raa8NzsbXUV9rfDuVjf7F1jzUQat6y3-3TJKGj8jt4pzZWyRJEWgM8JDBu9jho-7MH4viubI-n4tejcUmuz6U66m52DPHx3D7y1_d_J-0lJIgGRNZ9mL79XaXPapaYTioYMErDE6jgbndCtwDm0DT74CCuq5BRGnemeK5muarhfJ_3wNfzo0_Ir4MBzoGknQ_ZVWO7aIEJPC2TArjWnb2GOT19PLnaf-1rhOGq3YtAU-hnZGzXuAayHbokFMmAxpf_ts2seGYSGB3EzGsTHiJa5Hoyu8NxaFFjNEJ9cZzcMHB6HGt0bzEj7W9LzoB6haNf5c-8Z27_YjC91KhWfIugUwQIR5zuhRN85w1xlzzJexFesF95G9wCOQM-x4FEVjKzHieYq6hAkYEj4WMnAFv6RtAD93fHs-mli7Uz8uxfghE7PSmpAVHUCHhl1cO8tYKV2l5VNU1WhkGItu0DECZUDtRNXc08NZSvedxEITnKmB1ui7h6WPQk7GUH5zeZlMyaHLUbcA4WqbFHWuyOBLnNcex_4sJ91xUPrqSO9Om3dxVBDLvbUnLxLrtUYxlQJd2p_xiQgWeFbdKzvK3ajatuvULCulDHw9_MFM6JJ-TXgP8LN1bnRbltfCuvRlE_d7XgNbmkTBbTzjtaT63vtXBOJZ6oitvO9-IL9RsASizufysosQaZhXBBgY3k2bc6PZOkg1YaoSODJiCTdlngvL-WWy-wk1O2YsNjeeFR7Z2CiCepYdHKyzVk3bCgPtVJvcuL9vVdO8-BiJfFgvKqS-rUpwEx2g6jWYGBP9CrYAFWurP8MO_579LZv3PmKkrdevdj21tR8o1Qow1S69RYpdCj5rZxk0GREgJnYjYJcZlMisTdumZU8WTvpzQbOgWk03hxLTlrsp97U5UdVAtRqzOdyuhzPEfFrmktoZ3wP_zXTnkfrIk5cEqhDsj2O2K66BHbpl4lmKpqY_CqDS9P2TUsvsmcXGGVJMITST2UYZmNbHAG3VgOdSvTtS9YA87J_pbaM74ULBRwhaoTFdjbzIrQRa_E5Vnh2Q-0jvjMlamFqdI-KLCeNOEdyRScb5rmuUrt8Erl55KhTrmKVRw8nREm2b8UWOdfNCQlmRYHdwyuf1qiZ4BHn9TKLBOow_agsfS94qi0LeClY-JBI6gnkf4AeWm1BWLtnS0mhm3Iwx_nyIHQoQHo32F62BUJQ2MD2oM1QGih2srKHGdbsGGutT1-luDk_U3ywUrQETn9m2JtyQW8shoRVBfxpZz1s4yGMwNiTH1zKzuA8kFjaiN2BqOpIB7Z8NY4_rZ9dej67W0P-xbdZSbCl9EQC_KjsN7OTWJI3X5XV2kYMbgkDCEoxkDh7UKWNhyVktk2eslDKHyNzVIUEic5LQayKKwkISPelAJ7Ti4cJmZ5oDp-zYLe9WjKdV9DtqbO2kRc1AYSDKbTlEGBUzaO9VeMvYcWvLHR0Ql8j2a1CXvQCBPceY7Y-abJz8HxcbLnqi2NKrjvjDYJOVT6PljoEXK2x3JBf7PxhaMyQgc1yr_g2t7-FtVHPHhX9BZYGoWAqwR16HAx966Jxtr48vc6490L01DLF332WrGQHmD4IsIlPwsRGKHQA-YSme_Qwua9ycAlkD90X_6vYhwxaExd_zlx4ipgjSoORQ4x6qwuWZ9RahqFmfBPJDqtUo-bxMm6S5zm_VGWhCFTXPYJ-1RsZiHk4APCXc6pTRfhB2pgIbtay4LTQI5A9_9uU62e5xEztmX0qr6z7qVot9fs7pGuJFKHBuT5agxNmvsWETjOD_TMeZxetM5YWiHgR8JCokZYFRVvSA-VKUSB_bffYSweq62f90ciddAmDwf0fRMx68uRgD7_TIp2gL1YSBMUgpT02hT9Mz0gHrJMf0qT-UasFjbYJiGVORdncJidW_jXbE5O3ALAnZeu3h1KqfUz5H2sVLeKrrBkDepd9LxIIZMdorRUMNuAwsJK9X9J0J-XCehJTpUBzA2TcBx8ss-m9YVZpbduNeQ2foAT2YSNrg8rx6YJxdwEY3II4Tt-KamXFT29j93gRliOJDi9a_qT8YyckRD7uVUcVAYtGhDMjFdwYzUQanLU88E1HlHROFe_zN2cXHXfhaFkEXJmf2d1fhWbtUUH6wg5zvyw16gayACwW_R7s_lLr5s4g-Q4O2uV1EIfMjVtAeCAqYSBO22us38F2OwKlS6T60SD21xiyDvJ3ojcQWbgcRi4kpQN45A9_kDezCzn&cid=CAASJeRoxyfPtj5m7H6sjaQhBrlL2yizaZmN932t01U0ksgGmRETrX0&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
c24ec0cd19bfd9b6fd1793271ec7cda3.js
s0.2mdn.net/sadbundle/6193854350124385521/ Frame CB3D 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/c24ec0cd19bfd9b6fd1793271ec7cda3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74c1636b92eb3f79f96c20deb13a11322e7b0108184f45836072ae901fd1cb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20965
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Apr 2023 11:39:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D5C2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 16 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F229 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7db4555daadf0692f3c2b687a5a49c6b3b80996ca63712d3ead1d48f51b63952

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
trk.js
cdn.adnxs.com/v/s/224/ Frame 8C57 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Age
4367885
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12832-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1650060993.219665,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 995538
/
servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/ Frame 9AB2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&ima...
  • https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&f...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app33.ash11 /
Resource Hash
f305c86f370cf665b6514f783d8608156b0392978175e294a266b553c062e789

Request headers

Referer
https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
2736
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:33 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
prod-xre-app33.ash11
X-HW
1650060991.dop072.dc2.t,1650060991.cds202.dc2.shn,1650060991.dop072.dc2.t,1650060993.cds192.dc2.sc,1650060993.cds192.dc2.p

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 15 Apr 2022 22:16:33 GMT
location
https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
server
nginx
x-server-name
app13.va.303net.net
sca.17.5.12.js
static.adsafeprotected.com/ Frame 72AA 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
12078024
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
09xZc1u67yBnzLedyAXbUPmVtdg6itvifcQ8jX9uofwNDxv0rfGULQ==
trk.js
cdn.adnxs.com/v/s/224/ Frame AC2B 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Age
4367885
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12832-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1650060993.322667,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 995539
view
googleads4.g.doubleclick.net/pcs/ Frame AC2B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzdyZxPrpF_7Yag3GAT9y8CVfWakZS1lQ5QJZFcM8Iw3mH8HlrcvQiawcGsrkVVEOZB_JnzWNLjh-rmX_-_L0CD_brdLuk6B4Rfxyc3brnww-1LzW3cEmAmr-plhaVbTgHCp4aAslA09A&sai=AMfl-YSeF8jxsWOrCG7kLp4IgFzYhnPiTsm9mwsZOxw7FhsmsXfsxHYOJ4d5jDan5Nd9MLAymPXkbyb7BLLw_TqnHan5yV81PzhoOwk&sig=Cg0ArKJSzPfGJz3flHxWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=309&dett=4&cstd=236&cisv=r20220413.14182&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 1BFC 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1BFC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame B6A5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 255F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
76093
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 01:08:20 GMT
expires
Sat, 15 Apr 2023 01:08:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A50E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a96e03619c5d753a1a454def5342ba9e3d99f5bfb3904ca1aed91fb1a8eedae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kBmtgvT5icXQ85FTXccKLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-kBmtgvT5icXQ85FTXccKLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:33 GMT
expires
Fri, 15 Apr 2022 22:16:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx90e,pingTime:-3,time:146,type:v,im:%7BpBlk:55%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:146,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjsi,dtt:0,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:0,renddet:BODY%7D&br=c
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx90m,pingTime:-6,time:154,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjsi,dtt:0,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:0,renddet:BODY%7D&tpiLookup=ao:shrinke.me*%2Cassets.vlitag.com*&br=c
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Server-Name
dt36.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 51AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 05:56:24 GMT
expires
Sat, 15 Apr 2023 05:56:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FEED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 05:56:24 GMT
expires
Sat, 15 Apr 2023 05:56:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame 33E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhi145fHATAB&v=APEucNV3ArgDBT_ou0MGzWE87SJx70DZwHuybzyKjQr52Z4V6AHqFrLg4kM39S8qZG7VbBcLXzxvXMsTTQ5CXkfJFtKzc5RO3A
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEB7LbPjTrEC77G-mZRtgm3Q&_origin=1&google_cver=1&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41
date
Fri, 15 Apr 2022 22:16:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 33E3
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPb547cf1e-bd09-11ec-b948-0e9980f97a41
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBiNTQ3Y2YxZS1iZDA5LTExZWMtYjk0OC0wZTk5ODBmOTdhNDE%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBiNTQ3Y2YxZS1iZDA5LTExZWMtYjk0OC0wZTk5ODBmOTdhNDE%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhi145fHATAB&v=APEucNV3ArgDBT_ou0MGzWE87SJx70DZwHuybzyKjQr52Z4V6AHqFrLg4kM39S8qZG7VbBcLXzxvXMsTTQ5CXkfJFtKzc5RO3A
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBiNTQ3Y2YxZS1iZDA5LTExZWMtYjk0OC0wZTk5ODBmOTdhNDE%3D
date
Fri, 15 Apr 2022 22:16:33 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 33E3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12bWc0ZnBORTJ1R0dfMnRHNXlodVpZTlBBU2J2RHdLan5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12bWc0ZnBORTJ1R0dfMnRHNXlodVpZTlBBU2J2RHdLan5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhi145fHATAB&v=APEucNV3ArgDBT_ou0MGzWE87SJx70DZwHuybzyKjQr52Z4V6AHqFrLg4kM39S8qZG7VbBcLXzxvXMsTTQ5CXkfJFtKzc5RO3A
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12bWc0ZnBORTJ1R0dfMnRHNXlodVpZTlBBU2J2RHdLan5B
date
Fri, 15 Apr 2022 22:16:33 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bql.php
lg3.media.net/ Frame 1BFC 		15 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5472&&&vgd_l2type=sca&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=15040&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170785070&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=00_XX&ksu=224&fdkt=375&vgde_kbbh=ffoNu9&kwd[]=Website+Maker+App&kwt[]=375&kbc[]=250088&kwp[]=1&kid[]=340189069&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D3.97%7C%7Clvl%3D4.00&ktd[]=274894684416&ktrkt[]=Website+Maker+App&kwd[]=Free+Project+Plan+Template&kwt[]=375&kbc[]=76780&kwp[]=2&kid[]=11640498&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D0.69%7C%7Clvl%3D4.00&ktd[]=274894684416&ktrkt[]=Free+Project+Plan+Template&kwd[]=Free+Video+to+Watch&kwt[]=375&kbc[]=146449&kwp[]=3&kid[]=11680100&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D0.61%7C%7Clvl%3D4.00&ktd[]=274911461632&ktrkt[]=Free+Video+to+Watch&kwd[]=How+to+Start+an+Online+Business&kwt[]=375&kbc[]=36760&kwp[]=4&kid[]=27045620&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D0.44%7C%7Clvl%3D1.17&ktd[]=274911461632&ktrkt[]=How+to+Start+an+Online+Business&kwd[]=Best+Ways+to+Invest+in+Gold&kwt[]=375&kbc[]=75615&kwp[]=5&kid[]=316482289&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D0.29%7C%7Clvl%3D3.55&ktd[]=274911461632&ktrkt[]=Best+Ways+to+Invest+in+Gold&kwd[]=Value+of+My+Used+Car&kwt[]=375&kbc[]=84766&kwp[]=6&kid[]=29672219&kbc2[]=%23c%3A3480834%7C%7Cps%3D1.028%7C%7Crpc%3D0.20%7C%7Clvl%3D4.00&ktd[]=274911461632&ktrkt[]=Value+of+My+Used+Car&cid=8CUJEM1AO&vwid=1650060992674449439&vi=1650060992674449439&tdAdd[]=ib%3D0&vsid=2930625921455251&tdAdd[]=asnum%3D16276&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUQYHE04&vgd_hb_audit_2=482645036&vgd_katid=808076879&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpc%3D21%7C%7Cfat%3D2%7C%7Ctbft%3D1&vgd_kalog=CI%3D2673%7C%7CUUID%3D2IakT9jIkO9yINdnS6%7C%7CHID%3D0%7C%7CSI%3D371%7C%7CSID%3D8%7C%7CMPTD%3D640%7C%7CTPTD%3D40132182942724&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785070&vgd_nrrv=42121&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=montreal&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1650060992180170516&sttm=1650060992852&upk=1650060993.20652&hvsid=00001650060992852025035145529556&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&lineitemid=4&vgd_ecrid=351144871&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO3BF8JJ&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=2930625921455251&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.uX~e8QMQOvAhW~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9HuXuW~8xLjMGvAfWu.Wu~xLjM7UNv9~Q7Ovfu999AFA~j1Q7v~e8QMxLjMGv9.hX~8EvuiTAL6VAt%3D-Hm2pabzIuuZ~kGGv9~e8QMxLjMjvA9~L88Ex1v9%2C9~J7vuH~LNvu~LEQMQOvf9ff9HuXuW~e8QMGvWuA.FF~xLjMGv9.A~xLjM7e8v9~JNEMJJLvH.F~xLjMjvf9~yN17vX99Wih~GGvuiF~eev9~jfLMGvu999~JLEYv9.uX~GYvu~Q8Ov1iHHiOik9J9JXNGF1hh99NGi1kNuAHOk~QOv9~x8OvfV1168Ak4kuFCbbBdF~G7OvfAAffWuAFfXff9FAAuA9fhWHX9iWuFu9uHhfiAifWXXfHWfihAuuWWHFiuXAuiii9fffAfAhuf9~AENkvu99X.hH~x8Yv9~OYYMQ7Lyvw1LYmz5~exLjMGv9.Au~QQvIK~x8Bvou~NJv9~LEQMGvXh.WW~exLjMjvA9~%3DVvfFFi~z7Qvu~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvA.fA~8Q8kv9~jNvu~G8Ov9.uX~ONvW~ejfLMGvA.9A~8exLjMjvA9~QxEEj5M71yM8Ovfu999AFA~e8JB1G8j875v9.HFHFFu~NGOEv9.u9X~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJ1Q7MQN~LJkMNz7vu~O1jyvQJLeJLMOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9hW~myG8Ov9.uX9~875EJM8Ovfu~QJjjJLM71yM8Ovfu999AFA~N1LL8JLVOv9~~8GNvu~OO7vou~zQlvu~7yQvih9-i9~GQGv9~GQEv9~7Y-vu9H&vgd_optout=0&vgd_cfud=220401&vgd_scsver=175&vgd_bhv_kbb=-1&vgd_l2ch=0&vgd_rensize=970_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001650060992852025035145529556&subBdr=196&bdrid=4&fp=mjUbRSzmeUk9UWUvGgcRLXYs6Z_m6hB_xxvK1idYbSxtB2MCEzk3asT538MbbIglOUYpn_SYCwQEBFqL298OTgKsjkbT1ZI2C5HYuAR29cDpifA6S_xjBT9e5EpNepYl&cme=WCKusPp3Luhf3zIIoZY45yeLjdQtW0BAIznt9c0l8losu5MKkXW3zSmNQAb8Clo74yGT-L23t0m2_5Q8xWJ4EEQLGyMU6IuVIgMaNUsacP7IrSJqJzHkT6eMuR4vkJOWcnvUV6N77DdVT2LP0T4QtmLg6mQRn_uTf2_bYVNkEc6czRTx9Tch8-1MDQ8_m6qhshWL3rceG8qHsjOjbL8xlusIJOJ7DgrHa5mvPeyRwEs%3D%7C%7Ca0AmFUYXmD6REOrScCyvCWia0qjfVqjDb4zDzQ_uTapGrHQb-ax8Gw%3D%3D%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7CJZBMvEFVBjJ7jh6P6qzNk6Y6q85FnQp4L54jjRSr3sQnntM-f7IO0J-HR4SQ_r4rRBzL3q6YBOfR8g3GzrRq9f1oy95Tm7TvyaPTsJFLDFiBNhGOEGUPykXaU8LZfoYc1RtzO9b6P2XnEe-6TFGkni4sfDRx1pDS86JlAxxgN74xU9lc8lT7DtOeZ8mStrP27cFRqnXCJJI6QHb0yrfMlOdXBrgZJIKcDjLp8xgpmEc%3D%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAe1fJvbk0OOl-4lZxkosuUI%7CUZIrcOI3Lz7IDrXF345x-5-oUr_GSvQ7%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7C&rc=0&rand=1650060993349&acid=cedd1bded3704785b6dc72fda12057f0&matm=1650060993349&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&vgd_ltime=985&vgd_ltimesrc=1&vgd_l1hcsd=N4%7C2460&vgd_l1ch=1&vgd_lhl=2433&vgd_pgid=p01172461371t202204152216&vgd_adprefflag=01&vgd_csip=rtb-appnexus-57d7676996-jw2s5.SC&vgd_sbSup=1&vgd_nrrs=42121&vgd_cntrdt=SF%7Cassets.vlitag.com&oRurl=adomain%3Dhttps%253A%252F%252Frelated.360topics.com%26adt1%3D8CUQYHE04%26adt2%3D482645036%26bdrId%3D4%26cb%3Dwindow._mNDetails.initAd%26cc%3DCA%26chnm%3DHARMONY%26cid%3D8CUJEM1AO%26cpcd%3DDuJl579aiL4RndvsLJI4xA%253D%253D%26crid%3D173588971%26gdpr%3D0%26https%3D1%26katbid%3D-21%26katid%3D808076879%26katpre%3D1%26lw%3D1%26matchstring%3Dhr%253D0%257C%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO3BF8JJ%26requrl%3Dhttps%253A%252F%252Fshrinke.me%252F0GNZk%26size%3D970x90%26tpid%3DTJUNCZ9%26ugd%3D4%26vif%3D2&vgd_end=1
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Fri, 15 Apr 2022 22:16:33 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 15 Apr 2022 22:16:33 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNMZAaRrtNrtl0zghRzdNoc-AyeMqaya-wrBM-PrYt-aUqY-ePYBwqTTrTZeRqxeNco_MZAaPPPTZ_KRwNjxqfzxdrtbRlmNaKAbaARdzNwqfftkRrdzNRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
cf-cache-status
MISS
last-modified
Fri, 15 Apr 2022 22:16:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcgjSGOlzgI5d398oEHkCw5q3R3Mdt2MjcKGejSKhaOM7wQlb%2FiYl3b2mpZb9DO7XcB5tfNpdcZ%2BnHLsVxqJugRc2cqWShSHQw0o6n7t5W%2B9rl3KV8qp%2By9fdwQCqtOi1YEDHaDPa8p2OaXk3CkCgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6fc80bd8ff707145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
806.json
id5-sync.com/g/v2/ Frame 5BDF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
56f73ef7decacc7b040b8b1126f106179053d9fece85040eab80b1b980c0bb76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame 5BDF 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 5BDF 		154 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cc76c3d401772fbff3ebba1ada6f0d389c8ea229bd3c32c06ec33b760ead52fc

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.40.40.42
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 5BDF 		108 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
de3d4524e3d03b5cc722f7962b9a82b538e08aa42e6f681c43b95e903adac838

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 15 May 2022 22:16:33 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 2AF9 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Age
4367885
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12832-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1650060993.444504,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 995541
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame B391 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame B391 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B391 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvM9b5O15W-5VcOuTPgtbFV6eX-YKfNsKEbHTKZIsihHN7pW2N-CmZRyBa1uRxkry8k6j78sE_xtqGkGL7GGWnHoXzK3-fRKiK-jeHdXriiHcnPdAD2aRWyHzXy2KX5JMRSo06sLlrNaL1jXUUOlQuYm95Jj3DsaLAlLm2nL0FBM9tfM7KZKExchS3ZThlgnb7LjlJaMNt6SKRgelSmknEos1JW-bW_drLYZeeB1-TH6s08LazPYLvBjBPPC2pC7eYSMd9EtYXC9A5-4B0MwPEFCXtdXOmEkD-gSnFZts4ctY4x5tw2jpQkbsua07Lu5BQG8hCMN5Wpce69GiC7oYiqvTSwT2MqCQUdPTOcXWBJHnF5jN0vBKkxYD-6EmM3PtAAJD4N3hYWMIshypfA9fAuPsYYFSmc_oM5yuPKAsVq01-pIO9awMGFBj5io3TQ5szsWwWGoAKTQ67doILijgm2eHkme5z2CA2hN0fNd-kVngberIEaT3Z71_Xw9rbRFzr5ZqPPqdZi1jPDOqBFA_LvaHRYZ9e_VlXLXj5UWIMgNaAfH4cmLycsuCUAMjzcfgGfhrjZCIhxmFheU2fkAK-Q9oCpHM1BR9XhCk5XvFBz0UA2V-BHx9XJjWl3ufJCg-nmGH9Wyn2O8F2nelQRbvDu9_mFRzUAVMy3vxlMpSB1XF0KkkeWfrR0eX4F77soFuJ07daPBnLoIz9B0XbSayfNFA1-7UMv_MxYVuGPJMquFZO_4Z9dJDnJU4OHgDMtOrVApsV3v1HF4bgdy6pV-jY_Oc-dU8R2CVfPhZmsCkMpSt1FkKZhvZ4951t6WxTmoc1Jo8u0vonnXULJYpXDX8WymszL8lmd-fQQ9shgKf2EIi9iF4fF-l5mhijZaBRnOhmHwKdPSK3B21c8FWsBn_0_wbSQ_1r85RqARCQqj_9VPQ6aFUtc10HWyEa8ULsUpX1r2oXlJYy_AdV-1nLV5hRLBZXNC48u7fG29LOX48rvD0CPOimEkxx-Cl56AuCSg7vfiC4HfY8CVttX8SqMQRcLN4gEw8EPSzyATOWJnTtL_P1NYjZnZOeUxhB2vZ65L3MLoAZqYnJeGQf7VgBqUZXWtXTFcxbDKTg3vz7zFnz2VUIlpj2dlyDw6f7xhzAJyO1_--ORrAFb0ToI6BY1L3g69dkeHctNhPQ3FXw&sai=AMfl-YScAD5FE9ehdNHLwKd4Vu-ockvXWOPs0uVGjSyoCWWg6IStOTYfFq--asfq9VwbLeb4p-t0LwuXjCQIcZmKYHJ-t2_YLJZnVyBxMXTdnrBw6LIttL3auGA5dQ7cGgPItz77yJH20w7Y3dvo1GF8cWi3STQFysSTiE1bobjvQtjorWOesqSnsFZmamiF9WxFKM_xGYVzYQqCkZQsAjNnCGnAWlbJNXu1HgaWOpOMrRRb5e5m&sig=Cg0ArKJSzBieqEtJiF8_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220413.30616&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 22:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B391 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 05:56:24 GMT
15851603102519667006
s0.2mdn.net/simgad/ Frame B391 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15851603102519667006
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34874ea526f056fa72a0030ba669a74b4d6d988757a19ea29e448370728014b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 20:44:08 GMT
x-content-type-options
nosniff
age
351145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32523
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 00:25:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Apr 2023 20:44:08 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame ACA9 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 21:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9360
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 15:00:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:58:53 GMT
806.json
id5-sync.com/g/v2/ Frame 6E55 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
964a31d9e0b9afea87c1144813d51f5f2e24608a8673b60f983c76e7cfc8c4a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
id
id.crwdcntrl.net/ Frame 6E55 		154 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c0ade8fb305e9d51a67a73ac65062eab29e12bf1947a5293de84710eece0fd7d

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.40.14.82
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 6E55 		108 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
de3d4524e3d03b5cc722f7962b9a82b538e08aa42e6f681c43b95e903adac838

