www.alqiyady.com Open in urlscan Pro
104.17.4.60 Public Scan

URL:
https://www.alqiyady.com/
Submission: On August 01 via manual (August 1st 2021, 7:59:06 am UTC) from SA

Summary HTTP 248 Redirects Links 88 Behaviour Indicators

Summary

This website contacted 81 IPs in 14 countries across 76 domains to perform 248 HTTP transactions. The main IP is 104.17.4.60, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.alqiyady.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time www.alqiyady.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.17.4.60 104.17.4.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	2606:4700::68... 2606:4700::6812:18eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:75b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:49c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 3	51.195.5.38 51.195.5.38	16276 (OVH) (OVH)
1	13.224.96.116 13.224.96.116	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	13.224.96.67 13.224.96.67	16509 (AMAZON-02) (AMAZON-02)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
10	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2606:4700:303... 2606:4700:3033::6815:5473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 11	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
2 14	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.96.22 13.224.96.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:bf92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 3	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
10 12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
6 6	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
4 7	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1 19	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	2606:4700:303... 2606:4700:3033::ac43:dcda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
6	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	3.213.248.174 3.213.248.174	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1 1	2a00:7c80:0:1... 2a00:7c80:0:120::2	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	2607:ae80:5::49 2607:ae80:5::49	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2a05:d018:24:... 2a05:d018:24:b001:cff3:ca6f:14e6:5ad7	16509 (AMAZON-02) (AMAZON-02)
2 2	52.18.85.49 52.18.85.49	16509 (AMAZON-02) (AMAZON-02)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.107 89.163.159.107	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.28.96.148 52.28.96.148	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	52.51.35.200 52.51.35.200	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.70.197.1 52.70.197.1	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
1 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.170.215.80 54.170.215.80	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.30.92.119 52.30.92.119	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.104 13.224.96.104	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::681a:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.158.29.12 51.158.29.12	12876 (Online SAS) (Online SAS)
1 1	3.124.169.141 3.124.169.141	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	52.4.51.239 52.4.51.239	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.233.75.25 18.233.75.25	14618 (AMAZON-AES) (AMAZON-AES)
1	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
248	81

5 104.17.4.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.alqiyady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2606:4700::6812:18eb (United States)

ASN13335 (CLOUDFLARENET, US)

alqiyady.awicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:75b (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:49c2 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.7awi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.195.5.38 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-116.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-67.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::6815:5473 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.172.36 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:bf92 (United States)

ASN13335 (CLOUDFLARENET, US)

s2.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.49 (Frankfurt am Main, Germany) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.164 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.48.137.92 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:dcda (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.rtbsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.178.65.245 (Woerden, Netherlands) 3 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.213.248.174 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.146.39 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7c80:0:120::2 (Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ufo.approximity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:5::49 (United States)

ASN26558 (FREEWHEEL, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:cff3:ca6f:14e6:5ad7 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.85.49 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Bellagio, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.107 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.96.148 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.35.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.197.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.215.80 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.178.82 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.92.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-104.zrh50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.169.141 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.51.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.75.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	awicdn.com alqiyady.awicdn.com	797 KB
26	rubiconproject.com 5 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com	49 KB
19	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	5 KB
16	e-planning.net 3 redirects ads.us.e-planning.net u-ams02.e-planning.net s.e-planning.net sync.e-planning.net	19 KB
16	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	137 KB
13	pubmatic.com ads.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	30 KB
13	casalemedia.com 2 redirects as-sec.casalemedia.com ssum-sec.casalemedia.com ssum.casalemedia.com dsum-sec.casalemedia.com	22 KB
12	adnxs.com 9 redirects ib.adnxs.com secure.adnxs.com	9 KB
10	adxpremium.services rtb.adxpremium.services s2.adxpremium.services user-sync.adxpremium.services	11 KB
9	adform.net 5 redirects c1.adform.net dmp.adform.net cm.adform.net	4 KB
8	crwdcntrl.net 4 redirects sync.crwdcntrl.net bcp.crwdcntrl.net tags.crwdcntrl.net	15 KB
8	yahoo.com 4 redirects pr-bh.ybp.yahoo.com ads.yahoo.com ups.analytics.yahoo.com cms.analytics.yahoo.com	5 KB
6	quantumdex.io sync.quantumdex.io	3 KB
6	tapad.com 5 redirects pixel.tapad.com	3 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net	2 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
5	audrte.com 2 redirects a.audrte.com	7 KB
5	google.com fundingchoicesmessages.google.com	98 KB
5	alqiyady.com 1 redirects www.alqiyady.com	28 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	mathtag.com 4 redirects sync.mathtag.com pixel.mathtag.com	2 KB
4	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	2 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	942 B
3	sonobi.com sync.go.sonobi.com	1 KB
3	richaudience.com 1 redirects sync.richaudience.com	556 B
3	openx.net 3 redirects rtb.openx.net	784 B
3	gstatic.com fonts.gstatic.com	132 KB
3	criteo.com bidder.criteo.com gum.criteo.com dis.criteo.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	id5-sync.com 1 redirects id5-sync.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	eyeota.net ps.eyeota.net	2 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	bluekai.com 1 redirects tags.bluekai.com	650 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	843 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	791 B
2	sitescout.com 1 redirects pixel.sitescout.com pixel-sync.sitescout.com	479 B
2	rtbsrv.com 2 redirects dmp.rtbsrv.com	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	883 B
2	connectad.io cdn.connectad.io sync-eu.connectad.io	935 B
2	criteo.net static.criteo.net	53 KB
1	adentifi.com rtb.adentifi.com	88 B
1	adgrx.com cm.adgrx.com	408 B
1	turn.com 1 redirects ad.turn.com	425 B
1	onetag-sys.com onetag-sys.com	823 B
1	sharethrough.com 1 redirects match.sharethrough.com	238 B
1	cookieless-data.com js.cookieless-data.com	367 B
1	deepintent.com match.deepintent.com	44 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	214 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	382 B
1	theadex.com dmp.theadex.com	378 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	361 B
1	taboola.com trc.taboola.com	161 B
1	approximity.com 1 redirects ufo.approximity.com	280 B
1	admanmedia.com 1 redirects cs.admanmedia.com	428 B
1	dotomi.com prebid-match.dotomi.com	104 B
1	navdmp.com tag.navdmp.com	4 KB
1	simpli.fi um.simpli.fi	610 B
1	de17a.com d5p.de17a.com	134 B
1	rlcdn.com id.rlcdn.com	42 B
1	admixer.net 1 redirects inv-nets.admixer.net	484 B
1	brealtime.com biddr.brealtime.com	1 KB
1	indexww.com js-sec.indexww.com	1 KB
1	googleapis.com fonts.googleapis.com	3 KB
1	emxdgt.com hb.emxdgt.com	160 B
1	lijit.com ap.lijit.com	633 B
1	creativecdn.com prebid-eu.creativecdn.com	178 B
1	7awi.com ads.7awi.com	1 KB
1	adxbid.info adxbid.info	76 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
248	76