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 15 May 2022 22:16:33 GMT
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx91v,pingTime:-2,time:225,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:382,beZ:383,mfA:385,cmA:386,inA:387,inZ:391,prA:391,prZ:405,si:411,poA:426,bl:437,poZ:437,cmZ:437,mfZ:437,loA:535,loZ:538,ltA:606,ltZ:606%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:225,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B217~0%5D,as:%5B217~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjsi,dtt:0,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:BODY,sinceFw:180,readyFired:true%7D&br=c
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
vevent
nym1-ib.adnxs.com/ Frame 8C57 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKOBfBMjgIAAAMA1gAFAQi-3eeSBhDRuIP1jdHm6CYYkeuB6-nt_N8oKjYJ4XoUrkfhuj8RG_D5YYTwtD8ZAAAA4HoU5j8hG_D5YYTwtD8p4XoJJNgxuB6F61G4rj8wq-GBCjiDWUDqXEjgA1Cnl7inAVj34ogBYABo4KqtAXjiygWAAQGKAQNVU0SSBQbw_ZgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAoHiVuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDQhIYMjk3MjEyMjg0ODM0OTc1Mzk3MF9zYmlkGhMyNzk3MTg2NzU2MjE1MTAyNTQ1IgkzNTExNDQ4NzEqBk0xMTg4MsADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyNjA3OjUzMDA6NjA6Nzg2Nzo6MTSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEJSLwXvoEEgkAAACAfNhFQBEAAACgxPBTwIgFAZgFAKAF8qTW5by_xp8pqgUkYzc1ZmE4YzYtMzYyOS00NzFlLWFiMGItZTgxZDRmZWYzYWQywAUAyQUAAAAAAADwP9IFCQkABQw8AADYBQHgBQHwBcWUIfoFBAGYKJAGAJgGALgGAMEGCSQs8D_QBrDxAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSQgYACAB4TC0BEAAyAfiygXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAH-_wHiggCEAA.&s=2076d1b814060dfbe8a562a5c529623f1bc695d0&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=970&bh=90&sid=1233369531211067702&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21000363&sw=1600&sh=1200&pw=970&ph=94&ww=970&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
75839d69-0820-4061-a85c-4b099307f20f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
mb.moatads.com/ot/ Frame F229 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ot/v1?url=https%3A%2F%2Fshrinke.me%2F&pcode=moatot&ord=1650060993534&jv=62214220&callback=OneTagNadoscallback_16915614
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/linkedindcmdisplay501882038263/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.231.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-231-132.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
aef5c0f6b5a129dfcc74f7db48a29c897edbbae0c718a5a146b7f31ed927731e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"991445f2bb998950d6d90cb8acdffd25ef3be06d"
content-length
47
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame F229 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=LINKEDIN_DCM_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fshrinke.me&lp=https%3A%2F%2Fshrinke.me&t=1650060993534&de=939183224518&m=0&ar=9f397fe3151-clean&iw=73e0bcd&q=2&cb=0&ym=0&cu=1650060993534&ll=3&lm=2&ln=1&em=0&en=0&d=22666663%3A5289647%3A282888121%3A136107460&zMoatADV=9293830&zGSRC=1&gu=https%3A%2F%2Fshrinke.me%2F&id=0&ii=9&bo=shrinke.me&bd=shrinke.me&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=linkedindcmdisplay501882038263&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A779&jh=-1&jm=-1&mr=0&ml=-&fs=197724&na=1859303168&cs=0
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=1584848027310101&bg=!nJ-ln9vNAAZvJBiFTyQ7ACkAdvg8WpJqjQ7QGK1F5ClwTW8hkZqe9Dp-CnFP8F9yBML7SKJP1BbK1AIAAAJrUgAAAAVoAQcKAKFDjO7zjN4A3STSlxUnpbUuINq2Ve9fE_DhMaYk-MYi7n7HCkF19HTZkxxemmFpokl4bZMXpbxMCngsm9JC5vDaF9Off0MNVMNCJKh_OxpUBSj4qL_rEXJo6_jCkxfcC46JigRDEIJQNBs7ZSOowkOF6-SVK_Ncg0Iguk5EHfuS3rvkpOPVoaJ85fUDN98DVS2kTacVqluluBis1lFrz08iZpkClHjk7JfOKb24y58yOzHenoVCs9MaEwCskl_7QmG7hzYqa3m2dSgrZoxpipv2a5Hy9sjTQzcMBEYDIw5BLzwiuynJvsCJJKKjr8pKITdiVjuXUgLqRw--KoE5PFpkAdAhMIB-_GGxjvul1uCDZOhDFKZ1SXfyZU2LbO-EaYxx0KdvxXvB8Yfe7PUAswBnyXiJxzgfuFlT5SRKXMOyx0OuyiSsCghRx4bZ5A8wc96gMEG2sY1A_HFbhuIi5vd-oXW-YG4OGaT5O8zjEv9wYSQ32speCTmtxEjJ-ij6Xjg0qDdJX4rD9nt_qugyfZBFxOqFboDL0tDwdguyzG30W_Nt_yt_Mo3NiQWBNSb2p0NkmjSFzRw8jR-IBGiFQYiC29LPHcD1zcfeJPv_31Y8_B470sJcDXJdkM8E6ozm2NmubSji1McjWnyXqaI1sPmunMZ6LrnVHsJM1LXGvQErpUeIeIwNCqoC8VPmNvqJcCmENRh7X15POU1HJue_73qNzwny-KSBvZEPGPuYRpGgCk7kSHLTl8ewtJY5OnkeWLY8Mb622zlxnUt3F7KPMTt-XoY_l5WpXJTP-5tisgTW8RpCriPXLdw4P5GnWo2GTPhe3SORRPciCrSUBDsnMg0i2yAAIvPqcJ_tyW6yxkOpdye_iUCcOViGSBOXWOUQ4Nbymim5x9LgF1imFXD991x-JwG61jcMrACTQ-hx-DfJbl6TGtLG3EnoiGUfkBefo8OFFvQ6IBnIXpbEdt-B7ixdbS1mmRLOQ6ikTBREFBdH3Ov-VNsiONxw2mkKcoEUeP_iWJ9H8qhNdptCaRk_Vwz73z1r9PHs_4h4F0Gzvnil-itIBX9Ei-HFa4ZgkUtOSHQh0qahafwXaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame CB3D 		1 KB
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/c24ec0cd19bfd9b6fd1793271ec7cda3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40e980ed03ebcf6cd467fe89fe822f750cfd682ba8d45dbdc740a9ff61fb0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 21:46:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Apr 2022 22:16:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Apr 2022 22:16:33 GMT
67c4eb29b5228c98b335bb0055da538c.jpg
s0.2mdn.net/sadbundle/6193854350124385521/media/ Frame CB3D 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/media/67c4eb29b5228c98b335bb0055da538c.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8892249971bdeb47e5af551f995d2a42df14315e88c119366e1cc9d5ca7f958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:39:06 GMT
x-content-type-options
nosniff
age
211047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21996
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Apr 2023 11:39:06 GMT
c3253456259a0449676b114706131b83.svg
s0.2mdn.net/sadbundle/6193854350124385521/media/ Frame CB3D 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/media/c3253456259a0449676b114706131b83.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aecf54f553dbd2c3f30a385daea41f8107c8747919da999df0e8385d3f66ce5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395131
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1613
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Apr 2023 08:31:02 GMT
9e6a254fff6814d635e149dca5f531da.svg
s0.2mdn.net/sadbundle/6193854350124385521/media/ Frame CB3D 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/media/9e6a254fff6814d635e149dca5f531da.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2442f414bbcb819ea041d84fdc217161221a59f7a8cb7f915c4a1e840543b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3416
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Apr 2023 11:39:06 GMT
vevent
nym1-ib.adnxs.com/ Frame AC2B 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKVC_BMlQUAAAMA1gAFAQi-3eeSBhCqyOSfpaL5-n0YpO6QrMH-ouMwKjYJ5e0IpwUvij8RCOwgZXp4hT8ZAAAA4HoU5j8hCOwgZXp4hT8p5e0JJAAxARvAUbiePzCr4YEKOINZQLwJSGVQ1OyLlgFY9-KIAWAAaOCqrQF4sM8FgAEBigEDVVNEkgUG8F6YAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACgeJW6gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlprgAMAiAMBkAMAmAMUoAMBqgO6BgqBBmh0dAUu9KIEYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3pUUmp2dTVaWXZxek91ZVlvUE1QcTQyRXNBZnFqODNBYVk2WXFZNjJEb1hkbzZmWkFoQUJJT2FYMWlWZ19laWlnZkFEb0FHUjlzQ1JBY2dCQ2FrQ2oxZmVKeFdkcWo2b0F3R3FCTmNCVDlEMVotX3ItdzVDOHphS1VfeTB6RGpieE40a1dwWUo3N1lvVGhyNzdoZGs3VmYzOGZLSmpSQnBzY1NnZ1cyM20wUkNDMlNJbHBqU2NuV0tfaFFSUURfY3V6Ul8tUHJVRmlxRVY5Xzc5cDEyTEZlNWxXRDFrckM1Q0Nha0ZPVXNzRzFYNFpDOGhZRFBRMXZwdU1NRG9qSWU4eWtyWkZzSDNZc3RTdkU0WUJwMWRndlN5UXhtdnVFMDZsZjkwcVk3aHJXVTk4X3dqUG52OC1tbGhnLWkyWXFfZ2x5Tm14SzZsb215NUpKbVpRSnBJWnQ5eEFlY3YwRlRTTkpvSmhkY2tFMHhiT1JTZ0dLRXBWTFZXN2tDUjMzbjdsWFpOcFhBQk1TRDdKRGZBLUFFQTRnRnE1SHRuVGVTQlFZSUhSQUVHQUdTQlFZSUhSQUJHQUdTQlFZSUhoQUJHQUdRQmdHZ0JqMkFCOWVKdi00Q3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIcEtPeEFxZ0gxY2ticUFlbXZodllCd0R5QndrUThXTVk0b0RmdFFIU0NBY0lnR0VRQVJnZjhnZ09ZbWxrWkdWeUxUVTFNVFF3TXpDQUNnVElDd0d3RV8tSjV3N0lFOURLeE40RDBCTUEyQk1LMkJRQjBCVUJnQmNCc2hjSUNnWUlBQklBR0FBJnNpZ2g9MXVLemJiS2FBSXcmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0JPUm9LN0kmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzkwNzY0MTI0OTA5MTYxMTE0MDIiCTMxNDc2NjkzMioJNzYxODcyNDkyOgkzODExNDEwOTDAA6wCyAMA2AOe17oB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQVMjYwNzo1MzAwOjYwOjc4Njc6OjE0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBNTsi5YB-gQSCQAAAIB82EVAEQAAAKDE8FPAiAUBmAUAoAWMgt2XsJ7W5S-qBSRmYTNjYWRiMi0xZDAxLTQ3MDQtOWRjMi03YmIyMDgxYjczNzXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX_4jX6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGz9wC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTQ4MjY1NTU1NjO6Bw8IABAAGAAgADAAOLQEQADIB7DPBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH-_wHiggCEAA.&s=19adc3ba283c62926977d7245077de6033b61632&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=300&bh=250&sid=1233369531211067702&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21000363&sw=1600&sh=1200&pw=300&ph=254&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
757c398e-2b26-4fd2-a2e1-0d4b8863301a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j-5690067-3384958.js
cdn.flashtalking.com/xre/569/5690067/3384958/js/ Frame 9AB2 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/569/5690067/3384958/js/j-5690067-3384958.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d59833a41851d76d046512d4fd600beab28fd505ab7c0bb3bfa5c0caca929e8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 16:18:16 GMT
Server
Flashtalking (AKA)
ETag
W/"2b60245edec2f6e227cc57b1c60df028"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
893190163
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
23655
Expires
Fri, 15 Apr 2022 22:36:33 GMT
pixel
cm.g.doubleclick.net/ Frame D5C2
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ&google_hm=bca34109ab6c8e0f610f67db
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ&google_hm=bca34109ab6c8e0f610f67db
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKnBkmsWvHGhWyVxsm_7Cc1G7p0-tsSmxVTQG6A89xjx6ee_GFqkGTjgLB-v7sC1YznkiKFnacN-mwGBD-NJ72RtBZTcxQ&google_hm=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame D5C2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRrDTTddYf0DN0ZC8ctlKi56N1CJDv
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame B391 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvM9b5O15W-5VcOuTPgtbFV6eX-YKfNsKEbHTKZIsihHN7pW2N-CmZRyBa1uRxkry8k6j78sE_xtqGkGL7GGWnHoXzK3-fRKiK-jeHdXriiHcnPdAD2aRWyHzXy2KX5JMRSo06sLlrNaL1jXUUOlQuYm95Jj3DsaLAlLm2nL0FBM9tfM7KZKExchS3ZThlgnb7LjlJaMNt6SKRgelSmknEos1JW-bW_drLYZeeB1-TH6s08LazPYLvBjBPPC2pC7eYSMd9EtYXC9A5-4B0MwPEFCXtdXOmEkD-gSnFZts4ctY4x5tw2jpQkbsua07Lu5BQG8hCMN5Wpce69GiC7oYiqvTSwT2MqCQUdPTOcXWBJHnF5jN0vBKkxYD-6EmM3PtAAJD4N3hYWMIshypfA9fAuPsYYFSmc_oM5yuPKAsVq01-pIO9awMGFBj5io3TQ5szsWwWGoAKTQ67doILijgm2eHkme5z2CA2hN0fNd-kVngberIEaT3Z71_Xw9rbRFzr5ZqPPqdZi1jPDOqBFA_LvaHRYZ9e_VlXLXj5UWIMgNaAfH4cmLycsuCUAMjzcfgGfhrjZCIhxmFheU2fkAK-Q9oCpHM1BR9XhCk5XvFBz0UA2V-BHx9XJjWl3ufJCg-nmGH9Wyn2O8F2nelQRbvDu9_mFRzUAVMy3vxlMpSB1XF0KkkeWfrR0eX4F77soFuJ07daPBnLoIz9B0XbSayfNFA1-7UMv_MxYVuGPJMquFZO_4Z9dJDnJU4OHgDMtOrVApsV3v1HF4bgdy6pV-jY_Oc-dU8R2CVfPhZmsCkMpSt1FkKZhvZ4951t6WxTmoc1Jo8u0vonnXULJYpXDX8WymszL8lmd-fQQ9shgKf2EIi9iF4fF-l5mhijZaBRnOhmHwKdPSK3B21c8FWsBn_0_wbSQ_1r85RqARCQqj_9VPQ6aFUtc10HWyEa8ULsUpX1r2oXlJYy_AdV-1nLV5hRLBZXNC48u7fG29LOX48rvD0CPOimEkxx-Cl56AuCSg7vfiC4HfY8CVttX8SqMQRcLN4gEw8EPSzyATOWJnTtL_P1NYjZnZOeUxhB2vZ65L3MLoAZqYnJeGQf7VgBqUZXWtXTFcxbDKTg3vz7zFnz2VUIlpj2dlyDw6f7xhzAJyO1_--ORrAFb0ToI6BY1L3g69dkeHctNhPQ3FXw&sai=AMfl-YScAD5FE9ehdNHLwKd4Vu-ockvXWOPs0uVGjSyoCWWg6IStOTYfFq--asfq9VwbLeb4p-t0LwuXjCQIcZmKYHJ-t2_YLJZnVyBxMXTdnrBw6LIttL3auGA5dQ7cGgPItz77yJH20w7Y3dvo1GF8cWi3STQFysSTiE1bobjvQtjorWOesqSnsFZmamiF9WxFKM_xGYVzYQqCkZQsAjNnCGnAWlbJNXu1HgaWOpOMrRRb5e5m&sig=Cg0ArKJSzBieqEtJiF8_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&vt=11&dtpt=253&dett=2&cstd=0&cisv=r20220413.30616&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDF5LyhOf-0aJEmiNveAaCaLqV28WJFt_-AFj8L9jaeAp1v75yhjA2-Wm4FPepGQBhj4iUUykjzNENykAvUoqlzeV9UNFsBt2EEJixrBFD3pzBDwvABmIKJ3rtMqyn7MiLFiwQDNFeYfYamvVYNhoVrtfpCw&dbm_d=AKAmf-C_gUdsBb6QBkXrSkPX33PzgE7DP1KK4wiWEE3Oh1JHz9JpKyMH3NRnV4nLnYMdmUZ77NRP-rw9zVZ3cSnDAd0iTkqd_96pSQotxGhbZ37hyJkI098gqGuGcQqgTabbn1l2GRBQ5CbelEiboGuKDjKTe8Dugfe4hmM0A6hSyYo-eDqlr3Mg6NQSATKr6O04XC1niLRnZYdpH_ixdS6etts4gIVMe4jUvsqfcJW8G9g3iW3Qy9kIDjVVo5ZS6lnLUJz5QLCZxIDwcVm4fPZ_TzGPk1KSsKNLjPm5QBlCB8rNHD6qJ-l4A__oyu6tYOpqn9x7GwfWV1uP-REFWMp9p7gNBvMPzjGcgC5UesWjdsfjsZLJUlNRUiJK1H_a7J0_RxFW3i_bdUybQ9k_BAN7wfEseT7W3YkNLTSBhg5FpvNpB1Su_STqIagyzizobwrkEUI-_KxGSk3eYigpAetzhbmNMEKZMTUS8uL1htcm2YnKVyZc_wWVnBS4oDxB3mUmd9iJhgX8SnLj9ImB4RW8cGhY4s5tGzaDa27HljLQBmlx6usu5sPm9_LFDUHUYzTQ8fLNiye1Gqzlm-i8ohgyBHD9Zp4QQLDO12XHiFq8zGlNXHAEaLaDdzEE5LcqwUfNkIQk459rH2YD4flTtbx7n4rR_DIFmFiMLJcq9RKn0KfP68I99z0U7LYsaXclW5iykgL_ETyp4lJX6G1vODlVfjekIqHnYSkAocTnu3SGAf0a70UjlKW-ifwPNNVEbXhHXXKkNKfQlfem0ydWyqMvXvySFeQZdz-ZMXNCTYnudUr8pFDB71PGnKDSoKWgfoyBis8OWjel3Tcl5W0oQVfwzeA5ZvrDATZp45djLThwIEcbxdzQlqvKfATdvVogTb9TSYJ80eCl3-KcMr6nfB8UwHDzF5RdlrVznxn0EXG4IHNAWSlPKWRcLmxCdgt6BTWeeAb878mA8c6l8fQqU1bjOASQFdq9Y1yogENldvJ2Caw_qpZbD_qnAbTznRs4XTDWIsUaPh34MhdzkxCVjIiKJZg7dN5CXK1Vfz3bZL6KTv-BED-LmYMc8J3dKkNsZ_UguhYIEX1ZPlzdZBabKyoFn5qqx9d0g_dkjy0_MMF1NaFI0Y549IoYnmx5MfV2pMnKWjaXTQ3UIeoj2o1uHVRRhzBIZoNV4t_9OKMst_Ld06ACmiYTc0efapzD45_YTxSYhGaD5CSoposZDr-4WsKHJsalstUKRmKJTjAyxVUwirmlYHAOi6o1zWhL6T2VmANqlzdm6ETFkNq4iqp98XcvcZytwclI8DTZq8ZBua2sqvklJNS8eNBA6FFibiSXkGf74paJeahGNZa5IHXKAwYHIXYRWop9S5MXnEeq7DZpb08MRRG6_vAHdgVgBSXCNy95DlXYArS57fBHxbMvXPJXpQTt-hYqUFUZU9NcW6Ca0ifs9mtawHG8NP07JAMuvSCTt3G7rUI8A-oHxoAaCjCKvIR0ublu3WBoDXUgx5uajyqBMtfc9lonVJC_TX7UBuarBFttyC8U1QyabvwlWDvSfEMSMyTbiZrUv91B6iRnpjJQRSllfnI6gbyyzoE-ud80v8iLcb_6dPSk-fWMj6CB0fcEJhihpHthdtUe7DlXxHO9As1Zoh0erXaPCYFXZhzkygXNcCKpdl3zpxm_YMFUjmOm5wZasErypQ6ySYuNpDGU5GnIUPyvYNJrh0iFmcdj7xcroRGZCxW9jj8sUv9i-oarQ5MbEKlVAjVywJ3i6pDPDKAieKBrEGWBnox2C9CPMRm-WBKpNwAegkJY3rfP102NxcZDKoH42smlCaM-oFcPH_-6MPPFjmG_KGaKAMD1zVtNZxinsALMySQCBBuBBlaNP_4BJBbgAuNiij3daTw8UrQ4seoF3ktqoh39pMiBdnHnoaRS_87vYENgv2tvwIlUTMNjKg6itUVOpJgdarjSMxmYQ1U6FI6of5kxpMnpxIoJvP1qiHjGLI4KkGZ280cpWNivkRCcQ2MxMog2sbqcrcUyWUygl6aG1tJmjeO_S6TZ8k8jiWnLvcOgPae-n-8GRBlj3JyJST84-obMxlXLvoKDCtSRIcPOhM04xeFiJ4GzFqsZpk8BpwqjuqZPDrngfL9dLd-DM9Fzio5-_qxLeJhLYcNvPC0g3fJJrWEHt0347ONOhBhfzaQdKs3RpWDuJHlLvsg4ZREp2xWw9dEFydn_s1PT0MvFDsEC_17zhU8Ee3EGBjQLcP7PkiZxQSeZCJCl9PVmsmhYBBRsa4lttbB_deKpasGLwsRsoDtnIJddEBMJdf5ZYlIAdQfoUlss4lM1WShbw3_YS5PhZLdMNc405dNCohoEQ4b8xiOD3NZZ0D8HWgdcmktM4kXpi3MuI97eEA3Qc8801onMyyK-4AEtljF9mX84N8cwkt_Z5vwlIkyKK_o_9nye2UxIy2asr1M4-YNFqv6i1zXPX2Oir2fJ1hMeagQU7eE_occclTHSfwfwFv2tozXro7g1N-hovDONrUeI_yokNzUHMqP0V7rLo9QWPBp4st5wOTVGae4H12oZ2_EXWwKzHz4BzFmb5ajasl5dLffoyo99Vjb1lFH23E771KkfaEAGK2qr0sFVEXIZkGiSi8lJZqydpNy-bTHDiFHhRxrpUd5M9nX37JiEX_EttTN06p2_kDMhg3i3OMLAhF1xrKJMEJe24P3iTGVIh2O65lPTvYHAVoYVutoV2pEL90HzeFMQMSbGtBLs6xdeHR2ORMQX4Mc8jBWmxOwY1qzUKMj45cyTb1p2zI4qFVJdKN5rp214HU3pXYOreIHYN3Ghlr5up350hcazr7xSiVdYZzB-0Nh4GvGo8IbnFpqtAJKvOKN87-aObgWcMKrhgsKNvddpxErJnRNbyxZnOt5LCF0RzeAlpBbD5-D7QVq-PWxsj653i3853bJdrFS_z6UVjn8in5RcmRIgmxtWswe5-vUanWcHBme_nNvMi2Q7ro4I5fanzQRSkdhBX6f5&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame 7DAC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bf30ae2d-c467-4b7b-b328-c8d02ccfc66d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impl_v86.js
www.googletagservices.com/dcm/ Frame ACA9 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v86.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 06:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21362
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 06:44:23 GMT
vevent
nym1-ib.adnxs.com/ Frame 2AF9 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QK_C_BMvwUAAAMA1gAFAQi_3eeSBhDSksjc2Mjfo28Yns-qzfy0_rE3KjYJRBK9jGK5pT8R2wdJNLvNoD8ZAAAAYLgeA0Ah2wdJNLvNoD8pRBIJJNgxAAAA4FG4vj8w9rj7CTiCYECYOUgCUIPD1I8BWLGTkAFgAGj1ha4BeO2oBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCAxNDM1NDg2LCAxNjUwMDYwOTkxKTt1ZignaScsIDU1MzY4ODksIDE2Nh0AAGcBOhg2MDY3ODI4RjsAMHMnLCAyNjc0NDM5MDFGHwAscicsIDMwMTI3NzU3Oh8A8IuSAsUEIWxHdWxZZ2pCdTU0WUVJUEQxSThCR0FBZ3NaT1FBVEFDT0FCQUFFaVlPVkQydVBzSldBQmdqZ1JvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWVZZ1F1cmR1YVVfd1FIbUlFTHEzYm1sUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSDUtTkVDOVFHQ0l3RV9tQUlBb0FJQnRRSQUkAHYNCPBxd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJR3l2aHNRQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTlRuZ0E0c3VnQVRqeUk0SWlBVDZ5STRJa0FRQm1BUUJ1Z1FhQ08wSUVRBX8UQUFOQV9HBUgJASBJTV8waXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfSEFBQ0lCZXNpbUFXOXZjTl9xUVUNGxREd1A3RUYBDSBRSEFrNERfQkIBRxxFQndKT0FfeS4oAAA5CSgJAQREWgUoAQElQKhXVElmQUY5Tm5VQl9nRjNzNVhnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWXpNBQIwUG5QNmdHQkxJR0pBawFGCQEAQh2zBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhd2hQYWRROkkCNExHVGtBRWdBQ2dBTVRNBW8YTS1jX09nbD2BGGxBaXk1SkENAQw4RDlSDQsQQUFBQloBBgkBBEJoCQgUQUEwRDlwEQwMQUFCeB0MDDRBSWs1jPQ0AThEOC7YAgDgAtjVW-oCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDU52gQCCAHgBADwBIPD1I8B-gQSCQAAAKAhwUZAEQAAAKCeZVLAiAUBmAUAoAX___________8BqgUQRTY1SU9ZN0xZNExXTlZNQcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBf-OA_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAAAAAAAAAFHBQEBxFDgBgHyBgIIAIAHAYgHAKAHAboHDwgFGgXeMLQEQADIB-2oBdIHDQkFNQQAAAUeCNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=fcbbbc5da17fc2072de14fd2ed5b4765e05c97b5&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=728&bh=90&sid=1233369531211067702&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20896886&cid=3&cr=nv&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5947047-1b54-45e3-a5fa-5987716908d0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 79F5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:33 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b4d12d4-d660-4c04-b40c-a89a63371a2e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7355 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 16 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B391 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60b43f67bd583bc72913d7792388b83ad64c5d8bec60d54d5b589e0284392c9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ Frame F229 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F12121761741305688944&i=LINKEDIN_DCM_DISPLAY1&ol=2416751756&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VYTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-ww%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fshrinke.me%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fshrinke.me&lp=https%3A%2F%2Fshrinke.me&t=1650060993534&de=939183224518&cu=1650060993534&m=85&ar=9f397fe3151-clean&iw=73e0bcd&cb=0&ym=0&ll=3&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A779&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=62&cd=0&ah=62&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=22666663%3A5289647%3A282888121%3A136107460&bo=shrinke.me&bd=shrinke.me&gw=linkedindcmdisplay501882038263&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatADV=9293830&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jh=-1&jm=-1&mr=0&ml=-&tc=0&fs=197724&na=1231751458&cs=0
Requested by
Host: ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
URL: https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:33 GMT
css
fonts.googleapis.com/ Frame CB3D 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300|Open+Sans:600
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/c24ec0cd19bfd9b6fd1793271ec7cda3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f76a69ea0b6e43a21f48d954f0b9de3e5a68dce97cc2c66f451765a6226961a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 22:00:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Apr 2022 22:16:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Apr 2022 22:16:33 GMT
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v18/ Frame CB3D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v18/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 23:26:12 GMT
x-content-type-options
nosniff
age
255021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20636
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 23:26:12 GMT
9ee400bf4877f661e94087cf4c940556.svg
s0.2mdn.net/sadbundle/6193854350124385521/media/ Frame CB3D 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6193854350124385521/media/9ee400bf4877f661e94087cf4c940556.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
144b09afe5a22538ac206fac5faf52b0fe527db9f9903ca2a319ff8e8027416f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6193854350124385521/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3827
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 19:31:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Apr 2023 11:39:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A50E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=1591588300020253&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 51AE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame FEED 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
d9core
d9.flashtalking.com/ Frame 9AB2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/569/5690067/3384958/js/j-5690067-3384958.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.96.164 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-96-164.compute-1.amazonaws.com
Software
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
5bd0d97e4b880ff59b7f26996b82333edd6016e6ffbbf08143c04a69acffea28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Server
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3601
index.html
cdn.flashtalking.com/128886/3384958/ Frame B01C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/128886/3384958/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/569/5690067/3384958/js/j-5690067-3384958.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
a4807215fd2995c7d65ebb189e4e623a787d69f1b30637ca28ea70b22eae040c

Request headers

Referer
https://servedby.flashtalking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
709
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:33 GMT
ETag
W/"5e643d151a8225324883498859d7f1ef"
Expires
Fri, 15 Apr 2022 22:36:33 GMT
Last-Modified
Mon, 29 Mar 2021 13:59:00 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-FT-Origin
us
X-Varnish
921521405
moatad.js
z.moatads.com/betwayglobalftdisplay906661272790/ Frame 9AB2 		298 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/569/5690067/3384958/js/j-5690067-3384958.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
29cd3c65033b0c80ac2ba10920efef736ef7cdc6f76dc65da624a57da83fe812

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:01:25 GMT
server
AmazonS3
x-amz-request-id
BAXJXFQC866CYDSK
etag
"eec8ae9f94f927a7d4e54114487e6083"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8925
accept-ranges
bytes
content-length
103284
x-amz-id-2
inFUXtZzznkQZaElqFLQAHsseywGPJ2XYCY61nbbdg/bT6bvmevFggqRRGw77h9rYYnoj2POT90=
iconc.png
secure.flashtalking.com/oba/icon/ Frame 9AB2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
160020222 155117044
Cache-Control
max-age=1254200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1308
Expires
Sat, 30 Apr 2022 10:39:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 01BF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 05:56:24 GMT
expires
Sat, 15 Apr 2023 05:56:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B391 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BOWT-we5ZYpXSDN-RoPwPzu2FsAQAAAAAOAHgBAI
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbs...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame ACA9 		46 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbsB62vX;stc=1;sttr=139;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f6.1e100.net
Software
cafe /
Resource Hash
1231c2f94de99cb9919bc79218c891ce9063e20787bc82524bb4b0bfca8b54ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 255F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7355
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5BJLHyRJEYw&google_hm=bca34109ab6c8e0f610f67db
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5BJLHyRJEYw&google_hm=bca34109ab6c8e0f610f67db
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIQWMRAt_kNMBKG187pmi6VxTa41Y76N4f5FdhwwSU0ErOJbrNI7W6EaLhWWtQch9IQVbX5MkZ6gGcHq1Nj5BJLHyRJEYw&google_hm=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 7355 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kev-epm1xXAM3Fi-5TC5tTJ1Xp9fES
Requested by
Host: 29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
URL: https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame B01C 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/128886/3384958/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/128886/3384958/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 15:35:29 GMT
Server
Flashtalking (AKA)
ETag
W/"db3a9e799b66fd834e149105a04e7840"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
501857423 294574981
Cache-Control
max-age=17931
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
31158
Expires
Sat, 16 Apr 2022 03:15:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 113E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6dSHxhEA3Q5PuU1vaEQRCICUG7SPuJKnMrDT9pfo1Jzq7UxJqIRE9EZ4Z8q7X1Uqxl8NiJXmXINr0U7JSAUoY7keNQSuLKyxc_vCqkc-U-GDdKhQH0ETGE5MC5mj-F581lkj9aMyYKuG0iFDM_AiBY8j-Q3ngwow8cz4DjR4rgnBEEx0EjUsSkFAfbIlkqyirG8XOgPQm3smh5E36S3AekskM9c4DGISGo4Ihes9VFNMPZfG-RNDr1NGH2zuNV6WW70qsGtZBEPLh8uxvQLbgDDyHaVcdQZ4TiaQbiHzUW91V8x3ajQoXusHmAv6I50M1FKZMQEMeOf4&sai=AMfl-YSnMsAcYfNHPwkXE4gObtd6TBuZc54XrHXyZZxhdwDjZS4VzhnTvO0URrEi6JUaJvJ1JFqroiT4R4SUcbsNC_6Bi8Vl0f5v31rGXPkoIJZTGUXPg-bKvKwfoP4n1Do&sig=Cg0ArKJSzN9a0XwH-ZJYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 15 Apr 2022 22:16:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 113E 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf9d616be882ed755fb33304dcf7327f6940f17a23dfcb0eda1ba5144983041a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10507
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BETWAY_GLOBAL_FT_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&m=0&ar=9f397fe3151-clean&iw=10864d7&q=2&cb=0&ym=0&cu=1650060994017&ll=3&lm=3&ln=1&em=0&en=0&d=149207%3A20330%3A5690067%3A3384958&zMoatMMStrategy=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&bo=shrinke.me&bd=shrinke.me&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=betwayglobalftdisplay906661272790&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A598&fs=197724&na=1518263376&cs=0
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 113E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:34 GMT
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 9AB2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
368572778 364475568
Cache-Control
max-age=966
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Fri, 15 Apr 2022 22:32:40 GMT
async_usersync
ib.adnxs.com/ Frame 10C9 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=12290&pub_id=1886142&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=12290&pub_id=1886142
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5be763c-e795-4032-aca1-99d202ba10b1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 01BF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
lgc
d9.flashtalking.com/ Frame 9AB2 		118 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.96.164 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-96-164.compute-1.amazonaws.com
Software
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
1cb5f921a196735755fff37300224009177e92487db12f726e5f6e4269113112

Request headers

Referer
https://servedby.flashtalking.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Content-Encoding
gzip
Server
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
90
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame ACA9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbsB62vX;stc=1;sttr=139;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 22:12:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ACA9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWpGQaCqnTPO5fnDqXcLIt1IN1zXAYVkTQQucro9j8M7MKfXPe61Zk3aqp2aV0DVRP3VkG-zbPUEhq1wU1WFtXaqVM_fpePSzN4TaFNPcvJqySs9fygztoNbgNtIBi2BjGaMYeYKoECQE&sig=Cg0ArKJSzPssUP9iZ4tIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220413.56393&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbsB62vX;stc=1;sttr=139;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ACA9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbsB62vX;stc=1;sttr=139;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 05:56:24 GMT
2896623770822679215
s0.2mdn.net/simgad/ Frame ACA9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2896623770822679215
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950805d18927e26e0dffb81c66b25bbe4b3aad17076bfff48c4664b3b5d5088f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 19:08:11 GMT
x-content-type-options
nosniff
age
270503
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26751
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 11:08:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 19:08:11 GMT
dv-measurements2576.js
cdn.doubleverify.com/ Frame C31E 		521 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2576.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/0GNZk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7b9f6c3e0e65e7f2462bea66f011f7c7d024ad96c1c01595df7a26bdd561f2fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Apr 2022 08:23:02 GMT
Server
Microsoft-IIS/10.0
ETag
"03768dbd84fd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98414
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B137 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Sat, 16 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACA9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 22:16:34 GMT
truncated
/ Frame ACA9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d94e308762dd197a2a7cb5a5b68f4d3183262880c19cb18f4f74253f3ef0027