	Domain	Requested by
60	alqiyady.awicdn.com	www.alqiyady.com alqiyady.awicdn.com
15	mwzeom.zeotap.com	ads.pubmatic.com ads.us.e-planning.net
12	cm.g.doubleclick.net	10 redirects
11	ib.adnxs.com	9 redirects adxbid.info spl.zeotap.com
10	fastlane.rubiconproject.com	adxbid.info
7	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com ssum-sec.casalemedia.com um2.eqads.com
6	sync.quantumdex.io	ads.us.e-planning.net sync.quantumdex.io ssum-sec.casalemedia.com
6	pixel.tapad.com	5 redirects ads.us.e-planning.net
6	u-ams02.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com
6	sync-tm.everesttech.net	6 redirects
6	token.rubiconproject.com	4 redirects ads.us.e-planning.net
6	match.adsrvr.org	3 redirects ssum.casalemedia.com bcp.crwdcntrl.net
6	eus.rubiconproject.com	adxbid.info eus.rubiconproject.com ads.us.e-planning.net user-sync.adxpremium.services
6	rtb.adxpremium.services	adxbid.info s.adtelligent.com ads.pubmatic.com ads.us.e-planning.net
5	a.audrte.com	2 redirects ads.us.e-planning.net a.audrte.com
5	c1.adform.net	3 redirects ads.pubmatic.com ssum-sec.casalemedia.com
5	fundingchoicesmessages.google.com	alqiyady.awicdn.com
5	www.alqiyady.com	1 redirects alqiyady.awicdn.com www.alqiyady.com
4	s.e-planning.net	ads.us.e-planning.net
4	ads.us.e-planning.net	3 redirects user-sync.adxpremium.services
4	spl.zeotap.com	1 redirects ads.us.e-planning.net spl.zeotap.com
4	sync.crwdcntrl.net	2 redirects bcp.crwdcntrl.net
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	dmp.adform.net	2 redirects spl.zeotap.com
3	ups.analytics.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	sync.go.sonobi.com	ads.us.e-planning.net sync.quantumdex.io
3	sync.richaudience.com	1 redirects ads.us.e-planning.net spl.zeotap.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	ads.pubmatic.com	user-sync.adxpremium.services ads.pubmatic.com ads.us.e-planning.net
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	pixel.rubiconproject.com
3	sync.adtelligent.com	1 redirects s.adtelligent.com
3	rtb.openx.net	3 redirects
3	ssum-sec.casalemedia.com	js-sec.indexww.com ssum.casalemedia.com sync.quantumdex.io
3	fonts.gstatic.com	fonts.googleapis.com
3	id5-sync.com	1 redirects adxbid.info sync.quantumdex.io
3	www.google-analytics.com	www.alqiyady.com www.google-analytics.com
3	securepubads.g.doubleclick.net	www.alqiyady.com securepubads.g.doubleclick.net
2	ps.eyeota.net
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	match.prod.bidr.io	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	tags.bluekai.com	1 redirects bcp.crwdcntrl.net
2	aax-eu.amazon-adsystem.com	1 redirects ads.us.e-planning.net
2	beacon.krxd.net	spl.zeotap.com ads.us.e-planning.net
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
2	sync.e-planning.net	ads.us.e-planning.net sync.quantumdex.io
2	dmp.rtbsrv.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	user-sync.adxpremium.services	adxbid.info user-sync.adxpremium.services
2	static.criteo.net	adxbid.info static.criteo.net
2	s2.adxpremium.services	adxbid.info
1	pixel-sync.sitescout.com	bcp.crwdcntrl.net
1	cm.adform.net
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	onetag-sys.com	sync.quantumdex.io
1	match.sharethrough.com	1 redirects
1	js.cookieless-data.com	s.e-planning.net
1	tags.crwdcntrl.net	s.e-planning.net
1	secure.adnxs.com	ssum.casalemedia.com
1	match.deepintent.com	ssum.casalemedia.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	secure-assets.rubiconproject.com	1 redirects
1	ufo.approximity.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	prebid-match.dotomi.com	ads.us.e-planning.net
1	tag.navdmp.com	ads.us.e-planning.net
1	pixel.sitescout.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	sync-eu.connectad.io	cdn.connectad.io
1	cdn.connectad.io	user-sync.adxpremium.services
1	ads.yahoo.com
1	id.rlcdn.com
1	s.adtelligent.com	user-sync.adxpremium.services
1	inv-nets.admixer.net	1 redirects
1	biddr.brealtime.com	adxbid.info
1	js-sec.indexww.com	adxbid.info
1	gum.criteo.com	static.criteo.net
1	fonts.googleapis.com
1	vars.hotjar.com	static.hotjar.com
1	as-sec.casalemedia.com	adxbid.info
1	hb.emxdgt.com	adxbid.info
1	ap.lijit.com	adxbid.info
1	bidder.criteo.com	adxbid.info
1	prebid-eu.creativecdn.com	adxbid.info
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.hotjar.com	www.alqiyady.com
1	ads.7awi.com	www.alqiyady.com
1	adxbid.info	www.alqiyady.com
0	global.ib-ibi.com Failed	bcp.crwdcntrl.net
248	114

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
telegram.me
www.youtube.com
flipboard.com
news.google.com
www.pinterest.com
nabd.com
www.tiktok.com
www.7awi.com
share.flipboard.com
pinterest.com
www.linkedin.com
www.layalina.com
www.ra2ej.com
www.arabsturbo.com
www.sa2eh.com
www.tajuki.com
www.uaemoments.com
www.babonej.com
yummy.layalina.com
www.bashartek.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-06-06` - `2021-09-04`	3 months	crt.sh
sync.adtelligent.com R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
ads.us.e-planning.net R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.e-planning.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
js.cookieless-data.com R3	`2021-07-23` - `2021-10-21`	3 months	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.eyeota.net R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.alqiyady.com/
Frame ID: 81E7FC4E5B39E9782D654476AD76ED04
Requests: 105 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 12B5CA86A5A5577043B4472372DEBCCA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.alqiyady.com&gdpr=1&gdpr_consent=
Frame ID: 229F1AEAE9D018CF014BFF0C86A65F5C
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: 4FBFA3915E5FE7C4688332896417517E
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FE7872860F072FACC0EAC96AD59234AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2420715ADBE3991E76A2BFE1795A4195
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: ADBA4D978B4CC144F14C7FED2CFA67B5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.alqiyady.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 95DBF7465869D0F3B0E8717EDCA9114F
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 3A083E35BCE1FF36E6F60D1E6D5A1524
Requests: 4 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: E29273EC98E2A7D71A4A49B4E87055CE
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 4F02C919DE300D312DE6CEEBD32C5D82
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 24597FA213CB3C8452C50DE0A49F422B
Requests: 14 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
Frame ID: 88AB4D6D69C915F9A13E64F417F11BBC
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: D2429F869F8211A06E2845F9A47888E1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 14B9AAE1C264CDABCE5E651260B03CA1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
Frame ID: 968ECED53616552271915A72A9BD5886
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: A21DC1CBC8B8B6D7892F5F1EB39B2AF7
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: FEB51E12A44747CE7F0F27957B03AD35
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2aca222944abde81%26uid%3D
Frame ID: 0FA206675B6594439D0B0705DCA6B2BF
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Frame ID: AE2865F50FE7AB7ED4691AA69B00419C
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&cmp=0
Frame ID: E9AD77327B0AB3B9B67BB0D2B64DDA8A
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 816B5A236C74F70E0091F986AA128CAF
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 87B73CF0860807A9B60AEB4DA3CC3373
Requests: 8 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup
Frame ID: 2DA16FEE0BC3BFD052CE727E75D18060
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C2F549FDCFA24866A4EE3B30E30DD9FA
Requests: 9 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 6FB6EA3C4D0FF80A3932350C3F9D8771
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: FE730F3C03A110D9ECB01162F77B59BD
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 8BB5C95A7BD629EEE2B85BA32C038AC6
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Frame ID: 20966543B2DE8EBB3E4A1039FA60EB4B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 924D7220798633552238FF4104213A5B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

248
Requests

100 %
HTTPS

25 %
IPv6

76
Domains

114
Subdomains

81
IPs

14
Countries

1588 kB
Transfer

3377 kB
Size

6
Cookies

88 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/Alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/alqiyady/
Title:

Search URL Search Domain Scan URL

URL: https://telegram.me/alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://flipboard.com/@Alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMMSFoAkwp-pv
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/alqiyady/
Title:

Search URL Search Domain Scan URL

URL: https://nabd.com/alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@alqiyady
Title:

Search URL Search Domain Scan URL

URL: https://www.7awi.com/alqiyady/
Title: عن القيادي

Search URL Search Domain Scan URL

URL: https://www.7awi.com/#contactus
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://www.7awi.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9-%D9%81%D9%83%D8%B1%D8%A9-%D8%BA%D9%8A%D8%B1%D8%AA-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D9%82%D8%B5%D8%A9-%D8%A7%D9%84%D9%88%D9%8A%D8%A8-414629.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?app_id=374520239274593&link=https://www.alqiyady.com/%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9-%D9%81%D9%83%D8%B1%D8%A9-%D8%BA%D9%8A%D8%B1%D8%AA-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D9%82%D8%B5%D8%A9-%D8%A7%D9%84%D9%88%D9%8A%D8%A8-414629.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_messenger_sharing&redirect_uri=https://www.alqiyady.com/
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D9%81%D9%83%D8%B1%D8%A9%20%D8%BA%D9%8A%D8%B1%D8%AA%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85:%20%D8%AA%D8%B9%D8%B1%D9%81%20%D8%B9%D9%84%D9%89%20%D9%82%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D9%8A%D8%A8&url=https://www.alqiyady.com/%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9-%D9%81%D9%83%D8%B1%D8%A9-%D8%BA%D9%8A%D8%B1%D8%AA-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D9%82%D8%B5%D8%A9-%D8%A7%D9%84%D9%88%D9%8A%D8%A8-414629.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25A7%25D9%2584%25D8%25B4%25D8%25A8%25D9%2583%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585%25D9%258A%25D8%25A9-%25D9%2581%25D9%2583%25D8%25B1%25D8%25A9-%25D8%25BA%25D9%258A%25D8%25B1%25D8%25AA-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-%25D8%25AA%25D8%25B9%25D8%25B1%25D9%2581-%25D8%25B9%25D9%2584%25D9%2589-%25D9%2582%25D8%25B5%25D8%25A9-%25D8%25A7%25D9%2584%25D9%2588%25D9%258A%25D8%25A8-414629.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9-%D9%81%D9%83%D8%B1%D8%A9-%D8%BA%D9%8A%D8%B1%D8%AA-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D9%82%D8%B5%D8%A9-%D8%A7%D9%84%D9%88%D9%8A%D8%A8-414629.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%81%D9%87%D8%B1%D8%B3%20%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D9%85%D8%A7%D8%B0%D8%A7%20%D9%8A%D8%B9%D9%86%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D8%A7%D9%84%D9%88%D9%8A%D8%A8%D8%9F%20%D9%85%D8%A7%20%D8%A7%D9%84%D9%81%D8%B1%D9%82%20%D8%A8%D9%8A%D9%86%20%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D9%88%D8%A7%D9%84%D8%A5%D9%86%D8%AA%D8%B1%D9%86%D8%AA%20%D9%83%D9%8A%D9%81%20%D8%A8%D8%AF%D8%A3%D8%AA%20%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D8%A7%D9%84%D9%88%D9%8A%D8%A8%D8%9F%20%D9%85%D8%B1%D8%A7%D8%AD%D9%84%20%D8%AA%D8%B7%D9%88%D8%B1%20%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%201%20%D8%A3%D8%BA%D8%B3%D8%B7%D8%B3%20%D9%87%D9%88%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%20%D9%84%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%D8%8C%20%D8%A7%D9%84%D8%AA%D9%8A%20%D8%A3%D8%AD%D8%AF%D8%AB%D8%AA%20%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1%D9%8B%D8%A7%20%D9%83%D8%A8%D9%8A%D8%B1%D9%8B%D8%A7%20%D8%B9%D9%84%D9%89%20%D9%85%D8%B3%D8%AA%D9%88%D9%89%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%B3%D9%88%D8%A7%D8%A1%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D9%85%D8%B3%D8%AA%D9%88%D9%89...&mini=true&source=&title=%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D9%81%D9%83%D8%B1%D8%A9%20%D8%BA%D9%8A%D8%B1%D8%AA%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85:%20%D8%AA%D8%B9%D8%B1%D9%81%20%D8%B9%D9%84%D9%89%20%D9%82%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D9%8A%D8%A8&url=https://www.alqiyady.com/%D8%A7%D9%84%D8%B4%D8%A8%D9%83%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9-%D9%81%D9%83%D8%B1%D8%A9-%D8%BA%D9%8A%D8%B1%D8%AA-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D9%82%D8%B5%D8%A9-%D8%A7%D9%84%D9%88%D9%8A%D8%A8-414629.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%B4%D8%B1%D8%B7%D8%A9-%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85-%D8%AA%D8%B6%D8%A8%D8%B7-%D9%85%D9%82%D9%8A%D9%85-%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A-%D8%AA%D8%AD%D8%B1%D8%B4-%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9-%D9%88%D9%87%D8%B0%D9%87-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9-%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87-414616.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%B4%D8%B1%D8%B7%D8%A9%20%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85%20%D8%AA%D8%B6%D8%A8%D8%B7%20%D9%85%D9%82%D9%8A%D9%85%20%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A%20%D8%AA%D8%AD%D8%B1%D8%B4%20%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9:%20%D9%88%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9%20%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87&url=https://www.alqiyady.com/%D8%B4%D8%B1%D8%B7%D8%A9-%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85-%D8%AA%D8%B6%D8%A8%D8%B7-%D9%85%D9%82%D9%8A%D9%85-%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A-%D8%AA%D8%AD%D8%B1%D8%B4-%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9-%D9%88%D9%87%D8%B0%D9%87-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9-%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87-414616.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25B4%25D8%25B1%25D8%25B7%25D8%25A9-%25D8%25A7%25D9%2584%25D9%2582%25D8%25B5%25D9%258A%25D9%2585-%25D8%25AA%25D8%25B6%25D8%25A8%25D8%25B7-%25D9%2585%25D9%2582%25D9%258A%25D9%2585-%25D8%25A8%25D8%25A7%25D9%2583%25D8%25B3%25D8%25AA%25D8%25A7%25D9%2586%25D9%258A-%25D8%25AA%25D8%25AD%25D8%25B1%25D8%25B4-%25D8%25A8%25D8%25A7%25D9%2585%25D8%25B1%25D8%25A3%25D8%25A9-%25D9%2588%25D9%2587%25D8%25B0%25D9%2587-%25D8%25A7%25D9%2584%25D8%25B9%25D9%2582%25D9%2588%25D8%25A8%25D8%25A9-%25D8%25AA%25D9%2586%25D8%25AA%25D8%25B8%25D8%25B1%25D9%2587-414616.