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx9ef,pingTime:-10,time:1015,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1650060994270%7C%7Ca04a2013fc1d86b93bddf30f142325b7%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7C51a5404d6cb5d128793b21859eddf48a%7C%7Cc53a27975a0c1621e29f87d39fb04ce2%7C%7C6b60b562d246e06877f7ae5b01827fb4%7C%7C44aafc98b9716e6d8d343ee30b7b1327%7C%7Ca28ee91ba01517528a3b5d3a6a8b7ace%7C%7C1629390669,im:%7BpWait:72%7D%7D
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/664330/55786030/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
log
hblg.media.net/ Frame 8C57 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=2972122848349753970&s_city=new+york&ugd=4&cliIPV6=2607%3A5300%3A60%3A7867%3A%3A14&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&usp_status=0&seat=BID_API&og_cbdp=0.150&size=970x90&mx_TAS=1&mx_gpid_sent=false&xtmax=150&commit_id=f691ca6f&scrid=351144871&itypeid=21&mx_SPRIG=2&viewability=46&renderer=0&be=0&rtime=18.0&adj0=0.0&tmax=150&s_ip=68.67.161.154&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=2972122848349753970&sc=QC&mowxReqId=cedd1bded3704785b6dc72fda12057f0_1&ifdp=0&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&bidrestime=1650060991016&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUJEM1AO-173588971-16-3&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.150&ct=Montr%C3%83%C2%A9al&spIsReq=3&s=1&abs=0%7C0%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUJEM1AO&dnt_enf=false&mx_ssBucket=0&vls=0&asn=514&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=shrinke.me&pgcatiab2=58&dt=O&acid=cedd1bded3704785b6dc72fda12057f0&actltime=31&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.105&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=11395&bfs=103&rfc=1&prvApiId=8CUJEM1AO&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CUQYHE04&bcrid=351144871&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=970x90&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-exp&__expireat=1650061591298&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=173588971&ckfl=0&lper=1&mx_tgs=970x90&cbdp=0.105&pvdTmax=104&ltime=31.0&epc=173588971&prvReqId=37946655538613_1383983576_48264503641&zip=H3A+2N4&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v6&pexid=APPNEXUS_EXPERIMENT-1777764&ybnca_erpm=0.15&brsrclk=0&sbdrid=196&rtttime=65&mx_PC=1&wsip=mowx-lite-6cfbdb9475-9cdgn&currsrc_date=2022-04-14+00%3A00%3A00&mx_divid=21000363&gender=O&geoll=true&debug_ts=2022-04-15+22%3A16%3A31&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.078&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=21000363&snm=SUCCESS&mx_IAB2=1&usp_enf=0&bidflr=0.078&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=0.69&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-appnexus-57d7676996-jw2s5.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=21000363&ptype=23&media=0&smsrc=1&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.15&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=482645036&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44086%23%2344085%23%2344091%23%237142%23%237141%23%2355664%23%2352765%23%237147%23%2317195%23%2317138&dfpDiv=21000363&opbidflr=0.078&impId=2797186756215102545&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vis_sd%3D378~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022041518~iurl_b%3D3281.81~url_tkc%3D0~std%3D21000363~last%3D~vis_url_b%3D0.75~ip%3D19L3rJI3XCx4oZWOSnN11G~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D14~rc%3D1~rps_sd%3D2022041518~vis_b%3D813.66~url_b%3D0.3~url_tvi%3D0~ecp_eer%3D4.6~url_l%3D20~gcat%3D500897~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~bm%3D1~sid%3Da9449d9f0e0e5cb6a7700cb9afc134df~sd%3D0~uid%3D2IaaJi3fEf16KSSwj6~btd%3D233228136252206331302784509816101472939285524829731188469153199902223237120~3pcf%3D1005.74~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D0.31~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D57.88~vurl_l%3D30~CI%3D2669~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D3.23~isif%3D0~lc%3D1~bid%3D0.15~dc%3D8~vl2r_b%3D3.03~ivurl_l%3D30~supply_tag_id%3D21000363%7Eviewability%3D0.464661%7Ecbdp%3D0.105%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3Dserver_default%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.078%7Eogbid%3D0.150%7Eitype_id%3D21%7Eseller_tag_id%3D21000363%7EcarrierId%3D0%7E~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D970x90~bsb%3D0~bsp%3D0~tmx%3D104&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 15 Apr 2022 22:16:34 GMT
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.flashtalking.com%2F128886%2F3384958%2Findex.html&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=76&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A598&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=55&cd=0&ah=55&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=238980309&cs=0
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:34 GMT
img.png
d9.flashtalking.com/img/ Frame 9AB2 		70 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=d65a00898c648c1132e6578a3fedccd6
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.96.164 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-96-164.compute-1.amazonaws.com
Software
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:33 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
/
servedby.flashtalking.com/state/5690067;3384958;24030490;401;AB21809B-A4D3-64CF-5B26-BA2DA501864B/ Frame 9AB2 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/5690067;3384958;24030490;401;AB21809B-A4D3-64CF-5B26-BA2DA501864B/?ft_data=d9:43b3d36584414a6da64f714dc42bb0cf;d9s:43b3d36584414a6da64f714dc42bb0cf&cachebuster=286080955
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app108.ash11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
Server
prod-xre-app108.ash11
X-HW
1650060991.dop072.dc2.t,1650060991.cds202.dc2.shn,1650060991.dop072.dc2.t,1650060994.cds192.dc2.sc,1650060994.cds192.dc2.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
manifest.js
cdn.flashtalking.com/128886/3384958/ Frame B01C 		368 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/128886/3384958/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0cdb625be8932038d96359727ee58accf265965c61204a84507f96a8baa749ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/128886/3384958/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
368
Last-Modified
Mon, 29 Mar 2021 13:59:00 GMT
Server
Flashtalking (AKA)
ETag
W/"81c85a1c50f01584c9907b6caa4687da"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
935471486
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Fri, 15 Apr 2022 22:36:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AC2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2lKMlpT4_k9PQwxsITAd3ahveTgfdUcWFe10lF28x6KhtcsmnHpnzfHcNCt133UAvaqdIt8lBSw9FVphb0OpfgpuuVatbhA4&sig=Cg0ArKJSzPhK_CRD_0JuEAE&id=lidar2&mcvt=1062&p=0,0,250,300&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650060991757&rpt=1482&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ACA9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWpGQaCqnTPO5fnDqXcLIt1IN1zXAYVkTQQucro9j8M7MKfXPe61Zk3aqp2aV0DVRP3VkG-zbPUEhq1wU1WFtXaqVM_fpePSzN4TaFNPcvJqySs9fygztoNbgNtIBi2BjGaMYeYKoECQE&sig=Cg0ArKJSzPssUP9iZ4tIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&vt=11&dtpt=178&dett=2&cstd=0&cisv=r20220413.56393&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=86.252;sz=300x250;u_sd=1;dc_adk=2245616040;ord=kd8tup;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fshrinke.me%2F$0;xdt=1;crlt=R!nbsB62vX;stc=1;sttr=139;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=316&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A598&aa=0&ad=124&cn=0&gk=124&gl=0&ik=124&ic=124&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=55&cd=55&ah=55&am=55&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1465428546&cs=0
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/149207;5690067;201;jsiframe;GeniusSports;CanadaSportsBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30289913&ft_width=728&ft_height=90&click=https://nym1-ib.adnxs.com/click?RBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNOWU0yOjQ0NTk=/bn=87149/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=1547045236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 332A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
76094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 01:08:20 GMT
expires
Sat, 15 Apr 2023 01:08:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6724 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5eee02570b994288d1000bf651959697732736812c896954239e2c91add0bf8e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G8bOjYenCNhTv2UgQAyK0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-G8bOjYenCNhTv2UgQAyK0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Fri, 15 Apr 2022 22:16:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
visit.js
tps.doubleverify.com/ Frame C31E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=232&ttfrms=29&brid=3&brver=100.0.4896.75&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6TauU2%3F4r92%3A%3Fl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6Tar9EEADTbpTauTau5cc423g736h5d62e2_h_gh6_6ae7hdh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau5cc423g736h5d62e2_h_gh6_6ae7hdh7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauD9C%3A%3F%3C6%5D%3E6Tau_v%7D%2B%3C&srcurlD=0&aUrlD=-1&ssl=https:&uid=1650060994463345&jsCallback=dvCallback_1650060994463138&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2576&tgjsver=2576&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fd44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=27&brh=3&sdf=2&dvp_epl=372&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://shrinke.me/0GNZk&c1=1024534&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iVHv9chAXWczJjqnGNGitz&aucmp=15412340841&aucrtv=393340935&auorder=25295742&ausite=946981363646&auxch=1&pltfrm=1&aufilter1=1024534&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=30265591898.1405&dvp_tukv=1089833751.5261166&dvp_uuid=11109467541.607393&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=751544385156
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
796b2993b1857f8986427a687f3db731e4292e3b073346f2a8d5beda4cc98035

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
04/14/2022 22:16:34
gen_204
pagead2.googlesyndication.com/pagead/ Frame B6A5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOg7UwO5ZYtSNJNipNbyNsJAIAAAAADgB4AQC&bg=!UFOlUxfNAAZvJBiFTyQ7ACkAdvg8WkljX-wurzFMhpTnY81qURHwD-Vu9P8vY4OXKmo_sxPI7OLpkAIAAAKkUgAAAAJoAQcKAERDnhgpWSy_OUxgmbe72k01TKGikWgTar_F61dR-EnQjsFBxGE2qmcXmqyIFzpm7cIhywrWLa5xfj45ImKMZeD1o5b23ZkDJmE5CWTw4olRhoUtxmQs_VuyOsJNP-EWUF6Rq75OQtCEeDJsnJgdmMxd7HlY4pMCW5wGsO9O7Hk2u70k7_oywUvE-9xb0OVYWc2v9cOBZMJZ2Uc-f33jm3jXqprW_K1-GYPwSn2d5Q-FwZkZbPbZnR7XuxSbIhYZX7PcCJr_PGGyGZFMmMXAATxEefZ8L0mjQ0ZrbKRlNmqSRanwAiu7YFlnAMp85wuhET-mwX_8eu-HI_RfN5PPJCu5_FBEHdjOGFJb4U87QYbu_vqPEpt-sY3A6Jan8TRRCeJnDSSOpai36Lbz0NwSjWd-ya55ik_Cbf5q6UBc_X1hKmQbtUW8bvsKCg-H6uO7eM1bDIJaol4SzhPCkZuF8lzAfgOD-9g6IKIMAfpsw6hhZUzMNfwcqlKG6R_peD33Riklixr8RbEHJHFkMWN_kyz7Zw2D4D9glCcGvOZGxQG8MAZSlzFGjJ1s9UOVbGTuI6Ig1C7zVtstym07B8abcYcV67o34z_aOtYPYdZCcEkf8jIw0DOmQyK7nRAqyuHC162lKxzhRSMzX6Qen5AndZ94XJNR7_J-wQJZ2jiDNTLpVsSSCGcBvqvCz1tFXx1XCa_Ax14NVNUrQ3-FFrwqDeU9OdIE83_xpdqerivGgncqQCfiNGUj98klfn_W3Dw8uMk3o6Cxgx2aX0AjMkUvsSpoYuXzx03n3COOA6msdINIOhvmvu1MNeBU1AdWKMYN6rXsbXdFgBk4T_DcGabUQ4RtE5MHPpmkSz2eCaLGjdZ9jElZHqHhodcRQ_N9DrCAag-voiy3hMj61Ea8qD5iVJidIo7IJZp0aCZ1yQDift215eH0mMWDMrdBjwofUVBXV15ZKoCF2XKNNdOomUpCPGZMmmUTewZgZJciJbvXybPhBaJIvrgJMrmsDbcyd_RusQWhknacZIC8FVS9_-yOS8_X4AUHGU4ZAJMFuGrOM5uIUWzYRI4BaliRajBpU6I4wMh14IuIV4ud_df0VnOTfBJ7qauxT9C8PBW8jCKeDT3Jr5LbNLtaIBhnXlm4gFmp3Aw5gIX3Y3oxZjF6m4gB
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B137
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB7TxoE-vvk55zuiDUkh5_g&google_cver=1&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2Cr...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2CrxTiPsqOyq5M&google_hm=bca34109ab6c8e0f610f67db
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2CrxTiPsqOyq5M&google_hm=bca34109ab6c8e0f610f67db
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-sBIpsSbY6k_InAa_LbirVSY27cI_0fRJQ2jAh1fC_EAFE-PGv5WzyC5L78whKkz77JHHnu762SCFle2CrxTiPsqOyq5M&google_hm=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame B137 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3Bpm21ML5BqTFkLb3MAeJLT2HiM-u
Requested by
Host: d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
URL: https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bqi.php
lg3.media.net/ Frame 8C57 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2963&lf=3&&vgd_hb_audit_1=8CUQYHE04&vgd_hb_audit_2=482645036&vgd_l2type=sca&pid=8PO3BF8JJ&kalog=CI=2673||UUID=2IakT9jIkO9yINdnS6||HID=0||SI=371||SID=8||MPTD=640||TPTD=40132182942724&kals=ttype=10019||pc=21||fat=2||tbft=1&kasts=tstype=-10408||gbid=-1&kata=aton&katbid=-21&katen=1&katid=808076879&cme=WCKusPp3Luhf3zIIoZY45yeLjdQtW0BAIznt9c0l8losu5MKkXW3zSmNQAb8Clo74yGT-L23t0m2_5Q8xWJ4EEQLGyMU6IuVIgMaNUsacP7IrSJqJzHkT6eMuR4vkJOWcnvUV6N77DdVT2LP0T4QtmLg6mQRn_uTf2_bYVNkEc6czRTx9Tch8-1MDQ8_m6qhshWL3rceG8qHsjOjbL8xlusIJOJ7DgrHa5mvPeyRwEs=||a0AmFUYXmD6REOrScCyvCWia0qjfVqjDb4zDzQ_uTapGrHQb-ax8Gw==|MhSffBRfuCOyCp4u_bjS9Q==|JZBMvEFVBjJ7jh6P6qzNk6Y6q85FnQp4L54jjRSr3sQnntM-f7IO0J-HR4SQ_r4rRBzL3q6YBOfR8g3GzrRq9f1oy95Tm7TvyaPTsJFLDFiBNhGOEGUPykXaU8LZfoYc1RtzO9b6P2XnEe-6TFGkni4sfDRx1pDS86JlAxxgN74xU9lc8lT7DtOeZ8mStrP27cFRqnXCJJI6QHb0yrfMlOdXBrgZJIKcDjLp8xgpmEc=|ECZQquDAdXO219s_zvdUcg==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|u8A6SM53vAe1fJvbk0OOl-4lZxkosuUI|UZIrcOI3Lz7IDrXF345x-5-oUr_GSvQ7|gNTUc7MBYV04UVzmztpDDQ==|&gdpr=0&prid=8PRVCXX19&cid=8CUJEM1AO&crid=173588971&requrl=https%3A%2F%2Fshrinke.me%2F0GNZk&vi=1650060992674449439&ugd=4&cc=CA&sc=QC&bdrid=4&subBdr=196&startTime=1650060992844&l2type=sca&vgd_l1rakh=1650060992180170516&l1ch=1&sttm=1650060992852&upk=1650060993.20652&hvsid=00001650060992852025035145529556&acid=cedd1bded3704785b6dc72fda12057f0&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vis_sd%3D378~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022041518~iurl_b%3D3281.81~url_tkc%3D0~std%3D21000363~last%3D~vis_url_b%3D0.75~ip%3D19L3rJI3XCx4oZWOSnN11G~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D14~rc%3D1~rps_sd%3D2022041518~vis_b%3D813.66~url_b%3D0.3~url_tvi%3D0~ecp_eer%3D4.6~url_l%3D20~gcat%3D500897~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~bm%3D1~sid%3Da9449d9f0e0e5cb6a7700cb9afc134df~sd%3D0~uid%3D2IaaJi3fEf16KSSwj6~btd%3D233228136252206331302784509816101472939285524829731188469153199902223237120~3pcf%3D1005.74~uim%3D0~dmm_strg%3Dharmony~vurl_b%3D0.31~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D57.88~vurl_l%3D30~CI%3D2669~nts%3D1~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D3.23~isif%3D0~lc%3D1~bid%3D0.15~dc%3D8~vl2r_b%3D3.03~ivurl_l%3D30~supply_tag_id%3D21000363%7Eviewability%3D0.464661%7Ecbdp%3D0.105%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3Dserver_default%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.078%7Eogbid%3D0.150%7Eitype_id%3D21%7Eseller_tag_id%3D21000363%7EcarrierId%3D0%7E~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D970x90~bsb%3D0~bsp%3D0~tmx%3D104&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=QC&lineitemid=4&infr=1&twna=1&stime=1650060992443&vgd_ecrid=351144871&l1hcsd=l1!N4|2460&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p01172461371t202204152216&vgd_pgids=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Fri, 15 Apr 2022 22:16:34 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 15 Apr 2022 22:16:34 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A19 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=77343
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Sat, 16 Apr 2022 19:45:37 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FE84 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60894
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257276
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060995.550388,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame DDA3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60894
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257277
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060995.562624,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 43C3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=77343
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Sat, 16 Apr 2022 19:45:37 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EA7A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 05:56:24 GMT
expires
Sat, 15 Apr 2023 05:56:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 255F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?19weLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
mv24030490.json
cdn.flashtalking.com/128886/ Frame B01C 		224 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/128886/mv24030490.json?cb=262458298
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
c4d4a367ae7d2a75f1bf08a0d75ba2eae23a1e7d1779a908f9c44da98ef9cfce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/128886/3384958/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
x-amz-meta-creative-id
3384958
X-FT-Origin
us
Connection
keep-alive
x-amz-meta-creative-library-id
128886
Content-Length
224
Last-Modified
Mon, 29 Mar 2021 13:59:01 GMT
Server
Flashtalking (AKA)
ETag
W/"90007d43c376a6fff876963414ec063e"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
922485509
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
x-amz-meta-ad-type
HTML_onpage
x-amz-meta-version-id
24030490
Accept-Ranges
bytes
Content-Type
application/json
Expires
Fri, 15 Apr 2022 22:36:34 GMT
async_usersync
ib.adnxs.com/ Frame FE84 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c64f31bb-19dd-4b80-b9a3-ebacc33b805d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DDA3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e63e7451-67ce-4d5d-b32b-9b2ed216539e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5A19 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93644439&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd8f7aa4b88a9259e46cf7eca97fed8e57a799af629c182a050a40f7b7067201

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6724 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=3973692546035952&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSUsXwO5ZYs6dHYeB_gTMoqkYAAAAADgB4AQC&bg=!pKelp-PNAAZvJBiFTyQ7ACkAdvg8Wjst2_sMKxUJeaU7cWABoJc_sPi-peaoDKGU4K_G2U_QlmKToQIAAALTUgAAAAFoAQeZArkWMdOP3P7lwfvNJEyKwV69uTcstI5VcGhMlBbP3fZCYV_lHGkvOjwqHoUkuBziDo7pAEnqEygLnAQhcIjEFICgGbT6fi-n0acBS5XM1fqSsgcA3hjezFo6whRtCeSbROHMn7xRduKZKCwNw8gr7eSqYDDPtDiWIL9JtuyL8SxsWGjiecaQqs3IzT2lpFE3Co6-i49AV77DIsuOh409LQzDHsOChLiYEaYA9IidnVxY99clI_cSh2FauMvrFW9UCQl1GC6G_z9A_R5ZpcGR6o4mLYVykaGdH-sB_apDb0HbkGXnmvZ2nlD4_T3eiM5pE-OIh40RAndbIwbAoMBrXPjRwVhlqNeX79h_zWwLkQ1wwAqB0BRzxCn_zjbSVDDHcu9I8RBLqxQovk2SEHK3BqkYdzSwf2TVxk7jZrDEL_xBgB74nSzvp8w-Rq-vhNEi16p3uQG9Vhxsupyo51HinXjj-LKGLaTmpNYCpLl3J9Tueo16Dgow3aBHhuGqXD1NHd7eIPzxPAVe9eeCK32vxBqBVP1t4FNcVRcx9dWFgJ4BxGIOvIKn97bWnLmpd9DptuJp7OeSqjIMhfsnZruNE9AUqwc80rSm0ocwDY1u6pMQrUlEEcQqfC_AIIYQ-U8Zj2vUB_8Bx7ZobiVoEnc2-Zwk1kUXktL5VQzwdsIhrhCJNlqi1GfBFoYI6ywMN-aYLNYspTj6fVj8mmmfnQ2of4LuUO2SIHv2x5EQUcOWv-WUO1Mqz1K3Oi8hnSKoJ1FA_FVKbg7kt5T70_ZCYkjD-Nu9iG_l5gjqRGBJnYP3rJvKOIQbGd2ZNywKI5dZMz_z7Unq3XkK0sCSpPYwWgTJZEqS_xinLRUXJC_YxgGIQLjRVQJJuZPWAEoSvzz4F5VkAf_WfTSuF43xzSe7v-xLA-9I8v8HIOAwqmPD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1424
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		106 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://shrinke.me/0GNZk&u=https://shrinke.me/0GNZk&v=6.14.0&vg=vlipb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2f5515a7b87453d661b2a603ad1b8c67802361461124c90a2237e92bd548e4

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50ndDVyCIzkvQ9L%2F4ajrKtBaYMxrR3iZMIwCmn%2BsDco0Jh5y3mYeC7ipi%2B43MHmnXStPtG76lUA%2B28vB0YDLVtO%2BqKzlDFN838ufyg7T4EUl6JYRq2eHFIAT64QS2BeLIpyFQNhNK3kT4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
6fc80be17f6d4bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=dYrx7Xxad2NjR29KM2h5ZzBPa1NXR2JmQ0NKdUx2bVVoRDRNUmFXcmtzQmdJQ0VGWllsV1o2SmEwcnJKYjB4b3o4RVJtU1BOQnBjaXpxTWYyU09yZ0RqSkNHUHBSZ1VXZnlEeVhmbHVkZFdQbDhobEgwTWtnTkd2TzcvdD...
411 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dYrx7Xxad2NjR29KM2h5ZzBPa1NXR2JmQ0NKdUx2bVVoRDRNUmFXcmtzQmdJQ0VGWllsV1o2SmEwcnJKYjB4b3o4RVJtU1BOQnBjaXpxTWYyU09yZ0RqSkNHUHBSZ1VXZnlEeVhmbHVkZFdQbDhobEgwTWtnTkd2TzcvdDJIYXFON0taaCttdVdPUVhWckxPZlhRK3lkTkhva1hsaktha1ZCVURvSEova1NVMVQvY29CRG5Bc2hqdTBkOWFSS0w3RWU4cnhyeHJIWFBTdHpLNkNkeno1bElKRmNaV3NNVjI5OWJqSk1GVW9nR1dqaUIzZHBEUXdZUEtYNCtXWjFhTGdhWXhENDNnS3pwK1hsQlZmSFR0V2FHYjJ0QT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
d611225c1969da4432c772917f25fc65b2f38ebd1a06c549a9b3cf2ec3d3f74c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3741
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:33 GMT
location
https://mug.criteo.com/sid?cpp=dYrx7Xxad2NjR29KM2h5ZzBPa1NXR2JmQ0NKdUx2bVVoRDRNUmFXcmtzQmdJQ0VGWllsV1o2SmEwcnJKYjB4b3o4RVJtU1BOQnBjaXpxTWYyU09yZ0RqSkNHUHBSZ1VXZnlEeVhmbHVkZFdQbDhobEgwTWtnTkd2TzcvdDJIYXFON0taaCttdVdPUVhWckxPZlhRK3lkTkhva1hsaktha1ZCVURvSEova1NVMVQvY29CRG5Bc2hqdTBkOWFSS0w3RWU4cnhyeHJIWFBTdHpLNkNkeno1bElKRmNaV3NNVjI5OWJqSk1GVW9nR1dqaUIzZHBEUXdZUEtYNCtXWjFhTGdhWXhENDNnS3pwK1hsQlZmSFR0V2FHYjJ0QT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2671
content-length
541
expires
0
696.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
a8ab0d2254b9074f12bce5c66bd1cee09ea56c54204c7d901eda940df28f3cd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 22:16:34 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
gen_204
pagead2.googlesyndication.com/pagead/ Frame FEED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1cYawO5ZYqrDNLeZoPMP-NyN8AUAAAAAOAHgBAI&bg=!dHeldzPNAAZvJBiFTyQ7ACkAdvg8WqWYsh-W3Ql28IDfjKCpI093mBYXoaiDkF94-uJCggveDxl-cAIAAALDUgAAAARoAQeZAvWWvcdJTPXgVICQKPESv7c0Ms_hT0Y1urys4MWFVSJjrj4TaxxCcCy3H3Vi50Qsir6mbRW9R3arqUmm6FRjv_05oXyJwCMe7iCwRTQ5BhkRkPkK0IytunaDcXApkslJwBizqhoXo2gtCt5Z5NyK1fWpxljr_CcxQZSZ53i6NWduVAdBPMImwev42SKDxAVp-nc17tBJVUPYHtqpDrVO_wx5mg77lS7alDUch4vM4sQDnpJ5pSvGSHCg5KdL3j9kl46ZGD6tKIy2fANyFgnVcVLJIfG_ZsrwtobykbH2J9y0kS6ZH8CLfrDceHC7WFi4A2-zcki15SY8Hv19BXW3GkC6QyJwkJId76hGtYL75XlCsVvxnE16SD07erNAKFPCegQ5zt98RTY6TD3HT-qF8cX3hUbblPKHo_0FYTxAse4DoNON7rRPpkd2kVnDCB8ZewNGLbYwF4jmLxEOWWh164eYfwYTJ-zL5-QRkNIxZpdtDt7G-Tx2xGeGVRGiVoTXZcsuvwS_UXPFd6a3vBpmYt97YQ8UE959IvVNX2FtHSBFNP-UrBbGRaXYpTlt90A-enu7aOUx8BncQYilJv44SjcanM0F47iMw_ECVSQThCEYvudCVSV5IE4hNr9N77u7gHqvKeYx-DinOYYuRj_SuzUjoCXSyUASEDyzOKlUlt2OPFXGPEAx1lrShteyiM24P519VGQR55oCBm3LNr3gLEgLZaIK8QpgC--5rSMprJgVYbVD7iUfW26O9NjK3WeLnB-6k0pZa46R1DLpHsPqJ_-YDlKg1_SdbSnTiSLiWPLV34zXsEfuavZDkYRaaVqK3Me-6_HY0Lx4xZSu1Su73r0Nj9yW2Hd8ZXTgbXWdmBq0drQAlLXUlGkoVQAathH-YD-t1rvB_miUnHBS070arAiy-S7XrXhkW-xV-JPonSps8Jcw-T4qX7vW_QIi1CJfgq8_7TLJUbf77D9mCIebuTVrPsD6vWDog_Dfdy6G6cVfn5iMsJGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 8C57 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKOBfBMjgIAAAMA1gAFAQi-3eeSBhDRuIP1jdHm6CYYkeuB6-nt_N8oKjYJ4XoUrkfhuj8RG_D5YYTwtD8ZAAAA4HoU5j8hG_D5YYTwtD8p4XoJJNgxuB6F61G4rj8wq-GBCjiDWUDqXEjgA1Cnl7inAVj34ogBYABo4KqtAXjiygWAAQGKAQNVU0SSBQbw_ZgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAoHiVuoCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDQhIYMjk3MjEyMjg0ODM0OTc1Mzk3MF9zYmlkGhMyNzk3MTg2NzU2MjE1MTAyNTQ1IgkzNTExNDQ4NzEqBk0xMTg4MsADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBUyNjA3OjUzMDA6NjA6Nzg2Nzo6MTSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEJSLwXvoEEgkAAACAfNhFQBEAAACgxPBTwIgFAZgFAKAF8qTW5by_xp8pqgUkYzc1ZmE4YzYtMzYyOS00NzFlLWFiMGItZTgxZDRmZWYzYWQywAUAyQUAAAAAAADwP9IFCQkABQw8AADYBQHgBQHwBcWUIfoFBAGYKJAGAJgGALgGAMEGCSQs8D_QBrDxAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSQgYACAB4TC0BEAAyAfiygXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAH-_wHiggCEAA.&s=2076d1b814060dfbe8a562a5c529623f1bc695d0&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=970&bh=90&sf=1&sid=1233369531211067702&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21000363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d97d49ce-9e3a-4dae-baf0-31843640527b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame E6BC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60894
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257279
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060995.746836,VS0,VE0
checksync.php
contextual.media.net/ Frame ADF2 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11990f600da31f192b894751f580ad5041b67c476a743c8328ba1030bde29b38
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11366
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Sun, 17 Apr 2022 22:16:34 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame F33B 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11990f600da31f192b894751f580ad5041b67c476a743c8328ba1030bde29b38
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11366
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Sun, 17 Apr 2022 22:16:34 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
/
csync.smilewanted.com/ Frame D322 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be14dac1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame B33E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1650060991094
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3249 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60895
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 256328
X-Served-By
cache-lga21926-LGA, cache-yul12832-YUL
X-Timer
S1650060995.755032,VS0,VE0
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 1F4A 		2 KB
856 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6fc80be1895b7157-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMVnK24FT65JfN3%2FwxedNXDOkf4kI63ZAHHtDk8igp6adTtUuv4Tm9i1p9Jxotj%2F5Uh9mTLBt22Z%2BPgroQcJR%2FNiKobWiJ%2BSVLr1hZebPGVKyz6wxxoCpNYvhoClbXb7vp1U88JpUrZhH3WJsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6E8B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60894
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257281
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060995.760676,VS0,VE0
pbjs
sync.quantumdex.io/usersync/ Frame 9E13 		3 KB
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad2ddd3f54551337d7b6670c33d98f0b479de67596d518cc081301643940885

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80be15df04bd1-YUL
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
csync.smilewanted.com/ Frame CA95 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be14da91795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame F7EF 		3 KB
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68233e3b03375c5a76d68ab06c296bce4fcbf64b989a6c02d619bd89d1f5b1da

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80be15df14bd1-YUL
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
checksync.php
contextual.media.net/ Frame C3FD 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11990f600da31f192b894751f580ad5041b67c476a743c8328ba1030bde29b38
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11366
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Sun, 17 Apr 2022 22:16:34 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2422 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30389
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 187B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1650060991083
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 3F23 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1650060991111
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame FB9B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be15dce1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0D75 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11990f600da31f192b894751f580ad5041b67c476a743c8328ba1030bde29b38
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11366
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Sun, 17 Apr 2022 22:16:34 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
pbjs
sync.quantumdex.io/usersync/ Frame 75F2 		3 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa103bb6605b8c1964cbe5826f65856fe6f864a6e47e1911af7a11c90a54ab04

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80be15dfa4bd1-YUL
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BC6D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30389
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A06E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60894
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 257283
X-Served-By
cache-lga21926-LGA, cache-yul12826-YUL
X-Timer
S1650060995.785103,VS0,VE0
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 67A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6fc80be1895d7157-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUf3rDtRSiYoBKxyFNsD%2FV%2B%2FHV3NykYlpWraQt5qgshCTDaQ0vJBkKww0VbbBQvaXx%2FeiuoCcKPOjJ0T1lCVBQ8sM0SM%2F35nhV0I6hLivpwaDsSihPkO05HiHp2SWzW1iNbbLMvU8DjvPcRckw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame C6EE 		2 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6fc80be1895f7157-YUL
content-encoding
br
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGp38BjNjjy4b5kX9gOC0YnFV4k2gnx8GBQqklqseLHMXmeAravbOdXswZaqH9THYnOzNDNuLrSzWGX4Zn6j5QUzR8pSBkwUaoWaYfttE77uzpIUoXxM5Z%2FrJD3WUOgGSfBUgsFit%2FdarVpp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4089 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30389
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame A4FF 		3 KB
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7a9ce16d183fb8fdab3c65b4ac7b84b7c332b2ee7246d9e62f39cb7e4991dc

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80be16e084bd1-YUL
content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 22:16:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
onetag-sys.com/usync/ Frame 2FE8 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1650060991165
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7C05 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30389
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F515%3FA%3Dd4393612-11eb-4e6d-9bce-6c1ea2f5d974%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F515%3FA%3Dd4393612-11eb-4e6d-9bce-6c1ea2f5d974%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Apr 2022 22:16:34 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F515%3FA%3Dd4393612-11eb-4e6d-9bce-6c1ea2f5d974%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L20ZPO40-P-HI6E&gdpr=0&us_privacy=1---
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L20ZPO40-P-HI6E&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L20ZPO40-P-HI6E&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=544f2531-b8fe-47f1-9555-1b298e97c680
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
date
Fri, 15 Apr 2022 22:16:34 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=b1b47c4e-5de0-4dec-920a-e9c338f1667f
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
date
Fri, 15 Apr 2022 22:16:34 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d4393612-11eb-4e6d-9bce-6c1ea2f5d974
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
date
Fri, 15 Apr 2022 22:16:34 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
trendads.betfindr.com/betway/ Frame 9780 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/128886/3384958/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c44ab205f95e31883356ff07356a6a5f1ffd1a0fe8d7ae28b89ac1755899e38

Request headers

Referer
https://cdn.flashtalking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 15 Apr 2022 22:16:36 GMT
etag
W/"e7c243634563f08757bfba60c1bdfe55"
last-modified
Fri, 08 Apr 2022 09:05:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-id
h5rl613KZPB-5isRLl_MJWa6CrgEolI6Y-hOPjvWxwvp4rx1c6yu4g==
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
vevent
nym1-ib.adnxs.com/ Frame AC2B 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QKVC_BMlQUAAAMA1gAFAQi-3eeSBhCqyOSfpaL5-n0YpO6QrMH-ouMwKjYJ5e0IpwUvij8RCOwgZXp4hT8ZAAAA4HoU5j8hCOwgZXp4hT8p5e0JJAAxARvAUbiePzCr4YEKOINZQLwJSGVQ1OyLlgFY9-KIAWAAaOCqrQF4sM8FgAEBigEDVVNEkgUG8F6YAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOACgeJW6gIYaHR0cHM6Ly9zaHJpbmtlLm1lLzBHTlprgAMAiAMBkAMAmAMUoAMBqgO6BgqBBmh0dAUu9KIEYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3pUUmp2dTVaWXZxek91ZVlvUE1QcTQyRXNBZnFqODNBYVk2WXFZNjJEb1hkbzZmWkFoQUJJT2FYMWlWZ19laWlnZkFEb0FHUjlzQ1JBY2dCQ2FrQ2oxZmVKeFdkcWo2b0F3R3FCTmNCVDlEMVotX3ItdzVDOHphS1VfeTB6RGpieE40a1dwWUo3N1lvVGhyNzdoZGs3VmYzOGZLSmpSQnBzY1NnZ1cyM20wUkNDMlNJbHBqU2NuV0tfaFFSUURfY3V6Ul8tUHJVRmlxRVY5Xzc5cDEyTEZlNWxXRDFrckM1Q0Nha0ZPVXNzRzFYNFpDOGhZRFBRMXZwdU1NRG9qSWU4eWtyWkZzSDNZc3RTdkU0WUJwMWRndlN5UXhtdnVFMDZsZjkwcVk3aHJXVTk4X3dqUG52OC1tbGhnLWkyWXFfZ2x5Tm14SzZsb215NUpKbVpRSnBJWnQ5eEFlY3YwRlRTTkpvSmhkY2tFMHhiT1JTZ0dLRXBWTFZXN2tDUjMzbjdsWFpOcFhBQk1TRDdKRGZBLUFFQTRnRnE1SHRuVGVTQlFZSUhSQUVHQUdTQlFZSUhSQUJHQUdTQlFZSUhoQUJHQUdRQmdHZ0JqMkFCOWVKdi00Q3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIcEtPeEFxZ0gxY2ticUFlbXZodllCd0R5QndrUThXTVk0b0RmdFFIU0NBY0lnR0VRQVJnZjhnZ09ZbWxrWkdWeUxUVTFNVFF3TXpDQUNnVElDd0d3RV8tSjV3N0lFOURLeE40RDBCTUEyQk1LMkJRQjBCVUJnQmNCc2hjSUNnWUlBQklBR0FBJnNpZ2g9MXVLemJiS2FBSXcmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0JPUm9LN0kmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzkwNzY0MTI0OTA5MTYxMTE0MDIiCTMxNDc2NjkzMioJNzYxODcyNDkyOgkzODExNDEwOTDAA6wCyAMA2AOe17oB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQVMjYwNzo1MzAwOjYwOjc4Njc6OjE0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBNTsi5YB-gQSCQAAAIB82EVAEQAAAKDE8FPAiAUBmAUAoAWMgt2XsJ7W5S-qBSRmYTNjYWRiMi0xZDAxLTQ3MDQtOWRjMi03YmIyMDgxYjczNzXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX_4jX6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGz9wC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTQ4MjY1NTU1NjO6Bw8IABAAGAAgADAAOLQEQADIB7DPBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH-_wHiggCEAA.&s=19adc3ba283c62926977d7245077de6033b61632&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1233369531211067702&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21000363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
efbead27-3f2d-4089-8440-7d8bb609ee73
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame EA7A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:00:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
76543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:00:51 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 332A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
247174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:37:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B391 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFQEyj5SkEMSuJFhl7zvULfHXLYmS6QCWMB_31RrHjmIgWzTJh9dh39A8YJK3M_QHhUjfhP6egPHKmb9LFihAu460sgB7xyRBO20lD2oXXJzCssyw&sai=AMfl-YSYxRSq1zO8lfy1cbfw_5FSzCI-axq4EFJNpWIh876T7DY2VJ5lVeg5jZXPOmfbSElGC-zm4FSkFfqLYbGV8HyDwiGIKvLNC8CLA0QmsY_JrdUFTYZGdiorzGlY&sig=Cg0ArKJSzOhUU5ksvQtIEAE&cid=CAASJeRoj_juNjbRYKUWzOjohE1HqkQxtf12G1ehX6P2F1F4gnM0juY&id=lidar2&mcvt=1075&p=906,640,956,960&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3180898069&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650060992962&rpt=813&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 2AF9 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F0GNZk&e=wqT_3QK_C_BMvwUAAAMA1gAFAQi_3eeSBhDSksjc2Mjfo28Yns-qzfy0_rE3KjYJRBK9jGK5pT8R2wdJNLvNoD8ZAAAAYLgeA0Ah2wdJNLvNoD8pRBIJJNgxAAAA4FG4vj8w9rj7CTiCYECYOUgCUIPD1I8BWLGTkAFgAGj1ha4BeO2oBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKApYBdWYoJ2EnLCAxNDM1NDg2LCAxNjUwMDYwOTkxKTt1ZignaScsIDU1MzY4ODksIDE2Nh0AAGcBOhg2MDY3ODI4RjsAMHMnLCAyNjc0NDM5MDFGHwAscicsIDMwMTI3NzU3Oh8A8IuSAsUEIWxHdWxZZ2pCdTU0WUVJUEQxSThCR0FBZ3NaT1FBVEFDT0FCQUFFaVlPVkQydVBzSldBQmdqZ1JvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFxb0FRcXdBUUM1QWVZZ1F1cmR1YVVfd1FIbUlFTHEzYm1sUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSDUtTkVDOVFHQ0l3RV9tQUlBb0FJQnRRSQUkAHYNCPBxd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJR3l2aHNRQ3hnQ0xRQUFBQUM2QXdsT1dVMHlPalEwTlRuZ0E0c3VnQVRqeUk0SWlBVDZ5STRJa0FRQm1BUUJ1Z1FhQ08wSUVRBX8UQUFOQV9HBUgJASBJTV8waXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfSEFBQ0lCZXNpbUFXOXZjTl9xUVUNGxREd1A3RUYBDSBRSEFrNERfQkIBRxxFQndKT0FfeS4oAAA5CSgJAQREWgUoAQElQKhXVElmQUY5Tm5VQl9nRjNzNVhnZ1lEVlZORWlBWUVrQVlCbUFZQW9RWXpNBQIwUG5QNmdHQkxJR0pBawFGCQEAQh2zBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhd2hQYWRROkkCNExHVGtBRWdBQ2dBTVRNBW8YTS1jX09nbD2BGGxBaXk1SkENAQw4RDlSDQsQQUFBQloBBgkBBEJoCQgUQUEwRDlwEQwMQUFCeB0MDDRBSWs1jPQ0AThEOC7YAgDgAtjVW-oCGGh0dHBzOi8vc2hyaW5rZS5tZS8wR05aa4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTllNMjo0NDU52gQCCAHgBADwBIPD1I8B-gQSCQAAAKAhwUZAEQAAAKCeZVLAiAUBmAUAoAX___________8BqgUQRTY1SU9ZN0xZNExXTlZNQcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBf-OA_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAAAAAAAAAFHBQEBxFDgBgHyBgIIAIAHAYgHAKAHAboHDwgFGgXeMLQEQADIB-2oBdIHDQkFNQQAAAUeCNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=fcbbbc5da17fc2072de14fd2ed5b4765e05c97b5&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=728&bh=90&sf=1&sid=1233369531211067702&vd=ct~0|rr~6&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20896886&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
68e60766-4f65-41ed-afb1-8eae8220d437
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dYrx7Xxad2NjR29KM2h5ZzBPa1NXR2JmQ0NKdUx2bVVoRDRNUmFXcmtzQmdJQ0VGWllsV1o2SmEwcnJKYjB4b3o4RVJtU1BOQnBjaXpxTWYyU09yZ0RqSkNHUHBSZ1VXZnlEeVhmbHVkZFdQbDhobEgwTWtnTkd2TzcvdDJIYXFON0taaCttdVdPUVhWckxPZlhRK3lkTkhva1hsaktha1ZCVURvSEova1NVMVQvY29CRG5Bc2hqdTBkOWFSS0w3RWU4cnhyeHJIWFBTdHpLNkNkeno1bElKRmNaV3NNVjI5OWJqSk1GVW9nR1dqaUIzZHBEUXdZUEtYNCtXWjFhTGdhWXhENDNnS3pwK1hsQlZmSFR0V2FHYjJ0QT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame 6E7A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B3ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlnuwwAItyrlawA-&gdpr=0&gdpr_consent=&_test=YlnuwwAItyrlawA-
1 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlnuwwAItyrlawA-&gdpr=0&gdpr_consent=&_test=YlnuwwAItyrlawA-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug004:0:504

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 15 Apr 2022 22:16:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlnuwwAItyrlawA-&gdpr=0&gdpr_consent=&_test=YlnuwwAItyrlawA-
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1650060995.142373,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 1849
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:73036259-eec2-4000-9932-c64a5e235247&gdpr=0&gdpr_consent=
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:73036259-eec2-4000-9932-c64a5e235247&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug014:0:731

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:35 GMT
Expires
Fri, 15 Apr 2022 22:16:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master hkg-pixel-x10 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:73036259-eec2-4000-9932-c64a5e235247&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 3483
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKeFJFN0VzOTRBQUN4ejBQM1BUZw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAJxRE7Es94AACxz0P3PTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJxRE7Es94AACxz0P3PTg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJxRE7Es94AACxz0P3PTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1407667298119850182
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAJxRE7Es94AACxz0P3PTg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1407667298119850182%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=1407667298119850182&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJxRE7Es94AACxz0P3PTg
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJxRE7Es94AACxz0P3PTg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug001:0:460

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJxRE7Es94AACxz0P3PTg
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FA72
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug005:0:2503

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 22:16:34 GMT
expires
Fri, 15 Apr 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1849893
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 4CAE 		0
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:34 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame E7D8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AP8EVQGzTy5vBQIVpKVbRJU4mbg
42 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:407

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Pug
simage2.pubmatic.com/AdServer/ Frame 4629
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b63a6658-bd09-11ec-abc0-b1992d655dbf
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b63a6658-bd09-11ec-abc0-b1992d655dbf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:538

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:35 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=b63a6658-bd09-11ec-abc0-b1992d655dbf
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-3
server
Cowboy
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame EDDE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5202d352-a27b-4da3-838a-6778e7af9ed2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
42 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.88.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-88-116.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:35 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 15 Apr 2022 14:01:01 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug006:0:369
i.match
s.tribalfusion.com/z/ Frame 058D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fc80be41e85ecee-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fc80be37da7ecee-YUL
content-type
text/html
date
Fri, 15 Apr 2022 22:16:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
5106
Pug
simage2.pubmatic.com/AdServer/ Frame 3B9F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lQCL2ZUG1NFueZ5&gdpr=0&gdpr_consent=
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lQCL2ZUG1NFueZ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:387

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:34 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:lQCL2ZUG1NFueZ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9753
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663495379157
42 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663495379157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 11:49:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug005:0:387

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663495379157
Pug
simage2.pubmatic.com/AdServer/ Frame DD92
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650060995183
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:1111

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
ETag
OPTOUT
Expires
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 4A74
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7033473951776023466&uid=Q703347395177602...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7033473951776023466
42 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7033473951776023466
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 11:24:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug002:0:460

Redirect headers

Cache-Control
max-age=85782
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7033473951776023466
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=neiT4Ka5TxevG0lbf8TxCQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30388
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 16 Apr 2022 06:43:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 5A19
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDlERTg5M0UwLUE2QjktNEYxNy1BRjFCLTQ5NUI3RkM0RjEwORAAGg0Iw93nkgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9745ec0943a8afafe627664f42b9f0682b122aa45ec80cd5aeb7166eca2e87e9791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5NzQ1ZWMwOTQzYThhZmFmZTYyNzY2NGY0MmI5ZjA2ODJiMTIyYWE0NWVjODBjZDVhZWI3MTY2ZWNhMmU4N2U5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5NzQ1ZWMwOTQzYThhZmFmZTYyNzY2NGY0MmI5ZjA2ODJiMTIyYWE0NWVjODBjZDVhZWI3MTY2ZWNhMmU4N2U5NzkxNDI2YjU0MTdkY2UyMRAAGgwIw93nkgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cfcfd861-115a-44da-b333-a901988e16a0
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=cfcfd861-115a-44da-b333-a901988e16a0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=cfcfd861-115a-44da-b333-a901988e16a0
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=73036259-eec2-4000-9932-c64a5e235247
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=73036259-eec2-4000-9932-c64a5e235247
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
MT3 4335 2c68c00 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=73036259-eec2-4000-9932-c64a5e235247
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Apr 2022 22:16:34 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURFODkzRTAtQTZCOS00RjE3LUFGMUItNDk1QjdGQzRGMTA5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:48:31 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug003:0:500
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvBxfjkdPyFXzuWXyFcAig&google_cver=1
42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvBxfjkdPyFXzuWXyFcAig&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:38:41 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug004:0:473
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvBxfjkdPyFXzuWXyFcAig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug004:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 15 Apr 2022 22:16:35 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 14 Apr 2022 22:16:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
1 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:01:02 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug006:0:594
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug015:0:732
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5A19 		43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HSN_LLRE2uURUZDqA5q4Z7uRmv9mm7k-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HSN_LLRE2uURUZDqA5q4Z7uRmv9mm7k-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-HSN_LLRE2uURUZDqA5q4Z7uRmv9mm7k-~A&gdpr=0&gdpr_consent=
date
Fri, 15 Apr 2022 22:16:35 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=70cfb835fc201217&is_secure=true&networkId=17100&version=1&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbJL88kmuugNdKvc7AAAAAAA&expiration=1650147395&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&...
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbJL88kmuugNdKvc7AAAAAAA&expiration=1650147395&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:615
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGbJL88kmuugNdKvc7AAAAAAA&expiration=1650147395&nuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6974400712095498966&gdpr=0&gdpr_consent=
42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6974400712095498966&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug003:0:1263
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b079733-725c-475a-8c5d-7a81f5b850d8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6974400712095498966&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&gdpr=0&gdpr_consent=
1 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:38:41 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug004:0:522
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&gdpr=0&gdpr_consent=
Date
Fri, 15 Apr 2022 22:16:34 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b6420d27-bd09-11ec-9cc5-6d6a9bf4f8b4
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:48:17 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug001:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5A19 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.248.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-248-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-length
0
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=98f9d8a4-c6db-46e8-9cd8-a42812b5714e&ssp=pubmatic&expires=30&user_group=5&bsw_param=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:24:30 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:893
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 15 Apr 2022 22:16:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 5A19
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_EE6398FB_6DF84005&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
204.2.255.233 , United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-333047795; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:34 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-333047795; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 15 Apr 2022 11:49:21 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:449
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cdb9b177-83ca-4f23-a66f-dbf900de4272-6259eec3-4341&gdpr=&gdpr_consent=
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cdb9b177-83ca-4f23-a66f-dbf900de4272-6259eec3-4341&gdpr=&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:48:31 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug003:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cdb9b177-83ca-4f23-a66f-dbf900de4272-6259eec3-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2697118002783910081
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2697118002783910081
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:24:30 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2697118002783910081
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5A19
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A829E87B40
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A829E87B40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:547
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 15 Apr 2022 22:16:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A829E87B40
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
async_usersync
ib.adnxs.com/ Frame E6BC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a47b137-4dc8-4bef-932f-e3852a91d628
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3249 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a5457c7-b156-439c-8e62-85303ec28147
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be51a0a4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
date
Fri, 15 Apr 2022 22:16:35 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be53a2e4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Date
Fri, 15 Apr 2022 22:16:35 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be60b404bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f84c5cdd-a15d-4bee-8f9d-6e5ab12560f0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be5fb064bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be86e7d4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=62ad56af-4c36-9088-487e-a441903d2169
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=62ad56af-4c36-9088-487e-a441903d2169
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be73d144bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=62ad56af-4c36-9088-487e-a441903d2169
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 9E13
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be5fb184bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
date
Fri, 15 Apr 2022 22:16:35 GMT
content-length
0
/
s.ad.smaato.net/c/ Frame 9E13 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
lLmdiY155ag8autPk6xp_j2Pjuim0o0JckQqQxK7wr0gkaxtygjtcQ==
x-cache
FunctionGeneratedResponse from cloudfront
async_usersync
ib.adnxs.com/ Frame 6E8B 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fdf7747e-fdaa-4042-b97d-0dc0d869386d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be86e794bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=90dc3ab6-aae4-564f-f5a8-ea7a34870484
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=90dc3ab6-aae4-564f-f5a8-ea7a34870484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be6dc954bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=90dc3ab6-aae4-564f-f5a8-ea7a34870484
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be60b494bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
date
Fri, 15 Apr 2022 22:16:35 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be60b444bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
date
Fri, 15 Apr 2022 22:16:35 GMT
content-length
0
/
s.ad.smaato.net/c/ Frame F7EF 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
8fBpJvIV7-gert-7ZUEgHszGVDjhvmSI3j_yBs88nZOyLWCRG6GIpQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be60b464bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
051c6854-4ffd-422e-b754-06767a2e3a3a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be6bc664bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Date
Fri, 15 Apr 2022 22:16:35 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame F7EF
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be68c254bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be519fe4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
83d0d285-dc14-43e0-8a06-3070ea99e43e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be51a014bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
date
Fri, 15 Apr 2022 22:16:35 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be6bc674bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Date
Fri, 15 Apr 2022 22:16:35 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be68c274bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be86e824bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f2992962-8f79-21ce-6056-ec01fdc56d1c
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f2992962-8f79-21ce-6056-ec01fdc56d1c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be74d1b4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f2992962-8f79-21ce-6056-ec01fdc56d1c
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 75F2
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be62b834bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
date
Fri, 15 Apr 2022 22:16:35 GMT
content-length
0
/
s.ad.smaato.net/c/ Frame 75F2 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
0Zk4hiO7LNx7Xrxfn3eo-EhUCS0GiICvlBNi2VgWbYBr3-KYyfx1CA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be51a034bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A
date
Fri, 15 Apr 2022 22:16:35 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be51a044bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e3c943cb-2137-4651-80fe-6da6e31486de
date
Fri, 15 Apr 2022 22:16:35 GMT
content-length
0
/
s.ad.smaato.net/c/ Frame A4FF 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:e000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
dyCH4mKbjwtiXPNxnEeUmfbT7qB1GiB21el3PjW_k3q4P0G6DegSjw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be65bc44bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ba74d19c-ad76-4470-879a-60b4fa6bcf69
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be73d114bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOdiB2UaVW9apD9SxwEleiF-8tm41I-4IbFXJ-Rg
Date
Fri, 15 Apr 2022 22:16:35 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be6bc614bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bca34109ab6c8e0f610f67db
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be86e804bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=710c5734-0f18-516a-bad1-112dd888ffee
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame A4FF
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=37dd14da-86e0-156c-ecca-50eee55ffd79
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=37dd14da-86e0-156c-ecca-50eee55ffd79
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be74d204bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=37dd14da-86e0-156c-ecca-50eee55ffd79
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
async_usersync
ib.adnxs.com/ Frame A06E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1af2704d-47cb-4127-8843-85c5763442bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 003D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D006099518429306259214552510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609951842930625921455251000V10&ovsid=2809753603273993551
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609951842930625921455251000V10&ovsid=2809753603273993551
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609951842930625921455251000V10&ovsid=2809753603273993551
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 32E3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame F33B
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=0ed5e49e-49ee-46da-a648-45da2b7bcb51
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=0ed5e49e-49ee-46da-a648-45da2b7bcb51
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-33
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609951842930625921455251000V10&ovsid=0ed5e49e-49ee-46da-a648-45da2b7bcb51
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame F33B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609951842930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609951842930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609951842930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame F33B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609951842930625921455251...
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609951842930625921455251000V10&vsid=2930625921455251000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609951842930625921455251000V10&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609951842930625921455251000V10&vsid=2930625921455251000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 2DBD
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D006099520529306259214552510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952052930625921455251000V10&ovsid=970033154657313410
219 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952052930625921455251000V10&ovsid=970033154657313410
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952052930625921455251000V10&ovsid=970033154657313410
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4626 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame ADF2
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=4f9a1d51-14d4-49b8-b489-37bd696154f8
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=4f9a1d51-14d4-49b8-b489-37bd696154f8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952052930625921455251000V10&ovsid=4f9a1d51-14d4-49b8-b489-37bd696154f8
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame ADF2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952052930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952052930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952052930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame ADF2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952052930625921455251...
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952052930625921455251000V10&vsid=2930625921455251000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952052930625921455251000V10&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952052930625921455251000V10&vsid=2930625921455251000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
x.bidswitch.net/ Frame 67A0
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=ucfunnel&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 2BD6
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D006099523629306259214552510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952362930625921455251000V10&ovsid=978758878098887620
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952362930625921455251000V10&ovsid=978758878098887620
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952362930625921455251000V10&ovsid=978758878098887620
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7766 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 0D75
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=cb21d941-6452-4163-9cbc-8a7281820433
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=cb21d941-6452-4163-9cbc-8a7281820433
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-51
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952362930625921455251000V10&ovsid=cb21d941-6452-4163-9cbc-8a7281820433
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame 0D75
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952362930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952362930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952362930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 0D75
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952362930625921455251...
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952362930625921455251000V10&vsid=2930625921455251000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952362930625921455251000V10&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952362930625921455251000V10&vsid=2930625921455251000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame C6EE
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Ducfunnel%26u...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=54920c67-c497-4656-975c-d1a928dc114c%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Ducfu...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=54920c67-c497-4656-975c-d1a928dc114c%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=ucfunnel&user_id=
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8e82fb69-6b51-4f31-baa4-500386e0ddf0
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame 1F4A
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a9be15f1-df90-4ff1-b06e-5e6a48419ca5?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-2WezcUdE2oVrEbyJvUr68oEcQrh2X6p0b.tfk_0-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a9be15f1-df90-4ff1-b06e-5e6a48419ca5&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603584586581931894&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=54920c67-c497-4656-975c-d1a928dc114c&ssp=ucfunnel&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214940604122015480594&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603584586581931894&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 19B1
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Drkt%26refUrl%3D%26vid%3D006099527429306259214552510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952742930625921455251000V10&ovsid=970033154657313418
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952742930625921455251000V10&ovsid=970033154657313418
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
expires
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 15 Apr 2022 22:16:35 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=rkt&refUrl=&vid=00609952742930625921455251000V10&ovsid=970033154657313418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B08 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame C3FD
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=2ff39076-2321-4ad7-920b-9326d28b7741
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=2ff39076-2321-4ad7-920b-9326d28b7741
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-95
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=son&refUrl=&vid=00609952742930625921455251000V10&ovsid=2ff39076-2321-4ad7-920b-9326d28b7741
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame C3FD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2930625921455251...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952742930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952742930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=2930625921455251000V10&type=opx&refUrl=&vid=00609952742930625921455251000V10&ovsid=c3499632-44c0-4614-9748-f55d458d044b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame C3FD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dzem%26refUrl%3D%26vid%3D00609952742930625921455251...
  • https://stags.bluekai.com/site/23178?id=CkZZcPL4NgoF1aU-tV_U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKDNNNFUY2QJQ2E4Z3PIYYWCVJNORLF6...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952742930625921455251000V10&vsid=2930625921455251000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952742930625921455251000V10&vsid=2930625921455251000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 15 Apr 2022 22:16:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=CkZZcPL4NgoF1aU-tV_U&refUrl=&type=zem&vid=00609952742930625921455251000V10&vsid=2930625921455251000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E8E2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f34bc0eb01c4adb4867353d68f20d5ba68030fe45b24b02b22a60035cbfcd5b3

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1689
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
Dropped-Udsids
230|241|39|46|218|152|111|131
Expires
Fri, 15 Apr 2022 22:16:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9E7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC6B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 28D1 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame EEE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D2E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 53E8 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae1a8a0ab42556f9c10c7f2a09ccd2aca7a25d53b62c923c2ccab19c0adacca0

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1491
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
Dropped-Udsids
230|241|39|46|31|196|176|123
Expires
Fri, 15 Apr 2022 22:16:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
onetag-sys.com/usync/ Frame 5FDE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 0D78 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db484fc50a3583537361bb18d6e60b5cef5cc3451b169968efa6b17a5a105dbf

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1671
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
Dropped-Udsids
241|230|39|46|31|88|73|41
Expires
Fri, 15 Apr 2022 22:16:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4F7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0506 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4AD6 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame A5DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C7FC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30388
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame BB37 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86e16fb245aae27d53603d1af20bf5be4121069306151328e5be2d93e9229de4