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%B4%D8%B1%D8%B7%D8%A9-%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85-%D8%AA%D8%B6%D8%A8%D8%B7-%D9%85%D9%82%D9%8A%D9%85-%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A-%D8%AA%D8%AD%D8%B1%D8%B4-%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9-%D9%88%D9%87%D8%B0%D9%87-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9-%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87-414616.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D8%A3%D8%B9%D9%84%D9%86%D8%AA%20%D8%B4%D8%B1%D8%B7%D8%A9%20%D9%85%D9%86%D8%B7%D9%82%D8%A9%20%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85%20%D8%A8%D8%A7%D9%84%D9%85%D9%85%D9%84%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%D8%8C%20%D9%85%D8%B3%D8%A7%D8%A1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%B3%D8%A8%D8%AA%2031%20%D9%8A%D9%88%D9%84%D9%8A%D9%88%202021%D8%8C%20%D8%A5%D9%8A%D9%82%D8%A7%D9%81%20%D9%85%D9%82%D9%8A%D9%85%20%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A%20%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9%D8%8C%20%D8%AA%D8%AD%D8%B1%D8%B4%20%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9%20%D8%AF%D8%A7%D8%AE%D9%84%20%D9%85%D8%B1%D9%83%D8%A8%D8%AA%D9%87%D8%A7%20%D8%A8%D8%A3%D9%81%D8%B9%D8%A7%D9%84%20%D9%88%D8%B3%D9%84%D9%88%D9%83%D9%8A%D8%A7%D8%AA%20%D8%AE%D8%A7%D8%AF%D8%B4%D8%A9%20%D9%84%D9%84%D8%AD%D9%8A%D8%A7%D8%A1%20%D9%88%D9%85%D9%86%D8%A7%D9%81%D9%8A%D8%A9%20%D9%84%D9%84%D8%A2%D8%AF%D8%A7%D8%A8%D8%8C%20%D9%88%D8%AA%D9%85%D8%AA%20%D8%A5%D8%AD%D8%A7%D9%84%D8%AA%D9%87%20%D9%84%D9%81%D8%B1%D8%B9%20%D8%A7%D9%84%D9%86%D9%8A%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%D8%A9.%20%D8%A5%D9%8A%D9%82%D8%A7%D9%81%20%D9%85%D9%82%D9%8A%D9%85%20%D8%AA%D8%AD%D8%B1%D8%B4%20%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9%20%D9%81%D9%8A%20%D9%85%D9%86%D8%B7%D9%82%D8%A9...&mini=true&source=&title=%D8%B4%D8%B1%D8%B7%D8%A9%20%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85%20%D8%AA%D8%B6%D8%A8%D8%B7%20%D9%85%D9%82%D9%8A%D9%85%20%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A%20%D8%AA%D8%AD%D8%B1%D8%B4%20%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9:%20%D9%88%D9%87%D8%B0%D9%87%20%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9%20%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87&url=https://www.alqiyady.com/%D8%B4%D8%B1%D8%B7%D8%A9-%D8%A7%D9%84%D9%82%D8%B5%D9%8A%D9%85-%D8%AA%D8%B6%D8%A8%D8%B7-%D9%85%D9%82%D9%8A%D9%85-%D8%A8%D8%A7%D9%83%D8%B3%D8%AA%D8%A7%D9%86%D9%8A-%D8%AA%D8%AD%D8%B1%D8%B4-%D8%A8%D8%A7%D9%85%D8%B1%D8%A3%D8%A9-%D9%88%D9%87%D8%B0%D9%87-%D8%A7%D9%84%D8%B9%D9%82%D9%88%D8%A8%D8%A9-%D8%AA%D9%86%D8%AA%D8%B8%D8%B1%D9%87-414616.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%81%D8%A7%D8%B1%D8%B3-%D8%AD%D8%B3%D9%88%D9%86%D8%A9-%D9%8A%D9%85%D9%86%D8%AD-%D9%82%D8%B7%D8%B1-%D8%A3%D9%88%D9%84-%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9-%D8%B0%D9%87%D8%A8%D9%8A%D8%A9-%D9%81%D9%8A-%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-414601.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%81%D8%A7%D8%B1%D8%B3%20%D8%AD%D8%B3%D9%88%D9%86%D8%A9%20%D9%8A%D9%85%D9%86%D8%AD%20%D9%82%D8%B7%D8%B1%20%D8%A3%D9%88%D9%84%20%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9%20%D8%B0%D9%87%D8%A8%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF&url=https://www.alqiyady.com/%D9%81%D8%A7%D8%B1%D8%B3-%D8%AD%D8%B3%D9%88%D9%86%D8%A9-%D9%8A%D9%85%D9%86%D8%AD-%D9%82%D8%B7%D8%B1-%D8%A3%D9%88%D9%84-%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9-%D8%B0%D9%87%D8%A8%D9%8A%D8%A9-%D9%81%D9%8A-%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-414601.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2581%25D8%25A7%25D8%25B1%25D8%25B3-%25D8%25AD%25D8%25B3%25D9%2588%25D9%2586%25D8%25A9-%25D9%258A%25D9%2585%25D9%2586%25D8%25AD-%25D9%2582%25D8%25B7%25D8%25B1-%25D8%25A3%25D9%2588%25D9%2584-%25D9%2585%25D9%258A%25D8%25AF%25D8%25A7%25D9%2584%25D9%258A%25D8%25A9-%25D8%25B0%25D9%2587%25D8%25A8%25D9%258A%25D8%25A9-%25D9%2581%25D9%258A-%25D8%25AA%25D8%25A7%25D8%25B1%25D9%258A%25D8%25AE-%25D8%25A7%25D9%2584%25D8%25A3%25D9%2588%25D9%2584%25D9%2585%25D8%25A8%25D9%258A%25D8%25A7%25D8%25AF-414601.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%81%D8%A7%D8%B1%D8%B3-%D8%AD%D8%B3%D9%88%D9%86%D8%A9-%D9%8A%D9%85%D9%86%D8%AD-%D9%82%D8%B7%D8%B1-%D8%A3%D9%88%D9%84-%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9-%D8%B0%D9%87%D8%A8%D9%8A%D8%A9-%D9%81%D9%8A-%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-414601.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%86%D8%AC%D8%AD%20%D8%A7%D9%84%D8%B1%D8%A8%D8%A7%D8%B9%20%D8%A7%D9%84%D9%82%D8%B7%D8%B1%D9%8A%20%D9%81%D8%A7%D8%B1%D8%B3%20%D8%AD%D8%B3%D9%88%D9%86%D8%A9%20%D9%81%D9%8A%20%D9%85%D9%86%D8%AD%20%D8%A8%D9%84%D8%A7%D8%AF%D9%87%20%D8%A3%D9%88%D9%84%20%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9%20%D8%B0%D9%87%D8%A8%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D9%85%D8%B4%D8%A7%D8%B1%D9%83%D8%AA%D9%87%D8%A7%20%D8%A8%D8%AF%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D8%A3%D9%84%D8%B9%D8%A7%D8%A8%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B5%D9%8A%D9%81%D9%8A%D8%A9%D8%8C%20%D9%85%D9%86%20%D8%AE%D9%84%D8%A7%D9%84%20%D9%85%D8%B4%D8%A7%D8%B1%D9%83%D8%AA%D9%87%20%D9%81%D9%8A%20%D9%85%D9%86%D8%A7%D9%81%D8%B3%D8%A7%D8%AA%20%D8%B1%D9%81%D8%B9%20%D8%A7%D9%84%D8%A3%D8%AB%D9%82%D8%A7%D9%84%20%D9%88%D8%B2%D9%86%2096%20%D9%83%D8%AC%D9%85%20%D9%81%D9%8A%20%D8%AF%D9%88%D8%B1%D8%A9%20%D8%A3%D9%84%D8%B9%D8%A7%D8%A8%20%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF%20%D8%B7%D9%88%D9%83%D9%8A%D9%88%202020.%20%D9%81%D8%A7%D8%B1%D8%B3%20%D8%AD%D8%B3%D9%88%D9%86%D8%A9%20%D9%8A%D9%8F%D9%87%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%20%D8%AB%D8%A7%D9%86%D9%8A%20%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9%20%D8%B0%D9%87%D8%A8%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A...&mini=true&source=&title=%D9%81%D8%A7%D8%B1%D8%B3%20%D8%AD%D8%B3%D9%88%D9%86%D8%A9%20%D9%8A%D9%85%D9%86%D8%AD%20%D9%82%D8%B7%D8%B1%20%D8%A3%D9%88%D9%84%20%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9%20%D8%B0%D9%87%D8%A8%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF&url=https://www.alqiyady.com/%D9%81%D8%A7%D8%B1%D8%B3-%D8%AD%D8%B3%D9%88%D9%86%D8%A9-%D9%8A%D9%85%D9%86%D8%AD-%D9%82%D8%B7%D8%B1-%D8%A3%D9%88%D9%84-%D9%85%D9%8A%D8%AF%D8%A7%D9%84%D9%8A%D8%A9-%D8%B0%D9%87%D8%A8%D9%8A%D8%A9-%D9%81%D9%8A-%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-414601.