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1548
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:35 GMT
Dropped-Udsids
39|241|230|46|152|31|81|40
Expires
Fri, 15 Apr 2022 22:16:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
onetag-sys.com/usync/ Frame 4B98 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
main.72f9859b.chunk.css
trendads.betfindr.com/betway/static/css/ Frame 9780 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/css/main.72f9859b.chunk.css
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b2ad715a94a22215e640ebca43112b02cd980a0f1e082b123540eaab6facf48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:53:31 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:05:21 GMT
server
AmazonS3
age
15785
etag
W/"fcd91de53cde567ea3e27ffc03fe4c2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
J04LDqoZvpbts4q87mglM6eU3Swgw0tLAtG_4P3SZtZBVMBYKs_t4Q==
95.bf881a29.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		143 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/95.bf881a29.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69bb340f96cbd9584e70542b0de787f44bc473b21c078a7716921cca0cb664f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 06:49:59 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:07:06 GMT
server
AmazonS3
age
55597
etag
W/"70e2c02c6f4a73bfc6eced9142e14732"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
sPZYUhXI957ObpLZr66mRwcIvLYzSmN-WJ74o3mom92UXeXnlaZ6Tw==
main.e45cb6c5.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/main.e45cb6c5.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
910d529f63f152036ca7dd39b599e376847904bc346a743b3ad411de479428d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 20:43:06 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:06:15 GMT
server
AmazonS3
age
5610
etag
W/"01ca6beca5a21cfee6e197cc47011a6f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
dj-JvBl7VesJkR4To4YAj9F_Oor3lFmUntM6bkgtWs-BmmmMOIRf-w==
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=1567&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1089%3A1089%3A1351%3A598&aa=1&ad=1376&cn=124&gn=1&gk=1376&gl=124&ik=1376&ic=1376&ez=1&co=1376&cp=1115&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1115&cd=55&ah=1115&am=55&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=184096757&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:35 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame D322 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
109024
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fc80be6cdcd1795-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CA95 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
109024
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fc80be6cdcf1795-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame FB9B 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
109024
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6fc80be6cdd21795-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01BF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOWT-we5ZYpXSDN-RoPwPzu2FsAQAAAAAOAHgBAI&bg=!BAelB0PNAAZvJBiFTyQ7ACkAdvg8Wk_RJ75Yi53ITFBH9myNuyv70qwNG2oMk9oA-KnSF2Oa165mCgIAAALJUgAAAAJoAQeZAvqddjkH3Aa78NTCE_5AaxONjZ0MdtJEHEzt7ynSPKekLMomb-jce8ea4mqMDtBs6wbOonwvlISHHTG0pjmPtgRExg6dwmLkUV-Vfp_LNyPzVxJHZ6bcfJ71L1oTQ6WWqYSWW-uCMg9rR9MxArtBCUy7pVJfmHb-nV2GSkgkeqXE4OORw_OiDD6FuvvYVvv2PwB2WAUrmRL_NyYzeSFbY50YFpOn6kaYumet0gvWkeD5dm_qYyZ_CZEVhedVzj_PDWMTeugJLQwc4-PkCCdAZygZPnnrEVVg8zSk5EHcQQb9-KWOSpM9JFlt3oqEFRu-hWfIihqSVDrlwrtx-gCO7eG5wELwSAczB8eLuHwe6sIWjXSGBx5jYFJidt9BWn8weGqLHRgkuB4mvfSB3_F8CKDXvd6CMclt7Q_l8gp9o5TguiqiLFBQ6lCBFaKJfSQ10fmzHK3pmvU-57kHK4SX7smwNK0WWmpPD0CLuHrZcrzBM4o6_YQbYi4LVxDNsdBa7K5Fux4fvKx32kWpT1rqRz2JZ8u5It-ksXCx-RuCW2NzxFuigheBqYiFIJ8qRA-WtVIoQVAYMNOl3eflPkXcMpqCbPAs1KiBeBCuzyY00g2TAKPuhzoOunhtYtPdTcRje1cGFy-JdtXkDWbOyfQnDeshkbQSlthi7HVkCXicEjB1RjFowG2Ly3O65uEKusy8MvVYRVpuDpaJaLNvsRCQUEqhCIdU9ggENnmqjKTaf3RANZ-KV6twh5Cgm94Xf9jsTkbdOMAZlLrU9lKoVDgOQEGEdDwWoV3Ga3yWr2G1dNh8aEPJF1LvHEtPHDXNR9j_o3fpGmyy6Djmjw_Xxk7hNkhEmKi00uCS2toP3kbRihnI-Q1pefScQq7USgdej9iIG4N-tq3d4mfEtJ9HiusSDDWOgZ-Hzg7GeaY8aEgCfd0M9Ev6TrBadhH4PsTWPFUFUta2CukZGMNY8nY8iBDtrd0X9zw2Fcvw_w1otPZY8-D9T8gE1wa2usNJCmU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACA9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstanmuBy1YyNdueCSO4aYm-x5w-2z2Y6Q5alcl85J2uRFnj2-JYvJPiJsbahsL6CeXbs35ZnFD6prGppNK-iOGsJg79EvtG&sig=Cg0ArKJSzP779Mb8D73JEAE&id=lidar2&mcvt=1225&p=0,0,250,300&mtos=1225,1225,1225,1225,1225&tos=1225,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2245616040&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650060992520&rpt=1865&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACA9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLX2XSkqy7mMqqgiGfmdQHdhP_5NymWOCKxDfEAYtL4kZnkuHculZSkj_gdXwTmA-h89qPe2GbO07LlrLmbTmIOgmbzU1O_h1Ev2oRJ4P3oiYjZ7M&sai=AMfl-YQpIFEn8l2K-oovpl-OXjtb8oqgpo_Uhnel9eyqHT1mX2VeAf0ZdZRlcogk0j4c51W4yTsNFufNERk-vC7DIkTpPXHefN5JQBH6uiN-fJcIYAc-omw6tJ9uCiz_&sig=Cg0ArKJSzNa_oHXgtziFEAE&cid=CAASJeRo05EU5Ln1ME7VEXgo3Q9a4NQRtoaIzY9csVtCZNmBYsWZqyo&id=lidar2&mcvt=1227&p=164,632,418,932&mtos=0,1227,1227,1227,1227&tos=0,1227,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3910693916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650060992520&rpt=1861&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame ACA9 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=4fad24402890437b8dfb7b1ef20ece5f&nav_pltfrm=Linux%20x86_64&cbust=1650060995667344
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Vary
Origin
Access-Control-Allow-Origin
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/14/2022 22:16:35
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx9Bq,time:2452,type:e,im:%7Bpci:%7Btdr:1373%7D,pLoad:1396%7D,env:%7Bnr_p:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:12,o:2440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2432~0,1~100%5D,as:%5B2433~728.90%5D%7D%7D,%7Bsl:i,t:2440,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B11~100%5D,as:%5B11~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjsi,dtt:133,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
usermatchredir
ssum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E8E2 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A0ZK1B773BG980CQKST4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
81324e97-2792-4498-882d-9cb8367e5620
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame E8E2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.206.39.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-39-185.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v031-0ca71a79a.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BdCKIY+yT/c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v031-09247c017.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/krY3Oa7REg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YlnuwDbW63m27dBuFkHZrwAA%26188
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=14a327a5-908e-47d9-896e-87605a5831ef
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=14a327a5-908e-47d9-896e-87605a5831ef
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=14a327a5-908e-47d9-896e-87605a5831ef
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2697118002783910081&expiration=1651270595
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2697118002783910081&expiration=1651270595
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2697118002783910081&expiration=1651270595
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame E8E2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287302623751
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287302623751
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
6144
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fc80be83c287145-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287302623751
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame E8E2 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be82e3c4bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 53E8 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VFD3DYVSRVEM2Q7CBPAV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f17a7453-cd7e-4855-9d3e-bdd93470390e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Cache-Control
max-age=65630
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_6259eec3eaa2e&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_6259eec3eaa2e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_6259eec3eaa2e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

date
Fri, 15 Apr 2022 22:16:36 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_6259eec3eaa2e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
113
match.deepintent.com/usersync/ Frame 53E8 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum-sec.casalemedia.com/ Frame 53E8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AP8EVQGzTy5vBQIVpKVbRJU4mbg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AP8EVQGzTy5vBQIVpKVbRJU4mbg
Date
Fri, 15 Apr 2022 22:16:35 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 53E8 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be82e404bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 0D78 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NG4QXX7QVSK22VC0DW4F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
734ecf27-167c-4e91-b2a6-a92d9b4d3b6a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Cache-Control
max-age=65630
Connection
keep-alive
Content-Type
text/html
Content-Length
154
rum
dsum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650060996.869262,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0D78 		43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YlnuwDbW63m27dBuFkHZrwAAALwAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 0D78
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b63a6658-bd09-11ec-abc0-b1992d655dbf
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b63a6658-bd09-11ec-abc0-b1992d655dbf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=b63a6658-bd09-11ec-abc0-b1992d655dbf
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-3
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.quantumdex.io/ Frame 0D78 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be82e414bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame FE84 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b234bcb0-6aa3-408f-8f7c-f8938b8a93c8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9889 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=1591588300020253&bg=!r6ylrOjNAAZvJBiFTyQ7ACkAdvg8WgycNadYxf9fUQ6jlPgsF75L-RwiPm7-NDghBCp3MdeZjgT1XwIAAAJdUgAAAAJoAQeZAqqLLyx9bk5Le2uJPpEMQKggqOCiIim8BAfWYtooHTJrVPI8Im4VJ54CaiwVsoCBjEZ2OJ-o72ImWBOPPXJSF013n-L4vKipBoQAAtNB7SC7ej6jihDx3Z_sO89sj8WrnimZc6HwxZD0F3BYwIcDNPDikg_dCRbu53xGnHUWnp9AVzGBOxgWIxVCnp-CtZbruhcYmn_xiqVyK_W6CteYn40DMMbwmRhWInXxgfQcVtnhUPEMsHYbzqgekCFxesayirLXpIvPmU6BBspoLrpRy5u7yNC7U0KLgSzR158AtphG3B2joDAfSlOdjbtUsOADi1jd5NPDidZGBTUMO0U2NdIrK1RA6G12i4ymKPy8dzXXyUOMUMV6bRPVLt9zruzwaTsoUPJ-1b6GDi-gbzBtmsNC8xmpBm5cH-27yslxpewfEZY4U4yFc34cBbdostGO42Xwp3odpUYN2s_QZQjfWwPQHs5E2z88LFMIUXnvINQ0YXMuYC21p5uNHq4KFn1wo0eSxdFU1kjLFuiJJg6uL8iFSpzmqFuk72hF51B5zanOHBxu_q1n4wY8XIlGpo42nMeFG-vGn75gRkKd65CKwqNDxt21XFQoMwR-Z6NTs7i62Sanr6yTdgHJe6KbXlkVLUc_idGW9eNFEHlf6kDYmEfJM49dcmy6ZavjdNDMafeD-wAQDHqOOBjCVEtQhNmXqf3j4_-68FxtMDYCRUTrLZMtCXZuuOkicgIdkgTdBtnFemrQxA4AwICxj2etg_u7pwO7nHI8VOue_xZZcY_qahxNuhIxSKXrwrg3JoUb6cNbhdy4QPi3AM0XICa-JRwIfXn62qdeuv-ydh02GVmF6UZt3oQ8lIH6yomBuJfdMZn8QHrHfu2jBKdIPDvpLxbUYZL0SZe_io-aTeOq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame DDA3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
52cec3b0-f557-46ec-a807-9865818acaba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652995&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame BB37 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AJ1W3Y9S5EJ234B3EABG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHaleiIwuKEmwM26xwlC1Js&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6649f149-f8f6-430f-ab46-b5b5a38e8b4c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=58162d94-2725-4976-b79e-fa0df12771e2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=58162d94-2725-4976-b79e-fa0df12771e2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:35 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=58162d94-2725-4976-b79e-fa0df12771e2
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:35 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7033473951776023466P
Cache-Control
max-age=65630
Connection
keep-alive
Content-Type
text/html
Content-Length
154
rum
dsum-sec.casalemedia.com/ Frame BB37
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8thcSqGPCkDp2AgW8YlEEKKLXBHp2AxBp4le6n4m
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8thcSqGPCkDp2AgW8YlEEKKLXBHp2AxBp4le6n4m
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=8thcSqGPCkDp2AgW8YlEEKKLXBHp2AxBp4le6n4m
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
sync.quantumdex.io/ Frame BB37 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80be84e524bd1-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=1568&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1089%3A1089%3A1351%3A598&aa=1&ad=1376&cn=1376&gn=1&gk=1376&gl=1376&ik=1376&ic=1376&ez=1&co=1376&cp=1115&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1115&cd=1115&ah=1115&am=1115&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=745760149&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:35 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame F41F
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.196.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-196-70.compute-1.amazonaws.com
Software
/
Resource Hash
6de5b140391b4a7c019c0da98eab0bd598a12f3c783d48b5caf4cfd6076f5cb5

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 15 Apr 2022 22:16:35 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:35 GMT
location
/um/cs&eq_cc=1
drop_cookie_sw.php
csync.smilewanted.com/ Frame 2EA0 		0
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be8e9231795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame D1D7 		0
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be8e9261795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8D5A 		0
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be8e9271795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
view
trendads-betway-api.reactivebetting.com/.crm/banner/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trendads-betway-api.reactivebetting.com/.crm/banner/view
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trendads.betfindr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://trendads.betfindr.com
access-control-max-age
3600
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
6fc80be92b324bb9-YUL
content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fdrwl5lbdOsCfjcTUaruKefOkazSYoIH3K%2BBpxRmRC4lumZlk3LC%2B6A7EU5lz1SJoIK2k07R7Kb%2B%2BuvyEoMISquXZy%2FyLjp1qEi%2BDuxxsaX3eYBtT9ttvTSTN7QKVSDAXB95CEVQXUa5SpjjrrsYDi7oBcg93kUxkSjkzKLWsC6YVP6brw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trace-id
e64cc05270eb73ba
vary
Origin
en.json
trendads.betfindr.com/i18n/betway/ Frame 9780 		13 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/i18n/betway/en.json
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/static/js/main.e45cb6c5.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
673f6dcd91e477b40f31a45218dc5b5d32d20b3c0664f39c2dbfefa63d5d6289

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:32:04 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 13:21:01 GMT
server
AmazonS3
age
38672
etag
W/"2c631f7b0f7afbc2e13b2b7a4f28b426"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
tkSsTNuM8An1Eu_zC4rbtOxOuX2RqLDgShO40yb1DJpvpAsCEDiPSA==
view
trendads-betway-api.reactivebetting.com/.crm/banner/ Frame 9780 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trendads-betway-api.reactivebetting.com/.crm/banner/view
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/static/js/main.e45cb6c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://trendads.betfindr.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2jYdVlbznLlK%2Bn8ZerrVyosfvuKav%2FFVuB6HI%2F3AKiDDVWtrgfzPxd%2BFlCY6yG9jjt9cGVEIk%2BZRxf%2FqzVUKgQXDev%2Bs6KlccweKnhW2gZZX9yql3sQqEJVTPAOYpKIcj4GBSvxEtkMTsyoU6mMg7W9BEcDMM1Y9aZVUNmRUBiJU22IbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://trendads.betfindr.com
cache-control
no-store
access-control-allow-credentials
true
trace-id
42e5a8eddd35cde3
cf-ray
6fc80be9ec3e4bb9-YUL
content-length
0
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=1569&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1089%3A1089%3A1351%3A598&aa=1&ad=1376&cn=1376&gn=1&gk=1376&gl=1376&ik=1376&ic=1376&ez=1&co=1376&cp=1115&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1115&cd=1115&ah=1115&am=1115&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=192031060&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:36 GMT
setuid
ib.adnxs.com/prebid/ Frame 1836
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e0d9300d4640f4daa577bb381009b9e6
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e0d9300d4640f4daa577bb381009b9e6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

AN-X-Request-Uuid
00776342-fdcc-4cc6-b260-35587e0fa71c
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be929a41795-EWR
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e0d9300d4640f4daa577bb381009b9e6
server
cloudflare
generate_204
tpc.googlesyndication.com/ Frame 332A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1T9PWg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 19B7
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=ac59b8426f6f09bc00276e190f679be9
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=ac59b8426f6f09bc00276e190f679be9
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

AN-X-Request-Uuid
20a8e680-6f58-4e04-ae30-cdfe40b1773e
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be939ca1795-EWR
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=ac59b8426f6f09bc00276e190f679be9
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame D205
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f6c16468e542018855cce940367efb8c
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f6c16468e542018855cce940367efb8c
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

AN-X-Request-Uuid
da6d4222-a752-4772-bc56-75780e8d3f27
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80be939cc1795-EWR
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=f6c16468e542018855cce940367efb8c
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame ECCA 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fc80be9ac6e4bb8-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 4E9C 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fc80be9ac714bb8-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame B252 		1 KB
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fc80be9ac734bb8-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
matches
trendads-betway-api.reactivebetting.com/.sportsbet/program/ Frame 9780 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trendads-betway-api.reactivebetting.com/.sportsbet/program/matches?language=en&matchCount=5&sport=Basketball&region=US&autoFill=true&supportedSports=Football%2CTennis%2CCricket%2CAmericanFootball%2CBasketball%2CLeagueOfLegends%2CCounterStrikeGO%2CDefenseOfTheAncients%2CIcehockey%2CBoxing%2CMixedMartialArts&market=MatchWin&sortBy=Popularity
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/static/js/main.e45cb6c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:4972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07e0fea640bd99b0f910d70c9c574604dd556a50f84ac9a2d1c05060c8d02ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FkbDL15oHY6MhvSRPLcjdRYHGA8qLXdqzkjRvKNdO7GsJPMfusxRiSloRouOuSJDl4%2Bn9ju529i3VHVLu8goHQ9lQig8p4CrDOXD9fU79muU0t4WgzFm%2F%2BdFReFQNXNmFSN9KNUBZjwqEqjyZagDRAypqVzMHd5Vy6hFs1ldZopKw%2FCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://trendads.betfindr.com
access-control-allow-credentials
true
trace-id
67b2af902e82f6fe
cf-ray
6fc80be99bc44bb9-YUL
crum
dsum-sec.casalemedia.com/ Frame F41F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=5982f407-bf0c-4382-8a6e-8678a0ade8e3&expiration=1657923395
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT
1407667298119850182
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 5C79
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beabc4f1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
1407667298119850182
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 3A26
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beabc521795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
1407667298119850182
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 29CF
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb0ccb1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1407667298119850182
async_usersync
ib.adnxs.com/ Frame E6BC 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
58caff4d-af7b-45e2-8205-0fb7d22ed779
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3249 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2551c715-feef-4cc4-8be5-c782285f462e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6E8B 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6a8c5fe1-cab1-42ae-bbfc-23d77a73770a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame AAA0
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beadc771795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 47F4
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beadc761795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 259A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beadc751795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/b8065aec-41e2-4cf4-9fc4-f804071cd359&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
async_usersync
ib.adnxs.com/ Frame A06E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
81c5dbc3-0a25-4e5d-a669-5e3bed2c298f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA7A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLYgIwe5ZYuiJOeKUoPMPs4-50AEAAAAAOAHgBAI&bg=!GxilGFzNAAZvJBiFTyQ7ACkAdvg8WvSlwT62hZ3Nt_p5ZQZ0WKTVBQasEfvUPEn9Klg7rfavl-iAxgIAAAMFUgAAAAJoAQeZAygZo6YJzahMYORrd6485udZefIS3luvbHRKOc6w7XVInkOWWwOEwt04gjtOxn9Wda3GZB1q8GU-Ubd3XlsbOuT1hKYJsOxhEdS__x2eQ4D2xP-p9VutrHCfHed8bSawnmf5DpDVLBceDPlb9Ks-8YESYv1arMGQwEn3sHSojqVOk9BQEgqdLSLaOvW0ULoLhhJ3EJKaCkaaZmtTa6VQJeB7uSO4acgyI7dogkmqmYt8RGYf6yHARlZ_CtrzcgwLj2CtxCZzvqlT4Uza7ZHJ8moPy8vyRhL1So2BDRJHY358Klt4huwQuNvvnK2pA_hTNe1ImfXckbUeBhy2UkTLIQSUsHNhmn-MsKbHvaUWOWizH9MHhz9zaXjGdZdKx4GtZdoJ0nGeLYeFDieiQVOtVJ9nQj3_2WwJ0333QU3cRdKvHHilalI70Z89BNOJl_sJfHI86SvR57FIlvB3PwdA5Tnlqu3DiOVK7jioLe4y0iBEgegKV6diybjCcZ_hqODPo9HMlMtAUMEhaFmaql45Bx9J8BfY84czyNpV-HOYCO1tuDHGrsmBUVkx-CkrI1olCkJPUSSUzS3ykSgudZCVT5-gyKI5bkuLjKdWHGotgHvz26mbVYjLw0NtL-FC1cYpAEdrg2jbmYHxSoz05O-wUx1u-Kqa6TXqBhYDMNQffQ1y0C8aifulwvrMVZiveV--Ztmps-AwsIJ5WG2mVeZqFkqYckii-VkuGs95ycS-M88K3rmQ_ztkX8Td6i0rwnuhTTCGM-TVX-fGC_kaRd3BInyZg1z7gGPTrhrgrs-5RudOP_-shLn3ghEtuXm89n132XFynUi85Wd34If1MFAVrWl5x0qekrr7_nAivM_dmCahX7dfFPiJpygrVCbDvwyWPnkhOKm-nuLZkBl5M8YARZG2w-g9zU0roN45OMoz-es8A5bxtmam2HM11f5pTqB9Zs_Wi5n5IZ-qSh_KXl-seCq7t11pQ_pcSkCM4OWiRJG8XMnwGcGELBaER6OYHY1TVW7lNPJZl-UZTa7G5wzquyF3wF49N5J1BxS9OlxVQVIcqcIcepMr5tML
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
L20ZPO40-P-HI6E
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame EEAC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bea6bc31795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
content-length
0
L20ZPO40-P-HI6E
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 3D44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
0
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bea9c171795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
content-length
0
L20ZPO40-P-HI6E
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 0BA6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beabc571795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L20ZPO40-P-HI6E?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4B6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30387
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 90B5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30387
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D8F9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30387
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
3.aadb5148.chunk.css
trendads.betfindr.com/betway/static/css/ Frame 9780 		59 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/css/3.aadb5148.chunk.css
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cf6dc70cdfa2e9adb27fa530277693c31106ebf0dcf907f51c12ac3a45f25ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 10:08:10 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:05:15 GMT
server
AmazonS3
age
43730
etag
W/"8392078f5fdcae4120524ef283477f3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
F0pvyk4oZFUM7R8m0-R2XfBmh_amOd1mYQDf-YpodQcMXKAAsLGt0A==
3.d9b43cf3.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		65 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/3.d9b43cf3.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4c1bf482edfe99f78f4bbadd8edf7303cd1b32a32b42d6262a65a6bc28eb21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 10:08:10 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:07:46 GMT
server
AmazonS3
age
43730
etag
W/"1f3954af392e231458b34ccbf5c8e12b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
cJiJx1S2LAF_vMHfIPOAi9jTPMuSobvOh--ho8068ldA2yhwVEtt6A==
YlnuwDbW63m27dBuFkHZrwAA%26188
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 7681
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
0
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb3d131795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
YlnuwDbW63m27dBuFkHZrwAA%26188
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame EE87
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb3d211795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
YlnuwDbW63m27dBuFkHZrwAA%26188
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame B69D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb4d251795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 15 Apr 2022 22:16:36 GMT
Expires
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YlnuwDbW63m27dBuFkHZrwAA%26188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
1
sync-eu.connectad.io/syncer/ Frame ECC8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2186672b3c26c6fa624229806fc7eb1ecdf0dce7f738b8641b8ff58ec3a22f80

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80beb1e694bb8-YUL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
cloudflare
vary
Accept-Encoding
via
1.1 google
b526e701-bd09-11ec-8bbd-17aa2b400503
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 608A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
0
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb6d611795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Server
nginx
X-fe
13
b526e701-bd09-11ec-8bbd-17aa2b400503
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 02DC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
0
101 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb6d591795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Server
nginx
X-fe
95
b526e701-bd09-11ec-8bbd-17aa2b400503
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame D348
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
0
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80beb8d9e1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/b526e701-bd09-11ec-8bbd-17aa2b400503
Server
nginx
X-fe
18
Interface_Bold.woff2
resources.betway.com/Resources/Global/fonts/Interface/ Frame 9780 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.betway.com/Resources/Global/fonts/Interface/Interface_Bold.woff2?v=8.22.0.997
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/static/css/main.72f9859b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c3d35d4632bfa31d628aa3666da878dae7e5002d70b29db2d5681f2a9a28fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://trendads.betfindr.com/
Origin
https://trendads.betfindr.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 13:50:12 GMT
server
cloudflare
age
299677
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
6fc80bebcc3ea1f0-YYZ
cachecontrolheader
max-age-604800
expires
Sat, 15 Apr 2023 22:16:36 GMT
Interface_Normal.woff2
resources.betway.com/Resources/Global/fonts/Interface/ Frame 9780 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.betway.com/Resources/Global/fonts/Interface/Interface_Normal.woff2?v=8.22.0.997
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/static/css/main.72f9859b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c96650b7fd3a5d48dce9621ba1ac5b7aa91be6dbed4b7fba7f4041e3d5e8a9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://trendads.betfindr.com/
Origin
https://trendads.betfindr.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 13:50:12 GMT
server
cloudflare
age
299678
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
6fc80bebcc3fa1f0-YYZ
expires
Sat, 15 Apr 2023 22:16:36 GMT
truncated
/ Frame 9780 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b565348b5f2de06d7fa7a51eb85254a246fe5beb632ffda59150edca5928bf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
250.32c17e4e.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		227 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/250.32c17e4e.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b654c0263edc4cbee793a173f18b1824a0af313694e0c652b7b2b5c229b1039

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:50:53 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:48 GMT
server
AmazonS3
age
26744
etag
"d7da08b6c62adbc23ac5460aa3247333"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
227
x-amz-cf-id
9OQNn-Aw6UIaa2WURdOqUcZu1LAr-JU6NdMKT83wNZR8OyTsH2Skqg==
259.8c99752d.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		227 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/259.8c99752d.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62aa94fbd97858cdc382c78a9b3ed6620c00d4c6649b18da9e32614acb248f14

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:50:53 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:31 GMT
server
AmazonS3
age
26744
etag
"509cdb92399b71c7c93758f1f6579a33"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
227
x-amz-cf-id
_Xl_V20kUCtfvBllp2t83GjofY_UIbs15FUttuBE6RcsftIoDYGW7Q==
245.1d1cc49e.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		228 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/245.1d1cc49e.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cf054fca1ce216deb2a85473dd8565ddc023b55fc0a17614c44d555621e3300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 00:19:19 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:47 GMT
server
AmazonS3
age
79038
etag
"16932e1e409f1ce9ed013d675d91c84b"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
228
x-amz-cf-id
WGeiczf6hpKUo4E8KIBiRXWmleVobenir9SIB5o4ChOWfRXePy0_RQ==
241.2b00b1fa.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		221 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/241.2b00b1fa.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ec1b64c8aa23846f22b1c633f0a6f838b35b21702e8b8b964f1735d5952ae53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:18:18 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:06:44 GMT
server
AmazonS3
age
39499
etag
"e80abcd63ff6d48771831fffe6bfdc1f"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
221
x-amz-cf-id
djoC4Mo-gIAg-67VoLUU6-NUt7tiJCbh8vOaLUlKu7bJxabRH7RimA==
238.e210a6f2.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		223 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/238.e210a6f2.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23b06070078b245ad9d9d6d0ec0cb6d2bd5e46cb3ca592ebe868f0120c7b3b7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:00:15 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:06:21 GMT
server
AmazonS3
age
62199
etag
"ec11d4064063472de727df3e24944a0e"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
223
x-amz-cf-id
YNf_Wev3MDd9g_ifvX5XGBTQDi4L69Jj_OM9yBAvRHSHXUFxT67x0Q==
271.471b8072.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		216 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/271.471b8072.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49fbfc6a57558e765578a03bc70429c13f7ba5e099aa1a67891f83392f19cb55

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 00:16:24 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:06:12 GMT
server
AmazonS3
age
79213
etag
"0edede809d0740214e413fa1c57ab5b9"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
216
x-amz-cf-id
S0G-SbARXffL-gqem6eyZeKn8IM_er-rkImLx30cAsh9JJEXg7zzSg==
236.fe52f0dd.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		226 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/236.fe52f0dd.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfee667e4eae4038f7259c8323a749118b7029797d76895330f1fc10a6104ce2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:46:50 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:19 GMT
server
AmazonS3
age
26986
etag
"2ff4a3da6b75a3bdbb0c012b85937d4f"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
226
x-amz-cf-id
DbIQr4ANvF1_ig5pF-bsyA99QocTeW165AZjFmKFzIADl7ounnGJjA==
225.a53e2129.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		220 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/225.a53e2129.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
156294a0737c30526cdfb228f1f263667eee642ced0ba778402fe6fa067a1f84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:46:50 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:14 GMT
server
AmazonS3
age
26986
etag
"36a5ddaa25b89ea2e091807596d3114c"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
220
x-amz-cf-id
p-qKnPIQSXAbHBZgqRbLQuCBB-lrJnrmcvd5FZmdi-gHS6nCANIHHg==
264.bd91291a.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		225 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/264.bd91291a.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6848ab53eb2a74de5c745ea77e89a60e55ead109968f47aecf983fe4984c885

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 00:40:03 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:07:18 GMT
server
AmazonS3
age
77794
etag
"b6e62dd85f4c3af200c2e6e74a8715ce"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
225
x-amz-cf-id
iNHcbDanRaNY4q4L6wqSCr9vLNx9i4YoUPoSFuzRJgnZUHvHe-QmEQ==
269.617e390a.chunk.js
trendads.betfindr.com/betway/static/js/ Frame 9780 		222 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trendads.betfindr.com/betway/static/js/269.617e390a.chunk.js
Requested by
Host: trendads.betfindr.com
URL: https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
074fcfaa09a6b7dc4b148a9309a7f2758401d4f2a7a6f5e1f77bc1884c447a6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 00:40:03 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:06:58 GMT
server
AmazonS3
age
77794
etag
"1db699f73f182446fe08aec2c386a164"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
EWR52-C4
content-length
222
x-amz-cf-id
XO6WY_G_oIJsdIxWJAYXrbzfm1IAvZkPj_U22PlEyxrKYD0X-10xQg==
betway_logo-r.c2f20d87.svg
trendads.betfindr.com/betway/static/media/ Frame 9780 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/betway_logo-r.c2f20d87.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67a2bb8cbfdbe196890a798be0a3ae1efd8ed999d8d3c556bf2f0bb5d4a16939

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 07:47:12 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:06:00 GMT
server
AmazonS3
age
52203
etag
W/"c2f20d87303e4ba65dc837c9837c496d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
AVJH4QqIjsjCps5_nv3hOWM_yfW5EF3p0i-7GFw1qsVHRtCmzZ1Cbg==
disclaimer_en.9413bdd8.svg
trendads.betfindr.com/betway/static/media/ Frame 9780 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/disclaimer_en.9413bdd8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09b41b1570671ffa32ab763f4c19fdad5eb204af1dde0e09777255cc3a7e72d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:08:01 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 09:05:42 GMT
server
AmazonS3
age
516
etag
W/"9413bdd8b59a5931eb83dde989d6f64a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
JtCOVrphka6Vz2xACbGiplmCe_E45DxFqOSyu8c9TZcCgchPi-DORQ==
fc43bf9f-3070-45d3-83b0-4b9fdaca6f71
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 8F19
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fc43bf9f-3070-45d3-83b0-4b9fdaca6f71?gdpr_consent=null&gdpr=0
0
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/fc43bf9f-3070-45d3-83b0-4b9fdaca6f71?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bee099b1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/fc43bf9f-3070-45d3-83b0-4b9fdaca6f71?gdpr_consent=null&gdpr=0
server
_
935f32d4-cd62-46fb-9e24-40e2a3da1ce0
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 3C6F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/935f32d4-cd62-46fb-9e24-40e2a3da1ce0?gdpr_consent=null&gdpr=0
0
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/935f32d4-cd62-46fb-9e24-40e2a3da1ce0?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bee09991795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/935f32d4-cd62-46fb-9e24-40e2a3da1ce0?gdpr_consent=null&gdpr=0
server
_
fa43785e-4b25-4e31-8ff3-b464f403c1aa
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame F31E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/fa43785e-4b25-4e31-8ff3-b464f403c1aa?gdpr_consent=null&gdpr=0
0
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/fa43785e-4b25-4e31-8ff3-b464f403c1aa?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bee099c1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/fa43785e-4b25-4e31-8ff3-b464f403c1aa?gdpr_consent=null&gdpr=0
server
_
y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame B30C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bec2eb81795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 8414
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bec3ebb1795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 5A54
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bec3ec41795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-r5CKX0lE2uFwoTO_j8vTtqq8v7COhSIbpqiO9Fo-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BC0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30387
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Apr 2022 06:43:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/pixel/ Frame 4936
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k&gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D8e82fb69-6b51-4f31-baa4-500386e0ddf...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=73036259-eec2-4000-9932-c64a5e235247&expires=30&ssp=rtaplus&bsw_param=8e82fb69-6b51-4f31-baa4-500386e0ddf0&gdpr=0&gdpr_consent=
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=8e82fb69-6b51-4f31-baa4-500386e0ddf0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=8e82fb69-6b51-4f31-baa4-500386e0ddf0
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80bee7fa4714a-YUL
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:36 GMT
Location
//sync-eu.connectad.io/pixel/1?dataid=data3&uuid=8e82fb69-6b51-4f31-baa4-500386e0ddf0
Server
nginx
1
sync.connectad.io/umatch/ Frame 016B
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=2697118002783910081
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=2697118002783910081
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80beef860714a-YUL
date
Fri, 15 Apr 2022 22:16:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=2697118002783910081
server
nginx
cm
u.openx.net/w/1.0/ Frame EDA6 		773 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
a9e0595cd3681dde084b2aff1f2b8c73284a771ce5cc012aa376c9ca41d8daf3

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
478
content-type
text/html
date
Fri, 15 Apr 2022 22:16:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
1
sync.connectad.io/umatch/ Frame B91B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=connectad
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=0XBRe1cabWiJP2Mj0IBi&pi=connectad&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=0XBRe1cabWiJP2Mj0IBi&pi=connectad&tc=1
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80bef38dc714a-YUL
date
Fri, 15 Apr 2022 22:16:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 15 Apr 2022 22:16:36 GMT Fri, 15 Apr 2022 22:16:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=0XBRe1cabWiJP2Mj0IBi&pi=connectad&tc=1
pragma
no-cache
1
sync.connectad.io/umatch/ Frame 7E58
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&us_privacy=1---&redirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Demx%26dataid%3Ddata2%26uuid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Demx%26dataid%3Ddata2%26uuid%3D%24EMXUID&b64_redirect=aHR0cHM6L...
  • https://cs.emxdgt.com/umcheck?apnxid=6974400712095498966&redirect=https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLmNvbm5lY3RhZC5pby91bWF0Y2gvMT...
  • https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=6974400712095498966brt57451650060996685746a4
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=6974400712095498966brt57451650060996685746a4
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80bee0f09714a-YUL
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

content-length
0
content-type
text/html
date
Fri, 15 Apr 2022 22:16:36 GMT
location
https://sync.connectad.io/umatch/1?bidder=emx&dataid=data2&uuid=6974400712095498966brt57451650060996685746a4
1
sync.connectad.io/umatch/ Frame 1140
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=bca34109ab6c8e0f610f67db
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=bca34109ab6c8e0f610f67db
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80bed08fa4bb8-YUL
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Connection
close
Date
Fri, 15 Apr 2022 22:16:36 GMT
Location
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=bca34109ab6c8e0f610f67db
X-Sovrn-Pod
ad_ap7ewr1
usermatch
ssum.casalemedia.com/ Frame E4FF 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d19cbf82da272e08172c95bf983fe66e9991e8f7c5f41149f46bdedb91a70f5

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1437
Content-Type
text/html
Date
Fri, 15 Apr 2022 22:16:36 GMT
Dropped-Udsids
206|3|130|4|152|88|39|5
Expires
Fri, 15 Apr 2022 22:16:36 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
onetag-sys.com/usync/ Frame 3435 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k
csync.smilewanted.com/set_partner_userid_get/connectad/ Frame C73E 		0
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/connectad/V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80becbf961795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
Los%20Angeles%20Clippers.82b68480.png
trendads.betfindr.com/betway/static/media/ Frame 9780 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/Los%20Angeles%20Clippers.82b68480.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d39ed9ec24e0bdbd1d0155c5983a9e05bc335454ee8679b2fd4a2eec3186037f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:57:56 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:05:50 GMT
server
AmazonS3
age
8321
etag
"82b6848020dbe8b96f400d9116e70c5e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C4
content-length
14160
x-amz-cf-id
79dOBzOjBe_eebsmMW5zBn1Of9nonldHtIxUt7ElZtahn0fXc3Urnw==
collect
analytics.google.com/g/ Frame 6E55 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe4d0&_p=451847654&sr=1600x1200&_z=ccd.ILB&ul=en-us&cid=1062149969.1650060991&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&dt=&sid=1650060991&sct=1&seg=1&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
New%20Orleans%20Pelicans.6325de5f.png
trendads.betfindr.com/betway/static/media/ Frame 9780 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/New%20Orleans%20Pelicans.6325de5f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86d7d3b4c9687a1a650bed3081b1a9d61b20c59c3c112a41dc0dc984bb70c8dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 12:59:05 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:05:36 GMT
server
AmazonS3
age
33469
etag
"6325de5fec7ab08b2144123495fe9e5a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C4
content-length
18707
x-amz-cf-id
BSRypEaSxH1uouiHnbykREfjlCPApvIhP1tbejZjkadQlfLeCcmhMg==
collect
analytics.google.com/g/ Frame 5BDF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe4d0&_p=520592517&sr=1600x1200&_z=ccd.MBB&ul=en-us&cid=1062149969.1650060991&dl=https%3A%2F%2Fshrinke.me%2F0GNZk&dt=&sid=1650060991&sct=1&seg=1&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
sync.connectad.io/umatch/ Frame EDA6 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?dataid=data5&uuid=32bb7062-565f-4f1d-9f8b-4b267639541a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
6fc80bed392c4bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sd
us-u.openx.net/w/1.0/ Frame EDA6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9095998362304174636&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame EDA6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlnuwwAItyrlawA-
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlnuwwAItyrlawA-
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650060997.693599,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YlnuwwAItyrlawA-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
9fa299e9-7f6c-eebd-c5d0-9dc608355bde
pr-bh.ybp.yahoo.com/sync/openx/ Frame EDA6 		43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/9fa299e9-7f6c-eebd-c5d0-9dc608355bde?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame EDA6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&ttd_puid=0b65ffad-efc0-7cf4-f407-8b33f7629697&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame EDA6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjcwYTJjNjctMjZiNy0yMjUwLWUxZTctZDE4YTNkODA1OGY3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EDA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPyI7PYanWFt1Wpb6_MMxM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 113E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=3973692546035952&bg=!SEulSw_NAAZvJBiFTyQ7ACkAdvg8WicYICSMdwBYCjML0N6QLmlo3fMKwSxdcfmz9utte0-FtwtI8QIAAAMIUgAAAAJoAQeZAqzGSni_KC7F3zIxoAoa55Z6pdBwE7yHj2iM4xA17iiMI2J0TjwvxRuPro_PstfOEmqPt6nIorQ0oRHeuOCZAa-H1XQ8h2Ao32VL-zQWEUIqRUfpBk0Omr_V92vz14FwFd7txVN3qs7PEEsto_xCXfgjKOATA3BZF3OP7QH4xi2K4rtspjV_b4K98Wv0ZuGGSKsdZ03RB791zAuWWJGMh39vTFAAab7aHjyI33isdYH4-z4rMoE-v5etxiHI_CKzEsA9Ep0-Wy4-P4h9xGYyWgWD9kFzE13NKllHiIhTsvRbcVb7SMp1XlvcW5iX73ZozPXIbUFTAXKzfHwyixwN_otfCrhvwpUTWMBI02Is0TE9Y2-mrhxMgWOIIRkHIhwum4JZZeUBrrzuw1c_vHQgS2tMPuoQCJmV7OCDlSOB_-3cxLpAlHB2-S6DjjEkJ0wPvCx9X3ABX1tlHZwsMLn2Ov81L583dcLjofMtdYtdCKlc1eejomwSfyf7MwbBTIV9LPc_Vk5Y3R_yYaYPzunUQ-mD4MoPe2Al_lPBonrH5zHnpq3WnPryZQPNzzb_-khUX0IFjpqLERXPfWK2oLcjapTaIajpt6XLbt-Btm39GX8d64J4IYEu7dnITjqg-S0lxslU-JEhRTDlb6bTX2yDbT-KK-VQDqx7qWfXyZY3pU3eQWOjcGLeOfSPOGiYOGLm9GG9SjYZUQC4qW5DbtqCyZf7jXQ-e_RMcKfqFaGZOtHWhC6ZicFBI-9t9UwF5SQvNYZlDwkZaGRGw5IykJWJTkThSYWGa8K7WHPCCu2JaIosTPZMSVRBSEfXLAtF2IUedwo1HpTND9AzE3Y6lACNTSaYZ1LLHwopWap8dP5JS7Ro3MQaxbErKEYwjitzwKbv-rE_WWGCp7FoRpmC_GQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx9Rq,pingTime:1,time:3444,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2440%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1004,o:2440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2432~0,1~100%5D,as:%5B2433~728.90%5D%7D%7D,%7Bsl:i,t:2440,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjsi,dtt:174,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9Tx9Rr,pingTime:1,time:3445,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2440%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1005,o:2440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2432~0,1~100%5D,as:%5B2433~728.90%5D%7D%7D,%7Bsl:i,t:2440,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjsi,dtt:174,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
event.png
tpsc-ue1.doubleverify.com/ Frame C31E 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=e94ef7b6479342078458125d52abedbf&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=154&eoid=9&msrjs=2576&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=10&msltms=55&vltms=154&sei=289&vetms=157&engms=1&engisel=1&ttfurm=2339&cbust=1650060996776303
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Vary
Origin
Access-Control-Allow-Origin
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/14/2022 22:16:36
YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E4FF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YlnuwDbW63m27dBuFkHZrwAAALwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YlnuwDbW63m27dBuFkHZrwAAALwAAAAB
date
Fri, 15 Apr 2022 22:16:36 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=73036259-eec2-4000-9932-c64a5e235247
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=73036259-eec2-4000-9932-c64a5e235247
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:37 GMT

Redirect headers

Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
MT3 4335 2c68c00 master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=73036259-eec2-4000-9932-c64a5e235247
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Apr 2022 22:16:35 GMT
crum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJxRE7Es94AACxz0P3PTg&expiration=1651270596
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJxRE7Es94AACxz0P3PTg&expiration=1651270596
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJxRE7Es94AACxz0P3PTg&expiration=1651270596
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9095998362304174636
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9095998362304174636
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9095998362304174636
pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c22b40bc-506d-4030-bd19-ab24bfbbd6ed
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c22b40bc-506d-4030-bd19-ab24bfbbd6ed
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c22b40bc-506d-4030-bd19-ab24bfbbd6ed
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650060997.869095,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YlnuwwAItyrlawA-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame E4FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652996&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652996&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 22:16:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86422ee5-39ef-4c57-8b4d-1fade2a39c1f&expiration=1652652996&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
ix
ad4m.at/ad/sim/ Frame E4FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
1
sync.connectad.io/umatch/ Frame E4FF 		0
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?bidder=idx&dataid=data13&uuid=YlnuwDbW63m27dBuFkHZrwAA%26188
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
6fc80bee6fa1714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
SPug
simage4.pubmatic.com/AdServer/ Frame 5A19 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 43C3 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61638232&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3b8185d7ec2dd6fab1d738ecffcd78f3a09f3b027115bf918926adec3fd4940e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 6CE9
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=A183E41957ED45CB8401B24CC9FFCD13
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=4EF02F2207334D239595025E9C33732B
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=52ebb55f-282e-4db0-9560-52580402bb53
42 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=52ebb55f-282e-4db0-9560-52580402bb53
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug016:0:434

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=52ebb55f-282e-4db0-9560-52580402bb53
Server
nginx
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B5A3
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 15 Apr 2022 22:16:37 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12827-YUL
x-timer
S1650060998.847205,VS0,VE12

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 15 Apr 2022 22:16:37 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12825-YUL
x-timer
S1650060998.786588,VS0,VE12
x-vcl-time-ms
12
Pug
image2.pubmatic.com/AdServer/ Frame E208
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sC-WAs4xCAyPFFS-xu5ZYg
42 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sC-WAs4xCAyPFFS-xu5ZYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug016:0:378

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:38 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sC-WAs4xCAyPFFS-xu5ZYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame E330 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 15 Apr 2022 22:16:38 GMT
Server
nginx/1.21.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C69D
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=98f9d8a4-c6db-46e8-9cd8-a42812b5714e
42 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=98f9d8a4-c6db-46e8-9cd8-a42812b5714e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 15 Apr 2022 22:16:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug003:0:1363

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 15 Apr 2022 22:16:37 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=98f9d8a4-c6db-46e8-9cd8-a42812b5714e
cookiesync
core.iprom.net/ Frame E7E2 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Apr 2022 22:16:38 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-82a9586d14ac@version_1.417
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 485B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 11:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug009:2:583

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 2690
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6b517f92-c61f-44fc-9add-1184414502cf
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6b517f92-c61f-44fc-9add-1184414502cf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug001:0:424

Redirect headers

content-length
0
date
Fri, 15 Apr 2022 22:16:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6b517f92-c61f-44fc-9add-1184414502cf
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FF27
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
1 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 15 Apr 2022 22:16:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug011:0:890

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 15 Apr 2022 22:16:37 GMT
expires
Thu, 14 Apr 2022 22:16:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A183E41957ED45CB8401B24CC9FFCD13
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
/
spl.zeotap.com/ Frame 43C3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
  • https://spl.zeotap.com/?zdid=1332&zcluid=2437e4dca5f33073
0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=2437e4dca5f33073
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fc80bf5eeaa7157-YUL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=2437e4dca5f33073
content-length
0
p.gif
visitor.fiftyt.com/ Frame 43C3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=&fbounce=1
0
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=&fbounce=1
Protocol
H2
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:37 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Fri, 15 Apr 2022 22:16:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
info2
uipglob.semasio.net/pubmatic/1/ Frame 43C3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:37 GMT
Frontend-ID
13
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:37 GMT
Frontend-ID
0
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 43C3 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fe00:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:37 GMT
via
1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
AT3Tv6LG-rXoZm6gi6Tk0tBmWR7LOkOJxWUeR_wQh1BK9HL1U4b0nQ==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 43C3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6974400712095498966
42 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6974400712095498966
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:37 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:324
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:37 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d60f6ce5-0f5f-42f1-92bb-ac7c443e1b52
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6974400712095498966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 43C3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3cde8ad-1ff0-4177-acc6-884ff3ba91ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3cde8ad-1ff0-4177-acc6-884ff3ba91ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:49:24 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3cde8ad-1ff0-4177-acc6-884ff3ba91ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 15 Apr 2022 22:16:38 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame 43C3 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
event.png
tpsc-ue1.doubleverify.com/ Frame C31E 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=e94ef7b6479342078458125d52abedbf&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=11&ismms=38&isumms=37&isvelg=1&nvr=6&isgmmims=38&isgmv4mims=38&elmtp=6&isbxdms=2438&b0=100&b11=2544&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2644&sftb=2644&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1257&isuiabvms=1257&isgmpims=197&isgmv4dpims=1257&ispmxpms=1257&engalms=36&dvp_dpr=1&cbust=1650060997775593
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:37 GMT
Vary
Origin
Access-Control-Allow-Origin
https://d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/14/2022 22:16:37
PugMaster
image6.pubmatic.com/AdServer/ Frame 2422 		428 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27618323&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
283311f8bbd5d059014bd511103df64d7ad8c80d7731f2ae520cf57aaa31fdc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
428
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame BC6D 		428 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19769470&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
283311f8bbd5d059014bd511103df64d7ad8c80d7731f2ae520cf57aaa31fdc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
428
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 4089 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55008382&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
/
io.narrative.io/ Frame 2422
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
  • https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Protocol
HTTP/1.1
Server
35.153.40.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-40-37.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:38 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Date
Fri, 15 Apr 2022 22:16:38 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 2422 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.157.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-157-37.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.91
content-type
image/gif
content-length
49
expires
0
3096
stags.bluekai.com/site/ Frame 2422 		62 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/3096?id=REPLACE_WITH_PUBMATIC_UNIQUE_USER_ID&limit=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:38 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
/
io.narrative.io/ Frame BC6D
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
  • https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Protocol
HTTP/1.1
Server
35.153.40.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-40-37.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:38 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=b81b3970-bd09-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Date
Fri, 15 Apr 2022 22:16:38 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame BC6D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.157.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-157-37.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.203
content-type
image/gif
content-length
49
expires
0
3096
stags.bluekai.com/site/ Frame BC6D 		62 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/3096?id=REPLACE_WITH_PUBMATIC_UNIQUE_USER_ID&limit=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:38 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 595E 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609951842930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609951842930625921455251000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expires
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
cksync.php
contextual.media.net/ Frame 3383 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952052930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952052930625921455251000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expires
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
cksync.php
contextual.media.net/ Frame 412E 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952362930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952362930625921455251000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expires
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
cksync.php
contextual.media.net/ Frame 6183 		45 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2930625921455251000V10&type=pba&refUrl=&vid=00609952742930625921455251000V10&ovsid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2930625921455251000V10%26type%3Dpba%26refUrl%3D%26vid%3D00609952742930625921455251000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expires
Fri, 15 Apr 2022 22:16:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
x-mnet-hl2
E
setuid
sync.quantumdex.io/ Frame 3231 		43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80bfadd5b4bd1-YUL
content-length
43
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
setuid
sync.quantumdex.io/ Frame FFC7 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80bfaed674bd1-YUL
content-length
43
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
setuid
sync.quantumdex.io/ Frame 6A91 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80bfb0d9f4bd1-YUL
content-length
43
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
setuid
sync.quantumdex.io/ Frame 0262 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6fc80bfb1db14bd1-YUL
content-length
43
content-type
image/gif
date
Fri, 15 Apr 2022 22:16:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
pixel.gif
px.moatads.com/ Frame F229 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=LINKEDIN_DCM_DISPLAY1&ol=2416751756&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VYTZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hyAW7OXurwpsfw%3D%3D&sc=1&os=1-ww%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fshrinke.me%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fshrinke.me&lp=https%3A%2F%2Fshrinke.me&t=1650060993534&de=939183224518&cu=1650060993534&m=5399&ar=9f397fe3151-clean&iw=73e0bcd&cb=0&ym=0&ll=3&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1455%3A779&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5165&cd=239&ah=5165&am=239&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=22666663%3A5289647%3A282888121%3A136107460&bo=shrinke.me&bd=shrinke.me&gw=linkedindcmdisplay501882038263&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatADV=9293830&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jh=-1&jm=-1&mr=2&ml=22666663&tc=0&fs=197724&na=1900076117&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:39 GMT
9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 04F5 		0
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bfdec371795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 6074 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bfdfc501795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 4BE3 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6fc80bfe0c711795-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 22:16:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=5376&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1089%3A1089%3A1351%3A598&aa=1&ad=5186&cn=1376&gn=1&gk=5186&gl=1376&ik=5186&ic=5186&ez=1&co=1376&cp=1115&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5163&cd=1115&ah=5163&am=1115&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1959274575&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:39 GMT
pixel.gif
px.moatads.com/ Frame 9AB2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=864626712&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-1l11it8kL9Bk3A%3D%3D&sc=1&os=1-AQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fshrinke.me&id=0&ii=2&f=1&j=https%3A%2F%2Ffw.adsafeprotected.com&lp=https%3A%2F%2Fshrinke.me&t=1650060994017&de=830611578923&cu=1650060994017&m=5578&ar=9f397fe3151-clean&iw=10864d7&cb=0&ym=0&ll=3&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1089%3A1089%3A1351%3A598&aa=1&ad=5387&cn=5186&gn=1&gk=5387&gl=5186&ik=5387&ic=5387&ez=1&co=1376&cp=1115&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5364&cd=5163&ah=5364&am=5163&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=149207%3A20330%3A5690067%3A3384958&bo=shrinke.me&bd=shrinke.me&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1337745639&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.118.9.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 22:16:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 15 Apr 2022 22:16:39 GMT
1
sync.connectad.io/umatch/ Frame AD6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?dataid=data1&uuid=9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6fc80c002a2c714a-YUL
date
Fri, 15 Apr 2022 22:16:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame 43C3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame BC6D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157940&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 22:16:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9TxaTT,pingTime:5,time:7441,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2440%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:2440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2432~0,1~100%5D,as:%5B2433~728.90%5D%7D%7D,%7Bsl:i,t:2440,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjsi,dtt:30,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:40 GMT
X-Server-Name
dt39.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame A5DC 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=664330&asId=14418884-f506-68e5-7574-aa7235e1f0ee&tv=%7Bc:9TxaTU,pingTime:5,time:7442,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2440%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2432~0,1~100%5D,as:%5B2433~728.90%5D%7D%7D,%7Bsl:i,t:2440,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjsi,dtt:30,fm:t379LK0+11111%7C1112%7C121%7C131%7C14%7C15%7C16%7C17%7C1811%7C181211%7C181212%7C1813%7C1814%7C1815%7C1816%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d22%7C1e%7C1f11%7C1g1*.664330-55786030%7C1g2%7C1h%7C1i%7C1j1%7C1j2%7C1j3%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1o3%7C1p%7C1q11%7C1q12%7C1q13%7C1r%7C1s,idMap:1g1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fw.adsafeprotected.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 22:16:40 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
909254.jpg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/909254.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e0034c68a36afacd7a8c6954e62654fd527a3b56c8baafcf36e79be725400884

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
9519
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"053c1299eb7c96736349f36f9c51f3a3"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
420744236
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/jpeg
Expires
Fri, 15 Apr 2022 22:36:32 GMT
909255.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		148 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/909255.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
bacfe93b6ae4e987b0a28b23dedf7724f72f283b5d9ac8f554f0854802d03a58

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
148
Last-Modified
Thu, 20 Jan 2022 10:50:45 GMT
Server
Flashtalking (AKA)
ETag
W/"5eb09eedc4523b0a3f9786e13a8e3a44"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
206980412
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912289.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912289.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e55718ce29c2c658c3fe1e5d6660b9239e92501dd50607a6bed06ffce40cf355

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
13549
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"05847cc4169aed75a4d36a3af55f4158"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
139578835
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912290.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912290.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
869cbfb17183eeee3ab0288fe71fcad2edce039b1e927f797605bfc00dc9f6df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
15566
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b5f1b1661bbaa365d6c32f44c91aa18c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
179119095
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912291.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912291.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
078acf0eb1f0bd7721bbfb4d7d738cf781d7c7062a87b8617043bda59abe61e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
15115
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"fc85a0b079c4653191b9a52d3f0a49ee"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
212377630
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912292.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912292.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0942df3240229558c0b38833e12054a5f7d67678c32587e2442eb565d8216144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
12306
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b4328cf9c07571e039ef33193c818646"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
373225570 374842875
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912293.png
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912293.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
9cdc2149ead7ab7ab157554f351697ff48fc4894dfe107b10d883ffba37130eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
20666
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"732e2a1453ae71cc55bb77ea4a557e3d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
151059162
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912269.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912269.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
564d2222eeccbc1820ea8d052c223170ab6910016d2f83a1a1059a6cb3d8fcae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
5765
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"13f7739e90538d361ec391d1b88f5016"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
496065349
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912270.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912270.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
5e9fc483b5d1c2af629329618ed4dabe2738ba056dab01f879b4da41814b4253

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1545
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"79d32ec21edfaf496a7ec08ea1f55991"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
208030558
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912272.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		42 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912272.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7e21165340a76c4c585350c2fbd8b9919f988fd450577eabecdf6220d3694c7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
9582
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"b3e7524a7f1ec19d9628afde2bd0f901"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
193996725
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912273.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912273.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
c5739c91ef36dcfeba5404513d2a8895e3d61cf6e89a889bcfeb9cb1fae231e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1743
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"512a396135ea0a807c9dcf8307829e48"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
744607506
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
912275.svg
cdn.flashtalking.com/156331/3769725/images/ Frame FDC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/156331/3769725/images/912275.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/156331/3769725/bannerify.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.56 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
9784e67bbb57893bd3f92b9bad6403be0de0b8cccfa003a8773844c51d344175

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.flashtalking.com/156331/3769725/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 22:16:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-FT-Origin
us
Connection
keep-alive
Content-Length
1882
Last-Modified
Thu, 20 Jan 2022 10:50:46 GMT
Server
Flashtalking (AKA)
ETag
W/"7e478e2ab5e77e648f75d8ca342d7738"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
179831032
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1192
Accept-Ranges
bytes
Content-Type
image/svg+xml
Expires
Fri, 15 Apr 2022 22:36:32 GMT
Golden%20State%20Warriors.4afbe63f.png
trendads.betfindr.com/betway/static/media/ Frame 9780 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/Golden%20State%20Warriors.4afbe63f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a815f1c740bfce3843f88c05c8e21971eb9a12aa929ad77e0dfaf8ff6930d331

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:04:20 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:05:49 GMT
server
AmazonS3
age
61943
etag
"4afbe63f15152afc9f27be8d94f1daa5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C4
content-length
17752
x-amz-cf-id
SlQkNskVprBeIHR3Fr8aWRWgbGzF2ZxoTkhvrkop8TwB61zs9CEq2w==
Denver%20Nuggets.47b7479c.png
trendads.betfindr.com/betway/static/media/ Frame 9780 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trendads.betfindr.com/betway/static/media/Denver%20Nuggets.47b7479c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ea00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b83141b3bbc5817667e68a41562ace97919d4b37f8d7f75b496c77ad803f8547

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trendads.betfindr.com/betway/?matchCount=5&autoFill=true&currency=USD&sport=Basketball&region=US&template=MatchBanner&size=728x90&adServerClickPrefix=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FRBK9jGK5pT_bB0k0u82gPwAAAGC4HgNA2wdJNLvNoD9EEr2MYrmlP1IJkotFfkdvnqeqyaf5Yze_7lliAAAAAHbcPgECMAAAmBwAAAIAAACDIfURsQkkAAAAAABVU0QAVVNEANgCWgD1ggAAAAABAgUCAAAAANYA8SSOkQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!whPadQjBu54YEIPD1I8BGLGTkAEgACgAMTMzMzMzM-c_OglOWU0yOjQ0NTlAiy5JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjQ0NTk%3D%2Fbn%3D87149%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F149207%3B5690067%3B3384958%3B211%3B24030490%2F%3Fft_impID%3DAB21809B-A4D3-64CF-5B26-BA2DA501864B%26us_privacy%3D!!US_PRIVACY!%26g%3D521893AB939334%26random%3D832560081%26ft_width%3D728%26ft_height%3D90&ft_s=bw213331&ft_a=DDR3220596021748057&ft_utm_medium=display&ft_utm_source=geniussports&ft_utm_campaign=149207&ft_utm_content=5690067&ft_utm_term=3384958&url=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 05:04:19 GMT
via
1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 09:05:45 GMT
server
AmazonS3
age
61944
etag
"47b7479cf1e78b7297e95a25fb7cf9f2"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C4
content-length
16649
x-amz-cf-id
JxVz8WDyyu8X9GzK74wPWIGP9jp1ZI1l7tRIivl-4pNo8U7nnZv43Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shrinke.me
URL
https://shrinke.me/sw.js?RG5vb0wfTFhWfnZXVk1gZkxDTSp1CFwMdSVdQlgucVZCW34nV0JXeSFeQgt1JVhWDn9wXQtedWZCTQp0IFxeWH12Q1pXKSFDW1p4IEMOCnVxQ1dffiJaDFZ7cVlcC25oTBwYbmhMBhskIAsLGictDQ5BLysDTUNudV5BWm5oCA4DPyFCCQ4gNwtDCS0oHQoy
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-L3_AFsVxXs8aa9b3_c1BgWRAw8dBM7gDsk88uEoyyXGK-pjNUzbcQSrugO1KNXVTlF4wBGCq67C6-hdTEJzTLrqajvy0yuDF6X3NFQlJKvjr97i_&sig=Cg0ArKJSzPomFqw1p4SnEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220413&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3910693916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1650060991442&rpt=228&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti2jVI1j_doMyVlXE5tk82LZP1ZtWRlEwN8Qw3I9W19kPyHC-vFUqI_yF-I_IeJALHJhcR9CnLfRFWir6uTChl2n8WDlr3CZaS8BLnfwFQOFU8tEZZ&sig=Cg0ArKJSzA7ZlGK215XsEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220413&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3910693916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1650060991914&rpt=229&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
mathid.mathtag.com
URL
https://mathid.mathtag.com/d/i.js
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| s function| j8MM function| M1gg function| q8MM string| F3UU number| LAST_CORRECT_EVENT_TIME number| _2348562587 number| _3919546766 function| fa object| e function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| adtrue_tags object| __cfQR function| E6ff function| f2AA function| H1ww function| B1ww function| i2oo number| iinf function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| addDictionary function| getRandomNumber function| showInPopup function| showInNewTab function| showBlog object| vitag function| t8b function| e6QQ boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| f8MM object| googletag object| q object| qs string| js_code string| k object| google_tag_data string| GoogleAnalyticsObject function| ga object| app_vars object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| WOW function| ClipboardJS boolean| __cfRLUnblockHandlers object| _VLIOBJ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaGlobal object| gaData function| getEidsByVLI string| tagApi object| viAPItag object| observeElementInViewport object| ggeac object| google_js_reporting_queue boolean| fanfilnfjkdsabfhjdsbfkljsvmjhdfb object| recaptcha object| closure_lm_538440 object| $sf boolean| apstagLOADED object| apstag function| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| Criteo undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| sas object| apntag object| _ADAGIO function| __iwgtk__ function| __iwct__ object| __rfc__ object| __rfs__ function| __old__refresh function| __ori__refresh function| __rfsfn__ object| __i2w__ number| __iwuri__ object| __iwur__ object| __iwasc__ object| __iwrso__ object| __iwst__ function| __iwurf__ object| __rfq__ boolean| __rfqcc__ boolean| __rfqfr__ number| __sti__ undefined| __st__ number| lnt_z object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state object| google_image_requests