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1-%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9-5-%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1-%D9%8A%D8%AC%D8%A8-%D8%A3%D9%86-%D8%AA%D9%81%D9%83%D8%B1-%D9%81%D9%8A%D9%87%D8%A7-%D9%82%D8%A8%D9%84-%D9%81%D8%B9%D9%84-%D8%B0%D9%84%D9%83-401740.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1%20%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9:%205%20%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1%20%D9%8A%D8%AC%D8%A8%20%D8%A3%D9%86%20%D8%AA%D9%81%D9%83%D8%B1%20%D9%81%D9%8A%D9%87%D8%A7%20%D9%82%D8%A8%D9%84%20%D9%81%D8%B9%D9%84%20%D8%B0%D9%84%D9%83&url=https://www.alqiyady.com/%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1-%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9-5-%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1-%D9%8A%D8%AC%D8%A8-%D8%A3%D9%86-%D8%AA%D9%81%D9%83%D8%B1-%D9%81%D9%8A%D9%87%D8%A7-%D9%82%D8%A8%D9%84-%D9%81%D8%B9%D9%84-%D8%B0%D9%84%D9%83-401740.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25AA%25D8%25BA%25D9%258A%25D9%258A%25D8%25B1-%25D8%25A7%25D9%2584%25D9%2585%25D9%2587%25D9%2586%25D8%25A9-5-%25D8%25A3%25D8%25B4%25D9%258A%25D8%25A7%25D8%25A1-%25D9%258A%25D8%25AC%25D8%25A8-%25D8%25A3%25D9%2586-%25D8%25AA%25D9%2581%25D9%2583%25D8%25B1-%25D9%2581%25D9%258A%25D9%2587%25D8%25A7-%25D9%2582%25D8%25A8%25D9%2584-%25D9%2581%25D8%25B9%25D9%2584-%25D8%25B0%25D9%2584%25D9%2583-401740.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1-%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9-5-%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1-%D9%8A%D8%AC%D8%A8-%D8%A3%D9%86-%D8%AA%D9%81%D9%83%D8%B1-%D9%81%D9%8A%D9%87%D8%A7-%D9%82%D8%A8%D9%84-%D9%81%D8%B9%D9%84-%D8%B0%D9%84%D9%83-401740.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%81%D9%87%D8%B1%D8%B3%20%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D9%87%D9%84%20%D9%84%D8%AF%D9%8A%D9%83%20%D9%85%D8%A7%20%D9%8A%D9%84%D8%B2%D9%85%20%D9%84%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A7%D9%84%D9%86%D8%AC%D8%A7%D8%AD%D8%9F%20%D8%AA%D8%B9%D8%B1%D9%81%20%D9%85%D8%A7%20%D9%8A%D8%B1%D9%8A%D8%AF%D9%87%20%D8%A3%D8%B5%D8%AD%D8%A7%D8%A8%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%20%D9%85%D9%87%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%20%D8%A7%D9%84%D9%82%D8%A7%D8%A8%D9%84%D8%A9%20%D9%84%D9%84%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%B4%D8%A8%D9%83%D8%A9%20%D8%AA%D9%88%D8%A7%D8%B5%D9%84%20%D9%86%D9%82%D8%A7%D8%B7%20%D8%A7%D9%84%D9%82%D9%88%D8%A9%20%D9%88%D8%A7%D9%84%D8%B6%D8%B9%D9%81%20%D9%84%D8%AF%D9%8A%D9%83%20%D8%A5%D8%B0%D8%A7%20%D9%83%D9%86%D8%AA%20%D8%AA%D8%A8%D8%AD%D8%AB%20%D8%B9%D9%86%20%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1%20%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9%D8%8C%20%D9%85%D8%AB%D9%84%20%D8%A7%D9%84%D8%A3%D8%BA%D9%84%D8%A8%D9%8A%D8%A9%20%D8%A8%D8%B9%D8%AF%20%D8%A3%D9%86%20%D8%AA%D8%B3%D8%A8%D8%A8%20%D8%B9%D8%A7%D9%85%202020%20%D9%81%D9%8A%20%D8%AD%D8%A7%D9%84%D8%A9%20%D9%85%D9%86%20%D8%A7%D9%84%D8%B1%D9%83%D9%88%D8%AF%20%D9%88%D8%A7%D9%84%D8%AA%D9%83%D8%B1%D8%A7%D8%B1%20%D9%83%D8%AB%D9%8A%D8%B1%D8%A7%D9%8B%D8%8C%20%D9%81%D9%8A%D9%85%D9%83%D9%86%20%D8%A7%D9%84%D9%82%D9%88%D9%84%20%D8%A3%D9%86%D9%87...&mini=true&source=&title=%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1%20%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9:%205%20%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1%20%D9%8A%D8%AC%D8%A8%20%D8%A3%D9%86%20%D8%AA%D9%81%D9%83%D8%B1%20%D9%81%D9%8A%D9%87%D8%A7%20%D9%82%D8%A8%D9%84%20%D9%81%D8%B9%D9%84%20%D8%B0%D9%84%D9%83&url=https://www.alqiyady.com/%D8%AA%D8%BA%D9%8A%D9%8A%D8%B1-%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%A9-5-%D8%A3%D8%B4%D9%8A%D8%A7%D8%A1-%D9%8A%D8%AC%D8%A8-%D8%A3%D9%86-%D8%AA%D9%81%D9%83%D8%B1-%D9%81%D9%8A%D9%87%D8%A7-%D9%82%D8%A8%D9%84-%D9%81%D8%B9%D9%84-%D8%B0%D9%84%D9%83-401740.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%8A%D8%B5%D9%84-%D8%AA%D8%B9%D9%84%D9%86-%D9%86%D8%AA%D8%A7%D8%A6%D8%AC-%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89-%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86-414608.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D9%83%20%D9%81%D9%8A%D8%B5%D9%84%20%D8%AA%D8%B9%D9%84%D9%86%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86&url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%8A%D8%B5%D9%84-%D8%AA%D8%B9%D9%84%D9%86-%D9%86%D8%AA%D8%A7%D8%A6%D8%AC-%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89-%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86-414608.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25AC%25D8%25A7%25D9%2585%25D8%25B9%25D8%25A9-%25D8%25A7%25D9%2584%25D9%2585%25D9%2584%25D9%2583-%25D9%2581%25D9%258A%25D8%25B5%25D9%2584-%25D8%25AA%25D8%25B9%25D9%2584%25D9%2586-%25D9%2586%25D8%25AA%25D8%25A7%25D8%25A6%25D8%25AC-%25D8%25A7%25D9%2584%25D8%25AF%25D9%2581%25D8%25B9%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A3%25D9%2588%25D9%2584%25D9%2589-%25D9%2584%25D9%2584%25D9%2585%25D9%2582%25D8%25A8%25D9%2588%25D9%2584%25D9%258A%25D9%2586-414608.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%8A%D8%B5%D9%84-%D8%AA%D8%B9%D9%84%D9%86-%D9%86%D8%AA%D8%A7%D8%A6%D8%AC-%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89-%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86-414608.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D8%A3%D8%B9%D9%84%D9%86%D8%AA%20%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D9%83%20%D9%81%D9%8A%D8%B5%D9%84%20%D8%A8%D8%A7%D9%84%D9%85%D9%85%D9%84%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%D8%8C%20%D8%B9%D8%A8%D8%B1%20%D8%A8%D9%88%D8%A7%D8%A8%D8%AA%D9%87%D8%A7%20%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%D8%8C%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%C2%A0%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%84%D9%84%D8%B7%D9%84%D8%A8%D8%A9%20%D8%A7%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86%20%D9%88%D8%A7%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D8%A7%D8%AA%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B1%D8%AD%D9%84%D8%AA%D9%8A%20%D8%A7%D9%84%D8%A8%D9%83%D8%A7%D9%84%D9%88%D8%B1%D9%8A%D9%88%D8%B3%20%D9%88%D8%A7%D9%84%D8%AF%D8%A8%D9%84%D9%88%D9%85%20%D8%A7%D9%84%D8%A7%D9%86%D8%AA%D8%B8%D8%A7%D9%85%20%D9%84%D9%84%D8%B9%D8%A7%D9%85%C2%A0%D8%A7%D9%84%D8%AC%D8%A7%D9%85%D8%B9%D9%8A%201442-1443%D9%87%D9%80..