245 Cookies

Domain/Path Name / Value
.resetdigital.co/csync Name: ckbk
Value: 000000A829E87B40
.bit.ly/ Name: _bit
Value: m3fmgt-1c068705c51dc31c1f-00i
shrinke.me/ Name: lang
Value: en_US
shrinke.me/ Name: AppSession
Value: 7a5c0e06d9e06acf65c2895944b0c61b
shrinke.me/ Name: csrfToken
Value: 6ffa29be01dcb95e0bdff0a79d9bbd77b8b4746b4e8bbf9a395023215b51dad2398856c29ae95f1244beb9fdade50e6e68bca4f701b3d0baf0a5eb1c5f12e4b3
freychang.fun/ Name: csu
Value: 1091333660925711@1@1650060990
shrinke.me/ Name: ab
Value: 2
.shrinke.me/ Name: _gid
Value: GA1.2.1870308712.1650060991
.shrinke.me/ Name: _gat_gtag_UA_137383949_1
Value: 1
shrinke.me/ Name: __ppIdCC
Value: agribje_ne21059909..9543
shrinke.me/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
shrinke.me/ Name: ucf_uid
Value: a9be15f1-df90-4ff1-b06e-5e6a48419ca5
pbjs.e-planning.net/ Name: CT
Value: 1
.aralego.com/ Name: sspid
Value: a9be15f1-df90-4ff1-b06e-5e6a48419ca5
.adnxs.com/ Name: uuid2
Value: 6974400712095498966
.a-mo.net/ Name: amuid2
Value: d4393612-11eb-4e6d-9bce-6c1ea2f5d974
.e-planning.net/ Name: E
Value: AKg-Om6c8XzHEZHH
prebid.a-mo.net/ Name: __amc
Value: 2_1650060990_1650060991
.quantumdex.io/ Name: uid
Value: 86750450-427f-4dfc-941a-06883fa1a778
.amazon-adsystem.com/ Name: ad-id
Value: A81QoPDxn0kGlK_KSp-6eVg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.shrinke.me/ Name: pbjs-pubCommonId
Value: 57c97d3a-c6b8-464d-a0d9-cb51bb4aa854
.adnxs.com/ Name: icu
Value: ChgI5MBsEAoYASABKAEwv93nkgY4AUABSAEKGAinunEQChgBIAEoATC_3eeSBjgBQAFIARC_3eeSBhgB
.doubleclick.net/ Name: IDE
Value: AHWqTUmBOIkO3H4SJWMfbG61narnbMbo-38zMOe0FynAU_qcmKlw2ymvlrkLFJLYPxE
.shrinke.me/ Name: _gat_UA-177299981-5
Value: 1
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=521893AB939334"
.sharethrough.com/ Name: stx_user_id
Value: e3c943cb-2137-4651-80fe-6da6e31486de
.yieldmo.com/ Name: yieldmo_id
Value: gaf953e5e8065b61488f%7C1650060991596%7C0%7C
.simpli.fi/ Name: suid
Value: A183E41957ED45CB8401B24CC9FFCD13
.shrinke.me/ Name: __gpi
Value: UID=0000048754d05dbd:T=1650060991:RT=1650060991:S=ALNI_Mbnm57TSAkNp56dVK0Izz9UnXX93g
.3lift.com/ Name: tluid
Value: 927618439590507575064
.zemanta.com/ Name: zuid
Value: CkZZcPL4NgoF1aU-tV_U
shrinke.me/ Name: cto_bidid
Value: n7Pspl91dndDYWpGb0l5aXcwbWRWTlZuMkQxMTJBRWpRZ0twSVJXWTRWQkVVNVZ3JTJGR2pudVRWUG42cXlPdkVDcXhJdWV3T0ZrcWYlMkYlMkY4cjhaRnlmanQlMkJSdnBBJTNEJTNE
shrinke.me/ Name: cto_bundle
Value: oXbK819vMDBvVUpBdW9TaHo1UktRTXpQbmxnUG83bnRlM0dFUDkxOEFMRm5MOUZFc3g5NVBjc1puTGFTa3Axbk1FOGNleTkyRXU0cDRkS0J6dW9rUmdaNTkzSEJHTXozS1FTRjNtSUFZVFBPeU1WRG53UEZsWk5LaU5iVE1qa3dHREpwUg
.shrinke.me/ Name: __gads
Value: ID=aba4f620a0c08bc6:T=1650060991:S=ALNI_MZvcqmLSR9-DjthuN_Xg3zAfjwLUw
.contextweb.com/ Name: V
Value: lkjrpHEWyYwp
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0d696d1452a9f69b
.adsrvr.org/ Name: TDID
Value: 86422ee5-39ef-4c57-8b4d-1fade2a39c1f
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-00ff0455-01b3-4f2e-6f05-0215a4a55b44.8StToZTvDZUhEQsPob9%2BJDZtUVCHLwr5ruoLD%2FfK7Nk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AAP8EVQGzTy5vBQIVpKVbRJU4mbg.zVTWwMI%2FCn3j3FFDgylRoUJRxYt4Q3rNhhxT72EpnVE
.ads.yieldmo.com/ Name: ptrpp
Value: lkjrpHEWyYwp
.ads.yieldmo.com/ Name: ptrstk
Value: AP8EVQGzTy5vBQIVpKVbRJU4mbg
.ads.yieldmo.com/ Name: ptrt
Value: 86422ee5-39ef-4c57-8b4d-1fade2a39c1f
.shrinke.me/ Name: _ga
Value: GA1.2.1062149969.1650060991
.shrinke.me/ Name: _gat_gtag_UA_212001089_2
Value: 1
.bidswitch.net/ Name: tuuid
Value: 8e82fb69-6b51-4f31-baa4-500386e0ddf0
.bidswitch.net/ Name: c
Value: 1650060992
.bidswitch.net/ Name: tuuid_lu
Value: 1650060992
.criteo.com/ Name: uid
Value: f1881972-904d-44c3-b02a-8f14e8f1182b
.media.net/ Name: visitor-id
Value: 2930625921455251000V10
.mfadsrvr.com/ Name: tuuid
Value: 4b35a3d9-d4dc-4aa0-b126-382b8c18160e
.mfadsrvr.com/ Name: c
Value: 1650060992
.mfadsrvr.com/ Name: tuuid_lu
Value: 1650060992
.casalemedia.com/ Name: CMPS
Value: 466
.mfadsrvr.com/ Name: bsw_uid
Value: 8e82fb69-6b51-4f31-baa4-500386e0ddf0
.openx.net/ Name: i
Value: d8c9c0f4-4647-4303-aed1-43db9345a56a|1650060992
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1650060992!medianet,1650060992
.teads.tv/ Name: tt_viewer
Value: f1d845d5-acf4-4c30-9a9e-4be5f766a64f
.casalemedia.com/ Name: CMID
Value: YlnuwDbW63m27dBuFkHZrwAA
.casalemedia.com/ Name: CMPRO
Value: 188
.media.net/ Name: data-mf
Value: 4b35a3d9-d4dc-4aa0-b126-382b8c18160e~~1
.mookie1.com/ Name: id
Value: 10603584586581931894
.mookie1.com/ Name: mdata
Value: 1|10603584586581931894|1650060992961
.mookie1.com/ Name: ov
Value: 9c807fda1cc6daff7dc0e99d9f246870
.ads.yieldmo.com/ Name: ptrbsw
Value: 8e82fb69-6b51-4f31-baa4-500386e0ddf0
.media.net/ Name: data-ttd
Value: 86422ee5-39ef-4c57-8b4d-1fade2a39c1f~~1
.shrinke.me/ Name: _ga_0DTZ6LRDBJ
Value: GS1.1.1650060991.1.1.1650060993.58
.tapad.com/ Name: TapAd_TS
Value: 1650060993137
.tapad.com/ Name: TapAd_DID
Value: 54920c67-c497-4656-975c-d1a928dc114c
.media.net/ Name: data-g
Value: CAESECG86XVj8yahAoCZIgRnzjQ~~10
.media.net/ Name: data-bs
Value: 8e82fb69-6b51-4f31-baa4-500386e0ddf0~~1
.w55c.net/ Name: wfivefivec
Value: lQCL2ZUG1NFueZ5
.media.net/ Name: data-c
Value: f1881972-904d-44c3-b02a-8f14e8f1182b~~1
.media.net/ Name: data-c-ts
Value: 1650060993
.connextra.com/ Name: CxtId
Value: 1a2d3de1-f40b-4dd3-9f26-e81cb477bd0f
.connextra.com/ Name: Betway
Value: A%7Cpostimpression%7C1%7C202204152316%7C7%7CDDM_APN_Betway_CA_Sports_Impression_Pixel_1x1%7CDDM_Betway_CA_Sports_Impression_Pixel_1x1%7C%7C%7CR5Fqp_O8SV6YA4j6G6hEkw
.spotxchange.com/ Name: audience
Value: b526e701-bd09-11ec-8bbd-17aa2b400503
.mookie1.com/ Name: syncdata_TAP
Value: 1
shrinke.me/ Name: _lr_retry_request
Value: true
shrinke.me/ Name: _lr_env_src_ats
Value: false
.w55c.net/ Name: matchmedianet
Value: 5
.advertising.com/ Name: APID
Value: UPb547cf1e-bd09-11ec-b948-0e9980f97a41
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 98019058e33b336139c0675e1eb33f69
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsLQwMLQ0MLVINTZOMjY2MzS2TDYwMzdNNUwFctPMLBmAICny3UEQDQUAN2cKZg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIinx3EEhBAQAdZgJr"
.media.net/ Name: data-xu
Value: lQCL2ZUG1NFueZ5~~10
.yahoo.com/ Name: A3
Value: d=AQABBMHuWWICENVjma9XHKZUtDXooNaDXrMFEgEBAQFAW2JjYgAAAAAA_eMAAA&S=AQAAAkXWtaGVnU3ydXS_s3CP9R0
.agkn.com/ Name: ab
Value: 0001%3A566Kpttc1jXUdZeJhOUWFpqTndN4VcvO
.shrinke.me/ Name: _cc_id
Value: 98019058e33b336139c0675e1eb33f69
.shrinke.me/ Name: panoramaId
Value: d19fbcd1fd7d151af51118719b1816d5393807b2871058b082e746b90d3d387f
shrinke.me/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%2286422ee5-39ef-4c57-8b4d-1fade2a39c1f%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-15T22%3A16%3A33%22%7D
.mookie1.com/ Name: syncdata_NEU
Value: 1
.lijit.com/ Name: ljt_reader
Value: bca34109ab6c8e0f610f67db
.shrinke.me/ Name: panoramaId_expiry
Value: 1650665793563
.mathtag.com/ Name: uuid
Value: 73036259-eec2-4000-9932-c64a5e235247
.media.net/ Name: data-mm
Value: 73036259-eec2-4000-9932-c64a5e235247~~10
shrinke.me/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-04-15T22%3A16%3A33.839603Z%22%2C%22id5_consent%22%3Atrue%2C%22original_uid%22%3A%22ID5*ChuC62OxET2fIkQ9LwQbnB7ddIdvWTe325KMrwLIOeMOnhj6moV__2DdhOCIXAxWDp-YD2QEgoAZn_2qOF4_SA6gGOFnKnjS6VsNV74c6rEOoXge2kwIgbiukOd2rlUpDqKmL2vjN3RsBWjVD0Y5QQ6jzSLaeLROgql9ODN1axEOpGJ1oljJYSJvt6DdrmnoDqXJigO6jeUYd2Y47j4v7Q6mt77jBrDhzvY7Sfw07DQOp_wNPsaSAmoxzTdrE45vDqge-9JpFLTtmvwZNm5WvA6pm6Uj1vF5t6A2X3VBu7cOqjA-Xm2zSKTx8sqX6qkxDqtqj1WS-MtVAskeuYdxcw6s_mcQvDxImKn_2fZtgGAOrcqO5bzKvEdUgvISyCIwDq51x0Mie_-RsS0kh6JVOQ6vzYJhEb_9xXZ2375lwzcOsCYci6P7Wn6q-lW8tJV0DrFhPSq8AHCMMK6F6DFuUA6y7GVKy0wJTo3xDl4mq00Os47ZTTx9EKbv7O2dnCDmDrR_I3FVdkmBkU1qgGovaQ61cVjMykHhknID7dwMFB8Ott3LM3C3jS-W-6MrT5BYDretzk4kkU8YGuIyHZ-Wcw64huQvEIlL7wXgA0ww-RkOuQuKES4IU9nmvYPkfRghDrruBG7skFaxP6CUSVa1Mw8wWI5QceZvTO6KdeK7Dkk%22%2C%22universal_uid%22%3A%22ID5*1w2lp_tlnrkoEx1CzrDEmJ8SSv9iaHNlxb5q85g3lq4OnoPthj2JVnqs9fBj1rizDp-Tqu23SZpcVkRLb7NMFw6gFNYgBh9r3b0dLqE4Vd4Oobx9o-b9ML5cX8djGd1hDqJ6vCSaz7SsyeBEZ1YJlA6jf3JquupUAnEPEbbquSUOpFIc6W-UnBHORaXtyCZpDqWY4j1wc7icFh3w5y5eNg6mowJP1fR8rL9khE0z7_IOp-T2Z_-adDvMevL1qywSDqhyfaO9w9EfA-vcZFNhww6p_WR5vEjmc9ymxgL3uIEOqlFix0E2lojKdO9E0hpNDqsPd9M53So5gClXLmMEJw6smZQKUFyyT87jlIwx3akOrYI1OROsJVXvsR4EpDAcDq477_spabUWGi54VPRtUg6vvjYrRiHZsRjie0QFRZQOsFv2MPeiA_RuvciqTRpNDrEmBv_Rwb1uzQcp60c-vw6yGMQA1sBb62DxBinpf5gOsziykfxIK0vNPcjORiuODrR_y1rEX-4Wng6vyASL_w61RAOVWr4-tyjA68p0rcMOtteEJfic-9P8sTwZUlkbDreXB5fBm6LhA2oZJVb4gw64dVfypeo09PcVVkKR2xQOuR7D5KetJQx0pg7KufGSDro9kETdzbbse-uq1WHAjw8wRhMCJ7HNSmk48PtKCPQ%22%2C%22signature%22%3A%22ID5_AdfLQHHo9Zi55DBqXC1e0VlkFGp-1nl9IAhX_WoyC20OY6vQY5-le7WH1cuJJ8KidC_9S_1wfMc5j-GFQh5VCmM%22%2C%22link_type%22%3A1%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22other%22%2C%22id5_consent%22%3Atrue%7D%7D
.flashtalking.com/ Name: _D9J
Value: 09587282b994450fb60e672ee8aea521
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9DE893E0-A6B9-4F17-AF1B-495B7FC4F109
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.rubiconproject.com/ Name: khaos
Value: L20ZPO40-P-HI6E
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.adform.net/ Name: C
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 70cfb835fc201217
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.adform.net/ Name: uid
Value: 2697118002783910081
.adgrx.com/ Name: ADGRX_UID
Value: b63a6658-bd09-11ec-abc0-b1992d655dbf
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YlnuwwAItyrlawA-
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.owneriq.net/ Name: si
Value: Q7033473951776023466P
.owneriq.net/ Name: pmc
Value: 1
.acuityplatform.com/ Name: auid
Value: 663495379157
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQAtpSlOCmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUALaUpTgo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.quantserve.com/ Name: mc
Value: 6259eec3-2ae5c-cfa5b-2e2cc
.bidr.io/ Name: bito
Value: AAJxRE7Es94AACxz0P3PTg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ipredictive.com/ Name: cu
Value: b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4|1650060995178
.shrinke.me/ Name: cto_bundle
Value: sIPXPV9pSDFXamNEVXlhY3o1U3FmVmZzSlNoYXBaV0tEMHo1RlBnWnJDR2J0TExzeHRqUyUyQlprM0d5cXplSFpKSDdZak13YXVLajRHcUhCJTJCRTZTOTZwSmhJbk1lZ2dSVVpkd1c3THpyRzIlMkZYR2plamU0T3Z0cktMOVpzJTJCNyUyQjljdnVSQ3IxemZSQnZSNHFDMU1iS0JmdUp6aXpRJTNEJTNE
.shrinke.me/ Name: cto_bidid
Value: ZQNe219xWHk5M2VITmJEJTJGSk1iWDYzZWJDRTdKRTVKTzJPS0k2JTJCVHJmSVVqM3FjWmFqaTlybFF3S3VRQmVqQm90ZDJiNlM1WDBkRHVxenJNUXJUdXBsRnhZR0NNQVRYdnZnN09oZGw3Umt5WENxekElM0Q
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.turn.com/ Name: uid
Value: 9095998362304174636
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-AP8EVQGzTy5vBQIVpKVbRJU4mbg
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:lQCL2ZUG1NFueZ5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-5202d352-a27b-4da3-838a-6778e7af9ed2&KRTB&23340-5202d352-a27b-4da3-838a-6778e7af9ed2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YlnuwwAItyrlawA-&KRTB&22978-YlnuwwAItyrlawA-&KRTB&23194-YlnuwwAItyrlawA-&KRTB&23209-YlnuwwAItyrlawA-
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-b63a6658-bd09-11ec-abc0-b1992d655dbf
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-663495379157
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.sitescout.com/ Name: ssi
Value: cdb9b177-83ca-4f23-a66f-dbf900de4272#1650060995265
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-86422ee5-39ef-4c57-8b4d-1fade2a39c1f&KRTB&22918-86422ee5-39ef-4c57-8b4d-1fade2a39c1f&KRTB&23031-86422ee5-39ef-4c57-8b4d-1fade2a39c1f
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1dah|7TZ.0.1|7dN.0.AAJxRE7Es94AACxz0P3PTg
beacon.lynx.cognitivlabs.com/ Name: UID
Value: eaa8589c-3f91-4fe1-a33a-88a34b7d333c
beacon.lynx.cognitivlabs.com/ Name: ss
Value: LYezcgdHba4f9vT5Mc5XGtxreZSzkzdXiNPyjM1D9uDRBDDWwatiasfyqseo6HAZLFlxC6qRq0GeNMoFOVb3zw%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:73036259-eec2-4000-9932-c64a5e235247&KRTB&16736-uid:73036259-eec2-4000-9932-c64a5e235247&KRTB&23019-uid:73036259-eec2-4000-9932-c64a5e235247&KRTB&23208-uid:73036259-eec2-4000-9932-c64a5e235247
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7033473951776023466&KRTB&22521-Q7033473951776023466
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOvBxfjkdPyFXzuWXyFcAig&KRTB&22987-CAESEOvBxfjkdPyFXzuWXyFcAig&KRTB&23025-CAESEOvBxfjkdPyFXzuWXyFcAig
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6974400712095498966&KRTB&23339-6974400712095498966
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A183E41957ED45CB8401B24CC9FFCD13
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MTM1NzY0NjG0EOIz1E1J93LJNPQNNSopDgEADnD0vyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MTM1NzY0NjG0EOIz1E1J93LJNPQNNSopDpHiNTQzNTAwM7C0NDU2MQcAJ7vLIDMAAAA
.go.sonobi.com/ Name: __uis
Value: cb21d941-6452-4163-9cbc-8a7281820433
.go.sonobi.com/ Name: HAPLB8S
Value: s8551|Ylnuv
.id5-sync.com/ Name: id5
Value: b1c711ad-a6a0-3df8-9d13-546eeb23c0d5#1650060994787#3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2697118002783910081&KRTB&23263-2697118002783910081
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a&KRTB&19420-c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a&KRTB&22979-c-XedyCyiH1o5YorcLTGLSO23ixo5Y58JrTIse8a
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&KRTB&23011-b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4&KRTB&23355-b6420d26-bd09-11ec-9cc5-6d6a9bf4f8b4
.mxptint.net/ Name: mxpim
Value: R1B341_EE6398FB_6DF84005.1.00000000000000006259EEC3
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9095998362304174636
.rlcdn.com/ Name: pxrc
Value: CMPd55IGEgUI6AcQABIFCOhHEAA=
.media.net/ Name: data-rk
Value: 970033154657313418~~8
.media.net/ Name: data-o
Value: c3499632-44c0-4614-9748-f55d458d044b~~8
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1MDA2MDk5NTQ4Nn0
.smartadserver.com/ Name: pid
Value: 1407667298119850182
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAJxRE7Es94AACxz0P3PTg
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 710c5734-0f18-516a-bad1-112dd888ffee
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGbJL88kmuugNdKvc7AAAAAAA&KRTB&22713-AAAGbJL88kmuugNdKvc7AAAAAAA&KRTB&22715-AAAGbJL88kmuugNdKvc7AAAAAAA
.disqus.com/ Name: zeta-ssp-user-id
Value: 37dd14da-86e0-156c-ecca-50eee55ffd79
.technoratimedia.com/ Name: tads_uid
Value: 4EF02F2207334D239595025E9C33732B
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220415181635-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAJxRE7Es94AACxz0P3PTg
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-000000A829E87B40
.media.net/ Name: data-so
Value: cb21d941-6452-4163-9cbc-8a7281820433~~8
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_EE6398FB_6DF84005&KRTB&23092-R1B341_EE6398FB_6DF84005
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAJxRE7Es94AACxz0P3PTg
.creative-serving.com/ Name: tuuid
Value: 98f9d8a4-c6db-46e8-9cd8-a42812b5714e
.creative-serving.com/ Name: c
Value: 1650060995
.creative-serving.com/ Name: tuuid_lu
Value: 1650060995
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-cdb9b177-83ca-4f23-a66f-dbf900de4272-6259eec3-4341
.pippio.com/ Name: did
Value: jtWobgRbxBFC0TqI
.pippio.com/ Name: didts
Value: 1650060995
.pippio.com/ Name: nnls
Value:
.betweendigital.com/ Name: ut
Value: YlnuwwAL_lAApUjBVfsAOjWl1Msgn2qSmlt_Lw==
.media.net/ Name: data-ze
Value: CkZZcPL4NgoF1aU-tV_U~~8
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.quantserve.com/ Name: d
Value: EKMBEgH0JfijC_vLEA
.owneriq.net/ Name: p2
Value: cc
.tribalfusion.com/ Name: ANON_ID
Value: aanuvnx2eNkSE0U7b9fwVuRl73ZdOOqK7DSvFuKjE0KEVjZdXAvNCDMiAnZcUYbUWLnafvxdd5mZcp83jXcKmHjrZcmSH8X1yvVraRfZcM
.pippio.com/ Name: pxrc
Value: CMPd55IGEgQIAhAAEgYI7OsBEAA=
.dyntrk.com/ Name: dyn_u
Value: 06030001_6259eec3eaa2e
.eqads.com/ Name: EQUser
Value: UID=5982f407-bf0c-4382-8a6e-8678a0ade8e3
.demdex.net/ Name: demdex
Value: 53354441349442609813257735480466739309
.dpm.demdex.net/ Name: dpm
Value: 53354441349442609813257735480466739309
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8e82fb69-6b51-4f31-baa4-500386e0ddf0
.linksynergy.com/ Name: rmuid
Value: cfcfd861-115a-44da-b333-a901988e16a0
.linksynergy.com/ Name: icts
Value: 2022-04-15T22:16:36Z
.rlcdn.com/ Name: rlas3
Value: 522+5mlKrp9G13tOD/YJM5Dn8ClIGbp+FYlzcCJGNkg=
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2Hb6vyxB8!A#Eo(<j<dINiYhTyXnfi8FW/7pW$g1d!]1iTtYZa4Jc@hV5RCbo3P5m@4!W/X%W#.wLP<6FISa`*%jdTB-[r285$Liel/N2@h8.'$nIX?DT5jiektjTB[y=Rc/I=3nXm/!:BJ+13)BN
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJhYzU5Yjg0MjZmNmYwOWJjMDAyNzZlMTkwZjY3OWJlOSIsImV4cGlyZXMiOiIyMDIyLTA3LTE0VDIyOjE2OjM2WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA0LTE1VDIyOjE2OjM2WiJ9
.360yield.com/ Name: tuuid_lu
Value: 1650060996
.360yield.com/ Name: tuuid
Value: b8065aec-41e2-4cf4-9fc4-f804071cd359
.rubiconproject.com/ Name: audit
Value: 1|fewTIvZzwjzMcn1D+tL8UUmR7zO9hA2BxLrvSeehXnHWaDs14xzbSEO0ryWEvk5gCSEtSSS8/epCqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXE5H8CUtxVpQ4vDewQJmkIHSbePZj6z0VDhpAC0fAcW+tHzXFmW1BbuP5jn1WOR3mSzeiAkBcHlDpCn9sBUgfJ1X1vKT1ONdRY=
.connectad.io/ Name: uid
Value: V0U9AYOjl4EtbLGoi37BblfsYqQroRUUQskLl62k
.openx.net/ Name: pd
Value: v2|1650060996|vMgahEkWgyiK
.emxdgt.com/ Name: uid
Value: 57451650060996685746a4
.mookie1.com/ Name: syncdata_IOW
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|86422ee5-39ef-4c57-8b4d-1fade2a39c1f|1650060996735720
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2542
.emxdgt.com/ Name: apn_id
Value: 6974400712095498966
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~24cm:1762~24cm:196y~24cm:18z8~24cm:192w~24cm:198a~24cm:175w~24cm"
.creativecdn.com/ Name: u
Value: 0XBRe1cabWiJP2Mj0IBi
.creativecdn.com/ Name: ts
Value: 1650060996
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIgIypj_TNzzoQBRIXCghwdWJtYXRpYxILCNSr_6v0zc86EAUSFQoGY2FzYWxlEgsIorCHvfTNzzoQBRIUCgV0YXBhZBILCLaPpLv0zc86EAUYASACKAIyCwi2h6fois7POhAFOAFaBXRhcGFkYAI.
.casalemedia.com/ Name: CMRUM3
Value: 6f6259eec305a0&f16259eec305a0&496259eec305a0&7b6259eec305a0&036259eec5276073036259-eec2-4000-9932-c64a5e235247&516259eec305a0&296259eec305a0&056259eec405a00&836259eec305a0&046259eec427609095998362304174636&2e6259eec427606974400712095498966&e66259eec32760&b06259eec305a0&586259eec405a0&da6259eec32760&286259eec427605982f407-bf0c-4382-8a6e-8678a0ade8e3&1f6259eec305a0&826259eec4a8c0&c46259eec305a0&986259eec405a0&276259eec40b40&ce6259eec405a0&2d6259eec105a0CAESECgyjy-IsjQ1HTjhAkYhOV8
.casalemedia.com/ Name: CMST
Value: YlnuwGJZ7sUA
.pubmatic.com/ Name: SyncRTB3
Value: 1650585600%3A223_2_15_38%7C1651276800%3A35%7C1650412800%3A216%7C1652572800%3A224%7C1655164800%3A69%7C1650844800%3A63%7C1651190400%3A3_48_99_96_243_204_166_7_104_244_22_5_21_234_239_165_233_13_8_176_238_81_54_178_189_56_220_231_57_55_71_222_240
.taboola.com/ Name: t_gid
Value: 249de6f5-9231-4bd3-982b-e809b3d910a9-tuct9537445
.fiftyt.com/ Name: fifid
Value: 550ca677-93a1-4978-48e5-0ffe97471e30
.fiftyt.com/ Name: cs
Value: MTY1MDA2MDk5N3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fDv-mzOuQRt0nQViA5U0cvHmOZA7Hf38EQorYiG0Z_Rm
ads.playground.xyz/ Name: connect.sid
Value: s%3ABL89-z49Uxsu2tKbS5bvlOg17eWSwAZy.bTZ9bcvxrZREMTbpNZuKUYrDAjVk0lXJEKubB4P6ia0
.inmobi.com/ Name: idsp_c
Value: 6b517f92-c61f-44fc-9add-1184414502cf
.fiftyt.com/ Name: fppm
Value: 20220415221637
.semasio.net/ Name: SEUNCY
Value: DFF3D1AE044EAFC0
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D52ebb55f-282e-4db0-9560-52580402bb53
.bnmla.com/ Name: rx_uuid
Value: 52ebb55f-282e-4db0-9560-52580402bb53
.bnmla.com/ Name: rx_maxage_10738
Value: 1651356997
.pubmatic.com/ Name: KRTBCOOKIE_1282
Value: 23359-98f9d8a4-c6db-46e8-9cd8-a42812b5714e
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.onaudience.com/ Name: cookie
Value: 2437e4dca5f33073
.onaudience.com/ Name: done_redirects219
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: c3cde8ad-1ff0-4177-acc6-884ff3ba91ad.419274998
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-52ebb55f-282e-4db0-9560-52580402bb53
.pubmatic.com/ Name: DPSync3
Value: 1651190400%3A246_201_228_236_197_219_221_226_245%7C1650067200%3A174%7C1650585600%3A164
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1650082598200
io.narrative.io/ Name: io.narrative.guid.v2
Value: b81b3970-bd09-11ec-9141-120bff9cc4e7
.c.appier.net/ Name: _auid
Value: sC-WAs4xCAyPFFS-xu5ZYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-sC-WAs4xCAyPFFS-xu5ZYg&KRTB&23130-sC-WAs4xCAyPFFS-xu5ZYg
.pubmatic.com/ Name: PugT
Value: 1650060998
.media.net/ Name: data-pba
Value: 9DE893E0-A6B9-4F17-AF1B-495B7FC4F109~~8
.smilewanted.com/ Name: sw_user_params_infos
Value: nUIH3TP0E6IBJqqS07tN3p69u11n4k8yQ%2FhQ%2FmbxErS7UXiloNW4r%2B6sdPxjvV5JL381b%2FlDlO0Y0ohV8IgUoCLHd7JFZyCgdvmVtrAZ323Xb7y2EAOY4gBlLG0rRNOYnWh8CtCHWvgu8trpMOKM6wTt%2B%2BwENZg7RJiAPlztZCwU%2B3vKXaj6fQ4uXiDnjGGFOTWFlNlcc37KBe9fmMT1%2F5BHuIFIEZBPTPPJF2DRGDy54u6%2FYcDEueAyrhuopvrmhfGjj58fNtAmLCrRcG9kZRRBXlIsfFRDDFPJfmg4YEMD2JYpUo1GJheCkYSv1TR%2BvCPijloJ9%2BRHg30M6Vx0R5RTXoIynoG66lhUeMgh%2FIjDqAuk5I7DUd%2FTe960C%2FcMDj%2BAdsErHJfRou6ENSMLgxIk8VjxUzhdu8Lo2JR227sCDGLPukiNvyqdlcXy8bfWakknGQ2Bw7mgpN04j%2FTQ6IlGYTx6%2BNIvHtsFM90AvQU%3D
.connectad.io/ Name: id
Value: eyJpdiI6InMrK3Y0eDlsa3NicVwvMld0MHR6dnlnPT0iLCJ2YWx1ZSI6IldUNWxsWEFTOGZCb3RyRUpJenh1N2lmSnNZMEV1aHJ4bjUzXC9UTkNjSFZNMVE1UlRIZ2ZyZUlcL1RRSnRMTHZmbGJOS214SXBHY04yZ0xxd0R1OGw3OTJVZEY4ZWVTZ1RYZUJzMk1QVFJCeUlKY2xzWkI2eng0SnoyWkFobGYrUTBGWHFLZUlVTWpzU1pIK2sxWXFtY3BFVm96TGU4ZzNXVHByVEsyMjVUNXhHSVM5cFhST2xjRTBFTHBYSDkzeEZqVXRxU1E0QisyeEYwd1VtOWVEQzlvQmNBdEV1a1c3UGdcL1wvV0F3S0RsSmtwV3NZS01Scm9KSzNOYlZCTmpoSnVNV1ltUzZOMkFKNFJ6ZmRVdFBhSEZlazNYejNTZTE2aUlXbnlaOG1KOG9TYUdmbG9UUEZxT3dENDB1TEhZcFNUUGF0Vm5jTlRkUytSQ3RoYWQ4NTVMNGtsbWRWOXZIWk1ub1NicVhcL1ZIaEYrRDl1eTZDZXZqWFwvUmM2Nlo0alJ3NDBBbldHanVWYnk1VDZXUTZZc3c1ek11MzFCOENoUzNweCtDVXVnWEREYU09IiwibWFjIjoiNWZjZmMwNzBhMTk2OGM1M2IxMTc3ZjQ5YmUwOTA3Nzg1NDMzMWVhZjUwYmUzYjA2YmVjZmM1YzExMDVjMjRlNiJ9
.pubmatic.com/ Name: SPugT
Value: 1650061000