%20%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D9%83%20%D9%81%D9%8A%D8%B5%D9%84%20%D8%AA%D8%B9%D9%84%D9%86%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%84...&mini=true&source=&title=%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D9%83%20%D9%81%D9%8A%D8%B5%D9%84%20%D8%AA%D8%B9%D9%84%D9%86%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86&url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D9%85%D9%84%D9%83-%D9%81%D9%8A%D8%B5%D9%84-%D8%AA%D8%B9%D9%84%D9%86-%D9%86%D8%AA%D8%A7%D8%A6%D8%AC-%D8%A7%D9%84%D8%AF%D9%81%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89-%D9%84%D9%84%D9%85%D9%82%D8%A8%D9%88%D9%84%D9%8A%D9%86-414608.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%A3%D8%B7%D8%B9%D9%85%D8%A9-%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA-%D8%AA%D9%8F%D9%82%D9%84%D9%84-%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9-%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D9%84-414581.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%A3%D8%B7%D8%B9%D9%85%D8%A9%20%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA%20%D8%AA%D9%8F%D9%82%D9%84%D9%84%20%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9%20%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9%20%D8%B9%D9%86%D8%AF%20%D8%A7%D9%84%D8%B1%D8%AC%D9%84&url=https://www.alqiyady.com/%D8%A3%D8%B7%D8%B9%D9%85%D8%A9-%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA-%D8%AA%D9%8F%D9%82%D9%84%D9%84-%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9-%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D9%84-414581.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25A3%25D8%25B7%25D8%25B9%25D9%2585%25D8%25A9-%25D9%2588%25D9%2585%25D8%25B4%25D8%25B1%25D9%2588%25D8%25A8%25D8%25A7%25D8%25AA-%25D8%25AA%25D9%258F%25D9%2582%25D9%2584%25D9%2584-%25D8%25A7%25D9%2584%25D8%25B1%25D8%25BA%25D8%25A8%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25AC%25D9%2586%25D8%25B3%25D9%258A%25D8%25A9-%25D8%25B9%25D9%2586%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25B1%25D8%25AC%25D9%2584-414581.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%A3%D8%B7%D8%B9%D9%85%D8%A9-%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA-%D8%AA%D9%8F%D9%82%D9%84%D9%84-%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9-%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D9%84-414581.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%81%D9%87%D8%B1%D8%B3%20%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A3%D8%B7%D8%B9%D9%85%D8%A9%20%D8%A7%D9%84%D9%85%D9%8F%D8%B5%D9%86%D8%B9%D8%A9%20%D8%A7%D9%84%D8%B5%D9%88%D8%AF%D8%A7%20%D8%A7%D9%84%D8%AF%D9%8A%D8%AA%20%D8%A7%D9%84%D8%AC%D9%85%D8%A8%D8%B1%D9%8A%20%D8%A7%D9%84%D8%AC%D8%A8%D9%86%20%D8%A7%D9%84%D8%B3%D9%83%D8%B1%20%D8%A7%D9%84%D8%A3%D8%B7%D8%B9%D9%85%D8%A9%20%D8%A7%D9%84%D9%85%D8%B9%D9%84%D8%A8%D8%A9%20%C2%A0%D8%A7%D9%84%D9%86%D8%B9%D9%86%D8%A7%D8%B9%20%D8%B2%D8%AC%D8%A7%D8%AC%D8%A9%20%D8%A7%D9%84%D9%85%D9%8A%D8%A7%D9%87%20%D8%A7%D9%84%D9%84%D8%AD%D9%88%D9%85%20%D8%B0%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D9%88%D8%AF%D8%A9%20%D8%A7%D9%84%D8%B1%D8%AF%D9%8A%D8%A6%D8%A9%20%D8%A7%D9%84%D8%AF%D9%87%D9%88%D9%86%20%D8%A7%D9%84%D9%85%D8%AA%D8%AD%D9%88%D9%84%D8%A9%20%D8%A7%D9%84%D9%82%D9%87%D9%88%D8%A9%20%D8%A7%D9%84%D8%AA%D9%88%D8%AA%20%D9%82%D8%AF%20%D8%AA%D8%B4%D8%B9%D8%B1%20%D8%A3%D9%86%D9%87%20%D9%85%D9%86%20%D8%A7%D9%84%D9%85%D9%8F%D8%B3%D8%AA%D8%A8%D8%B9%D8%AF%20%D8%A3%D9%86%20%D8%AA%D8%A4%D8%AB%D8%B1%20%D8%A7%D9%84%D8%A3%D8%B7%D8%B9%D9%85%D8%A9%20%D8%A3%D9%88%20%D8%A7%D9%84%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AA%D9%8A%20%D8%AA%D8%AA%D9%86%D8%A7%D9%88%D9%84%D9%87%D8%A7%20%D8%B3%D9%84%D8%A8%D8%A7%D9%8B%20%D8%B9%D9%84%D9%89%20%D8%B1%D8%BA%D8%A8%D8%AA%D9%83%20%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9%D8%8C...&mini=true&source=&title=%D8%A3%D8%B7%D8%B9%D9%85%D8%A9%20%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA%20%D8%AA%D9%8F%D9%82%D9%84%D9%84%20%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9%20%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9%20%D8%B9%D9%86%D8%AF%20%D8%A7%D9%84%D8%B1%D8%AC%D9%84&url=https://www.alqiyady.com/%D8%A3%D8%B7%D8%B9%D9%85%D8%A9-%D9%88%D9%85%D8%B4%D8%B1%D9%88%D8%A8%D8%A7%D8%AA-%D8%AA%D9%8F%D9%82%D9%84%D9%84-%D8%A7%D9%84%D8%B1%D8%BA%D8%A8%D8%A9-%D8%A7%D9%84%D8%AC%D9%86%D8%B3%D9%8A%D8%A9-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%B1%D8%AC%D9%84-414581.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/4-%D8%AD%D8%A7%D9%84%D8%A7%D8%AA-%D8%B5%D8%AD%D9%8A%D8%A9-%D8%AA%D8%AA%D8%B7%D9%84%D8%A8-%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A-%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1-%D9%84%D9%84%D8%B9%D9%85%D9%84-414580.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=4%20%D8%AD%D8%A7%D9%84%D8%A7%D8%AA%20%D8%B5%D8%AD%D9%8A%D8%A9%20%D8%AA%D8%AA%D8%B7%D9%84%D8%A8%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A%20%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD%20%D8%B9%D9%86%D8%AF%20%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1%20%D9%84%D9%84%D8%B9%D9%85%D9%84&url=https://www.alqiyady.com/4-%D8%AD%D8%A7%D9%84%D8%A7%D8%AA-%D8%B5%D8%AD%D9%8A%D8%A9-%D8%AA%D8%AA%D8%B7%D9%84%D8%A8-%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A-%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1-%D9%84%D9%84%D8%B9%D9%85%D9%84-414580.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/4-%25D8%25AD%25D8%25A7%25D9%2584%25D8%25A7%25D8%25AA-%25D8%25B5%25D8%25AD%25D9%258A%25D8%25A9-%25D8%25AA%25D8%25AA%25D8%25B7%25D9%2584%25D8%25A8-%25D8%25A7%25D9%2584%25D8%25AD%25D8%25B5%25D9%2588%25D9%2584-%25D8%25B9%25D9%2584%25D9%2589-%25D8%25AC%25D8%25B1%25D8%25B9%25D8%25AA%25D9%258A-%25D8%25A7%25D9%2584%25D9%2584%25D9%2582%25D8%25A7%25D8%25AD-%25D8%25B9%25D9%2586%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AD%25D8%25B6%25D9%2588%25D8%25B1-%25D9%2584%25D9%2584%25D8%25B9%25D9%2585%25D9%2584-414580.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/4-%D8%AD%D8%A7%D9%84%D8%A7%D8%AA-%D8%B5%D8%AD%D9%8A%D8%A9-%D8%AA%D8%AA%D8%B7%D9%84%D8%A8-%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A-%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1-%D9%84%D9%84%D8%B9%D9%85%D9%84-414580.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D8%AD%D8%AF%D8%AF%D8%AA%20%D8%A7%D9%84%D8%B6%D9%88%D8%A7%D8%A8%D8%B7%20%D8%A7%D9%84%D8%B5%D8%AD%D9%8A%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D8%A9%20%D8%A8%D8%AA%D8%B9%D9%84%D9%8A%D9%82%20%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1%20%D9%84%D9%85%D9%82%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B9%D9%85%D9%84%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%82%D8%B7%D8%A7%D8%B9%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%88%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%20%D9%81%D9%8A%20%D8%A7%D9%84%D9%85%D9%85%D9%84%D9%83%D8%A9%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%D9%84%D9%84%D9%81%D8%A6%D8%A7%D8%AA%20%D8%A7%D9%84%D8%A3%D9%83%D8%AB%D8%B1%20%D8%B9%D9%8F%D8%B1%D8%B6%D8%A9%20%D9%84%D8%AE%D8%B7%D8%B1%20%D8%A7%D9%84%D8%A5%D8%B5%D8%A7%D8%A8%D8%A9%20%D8%A8%D9%81%D9%8A%D8%B1%D9%88%D8%B3%20%D9%83%D9%88%D8%B1%D9%88%D9%86%D8%A7%20%D8%A7%D9%84%D9%85%D9%8F%D8%B3%D8%AA%D8%AC%D8%AF%D8%8C%20%D9%83%D9%88%D9%81%D9%8A%D8%AF-19%D8%8C%204%20%D8%AD%D8%A7%D9%84%D8%A7%D8%AA%20%D8%B5%D8%AD%D9%8A%D8%A9%20%D9%8A%D8%AA%D8%B7%D9%84%D8%A8%20%D8%AD%D8%B5%D9%88%D9%84%D9%87%D9%85%20%D8%B9%D9%84%D9%89%20%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A%20%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD%20%D8%A7%D9%84%D9%85%D9%8F%D8%B6%D8%A7%D8%AF%20%D9%84%D9%84%D9%81%D9%8A%D8%B1%D9%88%D8%B3%D8%8C%20%D8%B9%D9%86%D8%AF%20%D8%AD%D8%B6%D9%88%D8%B1%D9%87%D9%85%20%D9%84%D9%85%D9%82%D8%A7%D8%B1...&mini=true&source=&title=4%20%D8%AD%D8%A7%D9%84%D8%A7%D8%AA%20%D8%B5%D8%AD%D9%8A%D8%A9%20%D8%AA%D8%AA%D8%B7%D9%84%D8%A8%20%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A%20%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD%20%D8%B9%D9%86%D8%AF%20%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1%20%D9%84%D9%84%D8%B9%D9%85%D9%84&url=https://www.alqiyady.com/4-%D8%AD%D8%A7%D9%84%D8%A7%D8%AA-%D8%B5%D8%AD%D9%8A%D8%A9-%D8%AA%D8%AA%D8%B7%D9%84%D8%A8-%D8%A7%D9%84%D8%AD%D8%B5%D9%88%D9%84-%D8%B9%D9%84%D9%89-%D8%AC%D8%B1%D8%B9%D8%AA%D9%8A-%D8%A7%D9%84%D9%84%D9%82%D8%A7%D8%AD-%D8%B9%D9%86%D8%AF-%D8%A7%D9%84%D8%AD%D8%B6%D9%88%D8%B1-%D9%84%D9%84%D8%B9%D9%85%D9%84-414580.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D9%85%D8%B5%D8%B1-%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9-%D9%8A%D9%88%D8%AF%D8%B9-%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-%D8%B7%D9%88%D9%83%D9%8A%D9%88-2020-414595.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%85%D8%B5%D8%B1%20%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84:%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8%20%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9%20%D9%8A%D9%88%D8%AF%D8%B9%20%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF%20%D8%B7%D9%88%D9%83%D9%8A%D9%88%202020&url=https://www.alqiyady.com/%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D9%85%D8%B5%D8%B1-%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9-%D9%8A%D9%88%D8%AF%D8%B9-%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-%D8%B7%D9%88%D9%83%D9%8A%D9%88-2020-414595.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D9%2585%25D8%25B5%25D8%25B1-%25D9%2588%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D9%2585%25D9%2586%25D8%25AA%25D8%25AE%25D8%25A8-%25D8%25A7%25D9%2584%25D9%2581%25D8%25B1%25D8%25A7%25D8%25B9%25D9%2586%25D8%25A9-%25D9%258A%25D9%2588%25D8%25AF%25D8%25B9-%25D8%25A3%25D9%2588%25D9%2584%25D9%2585%25D8%25A8%25D9%258A%25D8%25A7%25D8%25AF-%25D8%25B7%25D9%2588%25D9%2583%25D9%258A%25D9%2588-2020-414595.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D9%85%D8%B5%D8%B1-%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9-%D9%8A%D9%88%D8%AF%D8%B9-%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-%D8%B7%D9%88%D9%83%D9%8A%D9%88-2020-414595.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%88%D8%AF%D8%B9%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8%20%D9%85%D8%B5%D8%B1%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%20%D9%85%D9%86%D8%A7%D9%81%D8%B3%D8%A7%D8%AA%20%D8%AF%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D8%A3%D9%84%D8%B9%D8%A7%D8%A8%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A9%20%D8%B7%D9%88%D9%83%D9%8A%D9%88%202020%D8%8C%20%D8%A8%D8%B9%D8%AF%20%D8%AE%D8%B3%D8%A7%D8%B1%D8%AA%D9%87%20%D8%A3%D9%85%D8%A7%D9%85%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%A8%D9%87%D8%AF%D9%81%20%D9%86%D8%B8%D9%8A%D9%81%D8%8C%20%D8%B6%D9%85%D9%86%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AF%D9%88%D8%B1%20%D8%B1%D8%A8%D8%B9%20%D8%A7%D9%84%D9%86%D9%87%D8%A7%D8%A6%D9%8A%20%D9%84%D8%A8%D8%B7%D9%88%D9%84%D8%A9%20%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF%20%D8%B7%D9%88%D9%83%D9%8A%D9%88%202020.%20%D9%86%D8%AA%D9%8A%D8%AC%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%85%D8%B5%D8%B1%20%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84:%20%D8%A3%D9%82%D9%8A%D9%85%D8%AA%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%85%D8%B5%D8%B1%20%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%D8%8C%20%D8%B8%D9%87%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%B3%D8%A8%D8%AA%2031%20%D8%A3%D8%BA%D8%B3%D8%B7%D8%B3%202021...