13 Console Messages

Source Level URL
Text
network error URL: https://roofprison.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://roofprison.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6974400712095498966&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://mathid.mathtag.com/d/i.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://z.moatads.com/linkedindcmdisplay501882038263/moatad.js(Line 133)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js(Line 133)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8e82fb69-6b51-4f31-baa4-500386e0ddf0&ssp=ucfunnel&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
29dbe4579dc75e16c364150d9c79efa3.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
accounts.google.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
assets.a-mo.net
assets.vlitag.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bit.ly
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
cdn-adtrue.com
cdn.adnxs.com
cdn.adtrue.com
cdn.aralego.net
cdn.connectad.io
cdn.doubleverify.com
cdn.flashtalking.com
cdn.jsdelivr.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
csync.smilewanted.com
d301cxwfymy227.cloudfront.net
d44cab8fbe9d5ea6a09089e0e26f959f.safeframe.googlesyndication.com
d9.flashtalking.com
dis.criteo.com
dmp.adblade.com
docker.creative-serving.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
exchange.adtrue.com
ff6a9fd89745b947a60a1f3f04de9037.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
fw.adsafeprotected.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hblg.media.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
io.narrative.io
ithdedukica.com
leaderhistliness.info
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mathid.mathtag.com
mb.moatads.com
media.vlitag.com
motoriesm.com
mug.criteo.com
mweb.ck.inmobi.com
nym1-ib.adnxs.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pbjs.e-planning.net
pertyvaluati.com
pippio.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubmatic-match.dotomi.com
px.moatads.com
px.owneriq.net
px.vliplatform.com
qsearch-a.akamaihd.net
quantumsyndication.com
r1---sn-apaapm4g-apae.googlevideo.com
redirector.googlevideo.com
resources.betway.com
roofprison.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
services.vlitag.com
shrinke.me
shrinkme.io
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.connextra.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
supertruco.com
sync-amz.ads.yieldmo.com
sync-eu.connectad.io
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.connectad.io
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.resetdigital.co
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
tag.vlitag.com
tags.orquideassp.com
tags.rd.linksynergy.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
trc.taboola.com
trendads-betway-api.reactivebetting.com
trendads.betfindr.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
visitor.fiftyt.com
warp.media.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
ystemgthr.com
z.moatads.com
mathid.mathtag.com
odr.mookie1.com
pagead2.googlesyndication.com
shrinke.me
103.132.192.30
103.229.206.240
104.105.35.116
104.105.85.254
104.118.8.253
104.118.8.56
104.118.9.242
104.118.9.53
104.127.172.242
104.18.15.91
104.22.68.131
104.244.36.20
104.36.115.113
104.36.115.114
104.36.115.98
104.45.178.220
104.76.100.229
104.76.100.25
107.178.246.49
107.178.254.65
107.22.28.167
107.23.66.96
135.148.122.24
141.94.170.77
142.250.80.38
142.251.40.130
142.251.41.2
143.204.137.197
147.75.38.124
151.101.129.108
151.101.130.49
151.101.193.108
151.101.65.108
151.101.65.44
159.65.197.210
162.55.120.196
169.197.150.7
169.61.103.241
172.104.70.67
172.217.165.130
172.98.26.126
173.231.178.83
178.250.2.131
18.233.196.70
18.67.76.108
185.167.164.49
185.184.8.90
192.0.78.146
192.243.59.13
192.35.249.120
192.96.200.41
193.122.174.27
195.5.165.20
198.148.27.139
199.115.117.82
199.127.204.142
199.187.193.185
199.187.193.193
199.38.167.128
2001:4de0:ac18::1:a:1b
204.2.255.233
209.197.3.19
209.54.180.3
216.152.140.200
23.200.197.46
23.50.53.185
23.52.167.93
23.88.75.187
2600:1400:d:598::4469
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e
2600:1f18:612b:4200:c095:ee73:9876:f5ea
2600:9000:20ed:fe00:12:fc33:3bc0:21
2600:9000:20ed:fe00:1a:609a:6780:93a1
2600:9000:2120:ea00:6:834a:a040:93a1
2600:9000:2140:e000:1b:5138:8a40:93a1
2600:9000:21dd:e400:8:48e:53c0:93a1
2600:9000:2209:de00:2:e529:700:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:2460
2606:4700:10::6816:36ce
2606:4700:10::6816:37ce
2606:4700:10::6816:3ac7
2606:4700:20::681a:467
2606:4700:20::ac43:4972
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:2dcf
2606:4700:3030::6815:5286
2606:4700:3033::6815:5db6
2606:4700:3033::ac43:8bcc
2606:4700:3033::ac43:8e10
2606:4700:3035::6815:2177
2606:4700:3037::ac43:9a47
2606:4700:3038::6815:ead6
2606:4700:4400::ac40:98f5
2606:4700:7::a29f:8955
2606:4700::6810:5814
2606:4700::6813:9e13
2606:ae80:1451:18::1720
2607:f8b0:4004:c06::9b
2607:f8b0:4006:808::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::200d
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::200a
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:559e:e8a8:8a19:7f11
2a00:ba61:0:126::c
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::300
3.122.214.5
3.208.119.163
3.208.44.45
3.93.88.191
34.102.253.54
34.107.148.139
34.117.228.201
34.120.155.137
34.199.73.116
34.226.161.152
34.235.71.168
34.236.88.116
34.237.23.137
34.95.69.49
34.98.67.3
35.153.40.37
35.168.248.2
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.211.178.172
35.244.159.8
37.157.2.239
38.27.122.101
44.195.137.121
44.196.51.251
44.197.2.87
45.35.192.162
50.112.169.222
50.31.142.63
50.57.31.206
51.222.239.230
51.89.21.30
52.202.103.181
52.203.157.37
52.203.231.132
52.203.71.179
52.206.39.185
52.223.22.214
52.223.40.198
52.45.33.138
52.58.249.203
52.70.185.145
54.152.116.38
54.160.96.164
54.173.43.128
54.209.87.113
54.236.195.76
63.251.114.182
67.199.248.11
68.67.160.75
68.67.161.208
68.67.179.166
69.166.1.10
69.90.254.78
74.119.119.139
74.119.119.150
8.28.7.83
8.43.72.98
88.212.252.2
99.84.118.70
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05e0987b1ea7c2f822d6d660928ac93b82ae3d10ff9189552ce81103cb648ac2
068335815f64176b3dbf8b58dab7c113ddd25ef25d4c99fc42642e6c7eb41319
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
074fcfaa09a6b7dc4b148a9309a7f2758401d4f2a7a6f5e1f77bc1884c447a6e
078acf0eb1f0bd7721bbfb4d7d738cf781d7c7062a87b8617043bda59abe61e5
07c4a24dfb4e8322b02d4c50ca26552f8e537e7ceb4ab6caf81d54019912a63f
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0942df3240229558c0b38833e12054a5f7d67678c32587e2442eb565d8216144
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0981516c577730d8564c7979c57e070fdee4460069c7134dffe822c98a2585c9
09b41b1570671ffa32ab763f4c19fdad5eb204af1dde0e09777255cc3a7e72d3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c94ed746dee27f0e562e038e5339fb3c68a4013b97bd30312aa2c07738c5fae
0cdb625be8932038d96359727ee58accf265965c61204a84507f96a8baa749ad
0d3c1f814f69a2e74128fa99dcd8b3624f1b91455ecdf0272f80c77e4a00aac0
0d4bb51367f4e802fbe75ddac3b05ea5c0602f0a6894c3b128c38797a282a6e6
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
11990f600da31f192b894751f580ad5041b67c476a743c8328ba1030bde29b38
1231c2f94de99cb9919bc79218c891ce9063e20787bc82524bb4b0bfca8b54ef
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139783d2aa01dec67f0eb6722276ad3f2aa6be989e2c608d2c030333c5723f76
13c96650b7fd3a5d48dce9621ba1ac5b7aa91be6dbed4b7fba7f4041e3d5e8a9
144b09afe5a22538ac206fac5faf52b0fe527db9f9903ca2a319ff8e8027416f
15131d846612eaa69f53a8be47bab0293f9aa4ee956e010ed7dac03133d78f7b
156294a0737c30526cdfb228f1f263667eee642ced0ba778402fe6fa067a1f84
16a175368bb28caafb3b81a9c8432a2722a65e6101cc1c3a00e8277c1a5f1cd8
1764ee79f2be05e9ff5e3d4a6d4725cd6052e8408f89758404980fa03113eba5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cb5f921a196735755fff37300224009177e92487db12f726e5f6e4269113112
1cf6dc70cdfa2e9adb27fa530277693c31106ebf0dcf907f51c12ac3a45f25ab
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
21056f2ba4990f31d0f7f5757986eb674f84dd9f10ebb7b5675e41d3e76c8cbd
2186672b3c26c6fa624229806fc7eb1ecdf0dce7f738b8641b8ff58ec3a22f80
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
236df3a5edf4170b4253b1b4ce512f21c0fa334d03066c8c4b96b11750ab7196
23b06070078b245ad9d9d6d0ec0cb6d2bd5e46cb3ca592ebe868f0120c7b3b7a
24d3345526f5bb7cdd3e21a689dfe8ea413e989f45fc964b86ca03554e684bae
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
254a9c3b8a080b4963fca2c9bd72ae30b3ae0998859b307cfe8d669b1bfbf1e6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
283311f8bbd5d059014bd511103df64d7ad8c80d7731f2ae520cf57aaa31fdc6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29cd3c65033b0c80ac2ba10920efef736ef7cdc6f76dc65da624a57da83fe812
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2cf054fca1ce216deb2a85473dd8565ddc023b55fc0a17614c44d555621e3300
2d94e308762dd197a2a7cb5a5b68f4d3183262880c19cb18f4f74253f3ef0027
2e6997ea38778c1d523c76dfafb8510175ebbaefe3b4f4806ae27dfff52435fb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30077e599842195e23d382b85dd6d3ab8bbb43bf3bfb2529422dc6e970bf6632
30098e53de529cbf8100997a1e95c0e4ec902ef970258be902d1a7815f574969
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33528256aebe967ab4f7497afc18f3506b531bac8f46f881412fb89078446b6d
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34874ea526f056fa72a0030ba669a74b4d6d988757a19ea29e448370728014b9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e5e9e475967a3605053f98f911272c028a66f53a1ef4c21aa6727be93325fc
38a94682655a67eb6c5de40eb7f94a7c3549337990067bbc8e4a9d2162669a00
38f2bf8acd3f54857821465c16527f8b91dde5b53664eb0cc4fec5347e477739
3a418187250668e8d2c5fd8d4a34217334a7c3ce4c69bd9250b3705c61eab5c1
3b8185d7ec2dd6fab1d738ecffcd78f3a09f3b027115bf918926adec3fd4940e
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734
3d31905c9b5d16be2ea4fde8b9db9f47856d28929840cf23610b942f8970de29
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d68a09735adce584338f7bcfc5385124336a9d99a5160b3e41ea76568348c51
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec1b64c8aa23846f22b1c633f0a6f838b35b21702e8b8b964f1735d5952ae53
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
406c49b17460cca9a44e091dd579f2100e2b4d0a9f469a3b6dd3c223cf043aa1
40d5c6d31376c8c952e2ca6d4c78aa717bff53ee6338a47c9851ba8e9edbbf20
4378976cfe4f31e037f063fd8271f2962ac834ef8f339782a42487e1329cb03f
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4878edac178fe5c6000e020e0b8142a20c3316626e7d3bb87c33c5be432ccdd8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
49fbfc6a57558e765578a03bc70429c13f7ba5e099aa1a67891f83392f19cb55
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cba1a14b8728cc0d32c9c912622445fe4d7b0d796b8a309c5aea7c9d9b017db
4d19cbf82da272e08172c95bf983fe66e9991e8f7c5f41149f46bdedb91a70f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557a1b84866897f8ebc26d057855c727fe0ef814c60b6c64709990fb41d91152
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564d2222eeccbc1820ea8d052c223170ab6910016d2f83a1a1059a6cb3d8fcae
56f73ef7decacc7b040b8b1126f106179053d9fece85040eab80b1b980c0bb76
574016c3a1297c02a9c81814f4a0cae4f99e612995fef293ff6389dd6273e8f9
5a0321d16b0ba20c7d478408d0f76a9cfa3e14871148cbd5f0392fbaf8dd3247
5a7a9ce16d183fb8fdab3c65b4ac7b84b7c332b2ee7246d9e62f39cb7e4991dc
5ad2ddd3f54551337d7b6670c33d98f0b479de67596d518cc081301643940885
5b2ad715a94a22215e640ebca43112b02cd980a0f1e082b123540eaab6facf48
5b9eba0ff18556f6b4771b158aa3afaa00b0c2778895102b0308885e3d5177da
5bd0d97e4b880ff59b7f26996b82333edd6016e6ffbbf08143c04a69acffea28
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
5e9fc483b5d1c2af629329618ed4dabe2738ba056dab01f879b4da41814b4253
5eee02570b994288d1000bf651959697732736812c896954239e2c91add0bf8e
5f223a0f142c29d39e22026d57a4a25283db9de1d5419a4068fa8102fb3eb18e
5febc78e7f162c18af041363088c5b326002ce66f254bd5f3ac7111beb33348d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b43f67bd583bc72913d7792388b83ad64c5d8bec60d54d5b589e0284392c9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62aa94fbd97858cdc382c78a9b3ed6620c00d4c6649b18da9e32614acb248f14
6310787b5d8759bb95f242a38f62f6c2bd4504555ad5657e79bf7ac8b75fe4c7
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
65d28b64e60cc999f7a2dd26dd76acb69e3d4b8e63aa077c274774df8b141cb2
6600c716db5430eff37c4e26b9125cd8dcedc4b7b16e5fe5aee4b36802461ac3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664202f9c09652a722daec7d21973cde28957ea4641a54a2be05715aac038edb
673f6dcd91e477b40f31a45218dc5b5d32d20b3c0664f39c2dbfefa63d5d6289
67a2bb8cbfdbe196890a798be0a3ae1efd8ed999d8d3c556bf2f0bb5d4a16939
68233e3b03375c5a76d68ab06c296bce4fcbf64b989a6c02d619bd89d1f5b1da
6912502efc2e87be3756651a37c02a145d9a5db4871b19d6d3e240c34dc68392
69bb340f96cbd9584e70542b0de787f44bc473b21c078a7716921cca0cb664f0
6ab326549c743a2119e94d398e27a27ccb70b38f8cc512637eb83ea5cfea2685
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
6b565348b5f2de06d7fa7a51eb85254a246fe5beb632ffda59150edca5928bf5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c44ab205f95e31883356ff07356a6a5f1ffd1a0fe8d7ae28b89ac1755899e38
6de5b140391b4a7c019c0da98eab0bd598a12f3c783d48b5caf4cfd6076f5cb5
6e287704d18c46e8ab000c9c44f0b71ed7f2e0c5b45fe16bc429ce960977a4d8
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
6f98e801db152eb8b478fe8e954abb6764c5e6b1ac3d3740c1ecaa94090bcea4
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f
74c1636b92eb3f79f96c20deb13a11322e7b0108184f45836072ae901fd1cb93
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
765afe2f6054948440805c509a94a644dfd7c4d79e1c5bce5aee814b11b91f33
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
796b2993b1857f8986427a687f3db731e4292e3b073346f2a8d5beda4cc98035
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754
7b9f6c3e0e65e7f2462bea66f011f7c7d024ad96c1c01595df7a26bdd561f2fc
7c78091e70e8c290ce7283b169b6858a218392c6ee45fbc021e09114eb0984c8
7db4555daadf0692f3c2b687a5a49c6b3b80996ca63712d3ead1d48f51b63952
7e21165340a76c4c585350c2fbd8b9919f988fd450577eabecdf6220d3694c7e
7eddcc90ca61e6537fa57a01c9623d71eab1b35987572af9014d914bc57f62b8
804d6c78c2da5437b8b8885b577965a5dfcfaa1e5a78b8d81a8e29ccabf647cf
818829c7d0ce7605650b09a07ec00e18bac80f4a183b15d3203c3879b4d455b0
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f292f58df7bb6eaa3856a2c083cfd25218b6cecd5e8abaf1449f5c08d9ade
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
865e87de4650b965bda7982e448b9c30a7f71734c9dadb5683937f0616ab996d
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
869cbfb17183eeee3ab0288fe71fcad2edce039b1e927f797605bfc00dc9f6df
86d7d3b4c9687a1a650bed3081b1a9d61b20c59c3c112a41dc0dc984bb70c8dd
86e16fb245aae27d53603d1af20bf5be4121069306151328e5be2d93e9229de4
89009591e8e20e31325ae0604d1bab6f907b314d27869b887de9a86d1582544a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b654c0263edc4cbee793a173f18b1824a0af313694e0c652b7b2b5c229b1039
8bbb20c061450a9b4aa408dd6eb27c487325992874afe87102876dcfbef54090
8e1b7a7252904cc3a7c978b8b501cc4ce55f5e104c9764726d29737213533884
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90330951e486dd4303a83f369db490420782093ddeba680cc36e97744de4fd42
904cb51061fb08cdf8aab6293cc564ad3b6f60644af87aafee36c7cfcfb900d6
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910d529f63f152036ca7dd39b599e376847904bc346a743b3ad411de479428d0
91945f48ec85b7b81c13a32a42dacadd307edf65277f8fe60432034d645bf867
91c45bc690ba35338723b17a0915ea4fa4d6c59d20b7bc53fbd3e72f0eabd2c4
91d2fa1a71f9df46a7ed5a1a70dd0166fb5a0d9f8bb47cdbd9cec73df3321826
92902d3258e612b58595945ceed3194e1e8bf195eb9dfa3fd8b6eee11b8b9f1c
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
94430051fecb7f1362eb51467b7d81a77579127b919430870598b12b803fa9a0
950805d18927e26e0dffb81c66b25bbe4b3aad17076bfff48c4664b3b5d5088f
964a31d9e0b9afea87c1144813d51f5f2e24608a8673b60f983c76e7cfc8c4a3
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
9784e67bbb57893bd3f92b9bad6403be0de0b8cccfa003a8773844c51d344175
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a96e03619c5d753a1a454def5342ba9e3d99f5bfb3904ca1aed91fb1a8eedae
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b47c0f6eb9dd02ac967ace134e45f7730fd044ab0f43067cfc6edc88f97b413
9cdc2149ead7ab7ab157554f351697ff48fc4894dfe107b10d883ffba37130eb
9d5788166f3467ba82a68dcdf4a236eff897fe4fbb7a80d3bed426d008a3fb85
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1382f96d609238995339639051b4306f6ac8fe4e22db3b3197fbac6390695a6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3da958535a6188b8270a226a4602561a9e6bcc0fe31a5b7ce735b84de07226a
a4807215fd2995c7d65ebb189e4e623a787d69f1b30637ca28ea70b22eae040c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69ec1986f8dd30d2b8574a20aa273f01a17c6616cbd10d71145380f776caab5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a815f1c740bfce3843f88c05c8e21971eb9a12aa929ad77e0dfaf8ff6930d331
a8ab0d2254b9074f12bce5c66bd1cee09ea56c54204c7d901eda940df28f3cd4
a9e0595cd3681dde084b2aff1f2b8c73284a771ce5cc012aa376c9ca41d8daf3
a9eecf41513b97d5590668384112bc961ba71eb372afb5cd07caee94dc366642
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4c1bf482edfe99f78f4bbadd8edf7303cd1b32a32b42d6262a65a6bc28eb21
aadde487990736269c60912b1312cd9cd7ed8f5e990ac6be382588e93b076f7f
ad4e600d8a725ae09cf13dcb37db0e1eba3270d10c2bd3872509005b08be7891
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
ae1a8a0ab42556f9c10c7f2a09ccd2aca7a25d53b62c923c2ccab19c0adacca0
ae22c6869c91312b5361930ac0e1cff89cb54b6a3eec5d7bc4a913e8831b1028
ae2cc6759776cc50322ffef2d0f7b924f0cdca42bfd6dc4f79a12ffc6941416f
aecf54f553dbd2c3f30a385daea41f8107c8747919da999df0e8385d3f66ce5e
aef5c0f6b5a129dfcc74f7db48a29c897edbbae0c718a5a146b7f31ed927731e
af35e2cd67ed585f7d12b4b001e933defc926a1d7437b9b2ed7d7a3bddea93c4
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218
b07d7e00ccc63d2aba31ead58e4f755904e25be3e11afd9550584129c1c7920c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b196efd3e54ca3465cefb38e3889ccb523e0487a804ddc8c274fb504fdd1c5bb
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
b3ce230f195e0c8670c48296a9c1c03ae1a9697bfef5d2ec350ee7612fefae24
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
b4df95e697a914a5cadcb45be0a57acf92b616b83826455bfc64b97878a9b488
b83141b3bbc5817667e68a41562ace97919d4b37f8d7f75b496c77ad803f8547
bacfe93b6ae4e987b0a28b23dedf7724f72f283b5d9ac8f554f0854802d03a58
bad13516b3682b5c29e2413ddfa5caf94cf5dcba68759972bf352317d9902309
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
bd8f7aa4b88a9259e46cf7eca97fed8e57a799af629c182a050a40f7b7067201
bdaa753a6b24b5cf7b0b17690a96da2385bd6bac6e5b93997119a29194ddc50a
bf9d616be882ed755fb33304dcf7327f6940f17a23dfcb0eda1ba5144983041a
bfee667e4eae4038f7259c8323a749118b7029797d76895330f1fc10a6104ce2
c0ade8fb305e9d51a67a73ac65062eab29e12bf1947a5293de84710eece0fd7d
c113fb4c2b0fe64c41990996fd20afed088fac3a50f0f67c7ab512bfef5bec64
c13d7a15a72cbd1dd8202afde3b5d7789e58273e9dd8c204a7e717b1f625649e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33a27297bca539137c87262176cf320249e5515ee2616f21d80652ea6e5463e
c3ba6bf7c29cfae74fbfe7f5250fe1ffb2c92ee3c2f89f868558129e3c2080b7
c477d8b5a35da2af36f604ec8436217ddac42aa5707d994a86ec5cac09ab20fe
c4d4a367ae7d2a75f1bf08a0d75ba2eae23a1e7d1779a908f9c44da98ef9cfce
c5739c91ef36dcfeba5404513d2a8895e3d61cf6e89a889bcfeb9cb1fae231e7
c57428d27c947f2549a0c55847fcdc4eb1dcb89ab8036e25591440006f93684d
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c8892249971bdeb47e5af551f995d2a42df14315e88c119366e1cc9d5ca7f958
c8ef4d58d93f3e7428d78f75d7138eab8c6483866902ccd7362bc083f201c97a
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9f9d427de421ae02ac786708a294abbe02405956da26d05c9baa56115288083
ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737
cb8f2330bfb92a365ac0af8fb0be2313de8d8fe15ef5438041695dd5294e19c1
cc76c3d401772fbff3ebba1ada6f0d389c8ea229bd3c32c06ec33b760ead52fc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfddab1b205cee06e2f9d5626e92cc0e3ea758ab03bd2aa009e664b2c99b3a10
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d175775d8fba5ca4f3c899fdd350bc340e8fa0ee15a2ec093d03e930bb4f6c55
d2f01b509b8cf141d0ed1965597e282937cf62f2d84d420f9619ba359c0da372
d39ed9ec24e0bdbd1d0155c5983a9e05bc335454ee8679b2fd4a2eec3186037f
d593cab2e45b1d4a4f93dca7a1782ebe09cd0434b1ebd42c5ed1b61a484b65d2
d59833a41851d76d046512d4fd600beab28fd505ab7c0bb3bfa5c0caca929e8c
d611225c1969da4432c772917f25fc65b2f38ebd1a06c549a9b3cf2ec3d3f74c
d6848ab53eb2a74de5c745ea77e89a60e55ead109968f47aecf983fe4984c885
da4782202fd7745694c6e8a80352d05f225004bdca743ea1a99c22a54b088d7e
db484fc50a3583537361bb18d6e60b5cef5cc3451b169968efa6b17a5a105dbf
dc8ccf8a6fdf20e70ac1017066e18fb11576f5dff97dcd833faf018d7d0d1816
de0484d3b31a4df5bafe78f3359c1a131c9e80d667d91dea50ee3939fa943de1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3d4524e3d03b5cc722f7962b9a82b538e08aa42e6f681c43b95e903adac838
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0034c68a36afacd7a8c6954e62654fd527a3b56c8baafcf36e79be725400884
e07e0fea640bd99b0f910d70c9c574604dd556a50f84ac9a2d1c05060c8d02ce
e0bb6f72ccc32af59e787e4f549a1d0ff5040e5bea27fd71c297300369c6b3c8
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e1c0f37e00b9045caa382b7295e6072c5ff2378889d10b81572dfb8911d7b24c
e268c806756ea8aec9f0d9e9e20e99c07c04d65eff4b46c6c199e379090000e1
e2996148f2242bddaaaeac8803eca4b26bb8bfef47982c4422d3a9bf8b1c188c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dc078206236d9f38b15ba28555b948847d0c045a8bdb85a51d82f90321262a
e4025451c52653345965cfb784b162b7cc1608b348c1b7c67e894144e3ae12b0
e40e980ed03ebcf6cd467fe89fe822f750cfd682ba8d45dbdc740a9ff61fb0b3
e55718ce29c2c658c3fe1e5d6660b9239e92501dd50607a6bed06ffce40cf355
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e70b863d5e81ef9fb2f0c821a4c07077a142f192f9c21e820d2054d5dd3ac5e8
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e92cafee3154b49923807019a0450b5a82b36253f7155d3adc55070c96332c42
e9bd68c156d98474886463fb4ef9671f08f59f9232cde1f79f007d8758ae4487
ea32ea155bcf98383b2ec26207f42c3de1de30be3345f7dbdaf02847c5935f67
ea414e347d3a4ff09a98d31bc0a0a18d68e0d55594359b0342393b5c72f6a058
ea918a4f6a7fded60ae07579a04631c19ad839844cb7e3b0d6c93da9ecace281
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0774d3588c5daef43fef7c92938a924545cd09205b5e294deb38e7dbd4c3d37
f20fec333c5683e1aa2b59379965718b25c4a0e3d3afabed436f7b61d7ba0855
f2442f414bbcb819ea041d84fdc217161221a59f7a8cb7f915c4a1e840543b4d
f2d00db756c2b2b28ca33920ee0692083a940b051c6d63323e369db1df504bad
f305c86f370cf665b6514f783d8608156b0392978175e294a266b553c062e789
f34bc0eb01c4adb4867353d68f20d5ba68030fe45b24b02b22a60035cbfcd5b3
f396193a31d8db9be8f309cd97cb6e15106117000f87ba69546d7534b0922ff3
f6c3d35d4632bfa31d628aa3666da878dae7e5002d70b29db2d5681f2a9a28fe
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6f24eb4863543b4f2f8cfed6d0cbdd4f41e46817c1347b568ec8e80245c0682
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f76a69ea0b6e43a21f48d954f0b9de3e5a68dce97cc2c66f451765a6226961a1
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fa103bb6605b8c1964cbe5826f65856fe6f864a6e47e1911af7a11c90a54ab04
ff2f5515a7b87453d661b2a603ad1b8c67802361461124c90a2237e92bd548e4