&mini=true&source=&title=%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%85%D8%B5%D8%B1%20%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84:%20%D9%85%D9%86%D8%AA%D8%AE%D8%A8%20%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9%20%D9%8A%D9%88%D8%AF%D8%B9%20%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF%20%D8%B7%D9%88%D9%83%D9%8A%D9%88%202020&url=https://www.alqiyady.com/%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D9%85%D8%B5%D8%B1-%D9%88%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D8%A7%D9%84%D9%81%D8%B1%D8%A7%D8%B9%D9%86%D8%A9-%D9%8A%D9%88%D8%AF%D8%B9-%D8%A3%D9%88%D9%84%D9%85%D8%A8%D9%8A%D8%A7%D8%AF-%D8%B7%D9%88%D9%83%D9%8A%D9%88-2020-414595.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86-%D8%A7%D9%84%D8%B1%D8%A6%D8%A9-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%89-%D8%B7%D8%B1%D9%82-%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9-%D9%85%D9%86-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%85%D8%B1%D8%B6-414573.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%81%D9%8A%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%A7%D9%84%D8%B1%D8%A6%D8%A9..%20%D8%AA%D8%B9%D8%B1%D9%91%D9%81%20%D8%B9%D9%84%D9%89%20%D8%B7%D8%B1%D9%82%20%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9%20%D9%85%D9%86%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D8%B1%D8%B6&url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86-%D8%A7%D9%84%D8%B1%D8%A6%D8%A9-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%89-%D8%B7%D8%B1%D9%82-%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9-%D9%85%D9%86-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%85%D8%B1%D8%B6-414573.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2581%25D9%258A-%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585-%25D8%25A7%25D9%2584%25D8%25AF%25D9%2588%25D9%2584%25D9%258A-%25D9%2584%25D8%25B3%25D8%25B1%25D8%25B7%25D8%25A7%25D9%2586-%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D8%25A9-%25D8%25AA%25D8%25B9%25D8%25B1%25D9%2591%25D9%2581-%25D8%25B9%25D9%2584%25D9%2589-%25D8%25B7%25D8%25B1%25D9%2582-%25D8%25A7%25D9%2584%25D9%2588%25D9%2582%25D8%25A7%25D9%258A%25D8%25A9-%25D9%2585%25D9%2586-%25D9%2587%25D8%25B0%25D8%25A7-%25D8%25A7%25D9%2584%25D9%2585%25D8%25B1%25D8%25B6-414573.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86-%D8%A7%D9%84%D8%B1%D8%A6%D8%A9-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%89-%D8%B7%D8%B1%D9%82-%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9-%D9%85%D9%86-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%85%D8%B1%D8%B6-414573.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%81%D9%87%D8%B1%D8%B3%20%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%A7%D9%84%D8%B1%D8%A6%D8%A9%20%D9%88%D8%A3%D8%B9%D8%B1%D8%A7%D8%B6%D9%87%20%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9%20%D9%85%D9%86%20%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%A7%D9%84%D8%B1%D8%A6%D8%A9%20%D9%8A%D9%8F%D8%B9%D8%AF%D9%91%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%85%D9%86%20%D8%A3%D8%BA%D8%B3%D8%B7%D8%B3%20%D9%87%D9%88%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%20%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%A7%D9%84%D8%B1%D8%A6%D8%A9%D8%8C%20%D9%88%D9%8A%D9%8F%D8%B9%D8%B1%D9%81%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D8%B4%D9%87%D8%B1%20%D8%A8%D8%B4%D9%87%D8%B1%20%D8%A7%D9%84%D8%AA%D9%88%D8%B9%D9%8A%D8%A9%20%D9%84%D9%85%D8%B1%D8%B6%20%D8%A7%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%D8%8C%20%D9%88%D9%8A%D9%87%D8%AF%D9%81%20%D8%A5%D9%84%D9%89%20%D8%B2%D9%8A%D8%A7%D8%AF%D8%A9%20%D8%A7%D9%84%D9%88%D8%B9%D9%8A%20%D8%A8%D8%B4%D8%A3%D9%86%20%D8%A3%D8%AD%D8%AF%20%D8%A3%D9%83%D8%AB%D8%B1%20%D8%A3%D9%86%D9%88%D8%A7%D8%B9%20%D8%A7%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%B4%D9%8A%D9%88%D8%B9%D8%A7%D9%8B%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85.%20%D8%AA%D8%A7%D8%A8%D8%B9%20%D9%82%D8%B1%D8%A7%D8%A1%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B7%D9%88%D8%B1%20%D8%A7%D9%84%D8%AA%D8%A7%D9%84%D9%8A%D8%A9%20%D9%84...&mini=true&source=&title=%D9%81%D9%8A%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86%20%D8%A7%D9%84%D8%B1%D8%A6%D8%A9..%20%D8%AA%D8%B9%D8%B1%D9%91%D9%81%20%D8%B9%D9%84%D9%89%20%D8%B7%D8%B1%D9%82%20%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9%20%D9%85%D9%86%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D8%B1%D8%B6&url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D8%B3%D8%B1%D8%B7%D8%A7%D9%86-%D8%A7%D9%84%D8%B1%D8%A6%D8%A9-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%89-%D8%B7%D8%B1%D9%82-%D8%A7%D9%84%D9%88%D9%82%D8%A7%D9%8A%D8%A9-%D9%85%D9%86-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%85%D8%B1%D8%B6-414573.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%B3%D9%85%D8%A7%D8%B9%D8%A9-ear-1-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%85%D9%86-%D8%B4%D8%B1%D9%83%D8%A9-nothing-414560.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%B3%D9%85%D8%A7%D8%B9%D8%A9%20Ear%201%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%85%D9%86%20%D8%B4%D8%B1%D9%83%D8%A9%20Nothing&url=https://www.alqiyady.com/%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%B3%D9%85%D8%A7%D8%B9%D8%A9-ear-1-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%85%D9%86-%D8%B4%D8%B1%D9%83%D8%A9-nothing-414560.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2585%25D9%2585%25D9%258A%25D8%25B2%25D8%25A7%25D8%25AA-%25D8%25B3%25D9%2585%25D8%25A7%25D8%25B9%25D8%25A9-ear-1-%25D8%25A7%25D9%2584%25D8%25AC%25D8%25AF%25D9%258A%25D8%25AF%25D8%25A9-%25D9%2585%25D9%2586-%25D8%25B4%25D8%25B1%25D9%2583%25D8%25A9-nothing-414560.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%B3%D9%85%D8%A7%D8%B9%D8%A9-ear-1-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%85%D9%86-%D8%B4%D8%B1%D9%83%D8%A9-nothing-414560.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%83%D8%B4%D9%81%D8%AA%20%D8%B4%D8%B1%D9%83%D8%A9%20Nothing%20%D8%A3%D8%AD%D8%AF%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%87%D9%85%D9%8A%D9%86%20%D9%81%D9%8A%20%D8%B9%D9%84%D8%A7%D9%85%D8%A9%20OnePlus%20%D8%A7%D9%84%D8%AA%D8%AC%D8%A7%D8%B1%D9%8A%D8%A9%20%D8%B9%D9%86%20%D8%A5%D8%B7%D9%84%D8%A7%D9%82%20%D8%B3%D9%85%D8%A7%D8%B9%D8%A7%D8%AA%20%D9%84%D8%A7%D8%B3%D9%84%D9%83%D9%8A%D8%A9%20%D9%85%D9%85%D9%8A%D8%B2%D8%A9%20%D8%A3%D9%8F%D8%B7%D9%84%D9%82%20%D8%B9%D9%84%D9%8A%D9%87%D8%A7%20%D8%A7%D8%B3%D9%85%20Ear%201%20%D9%88%D9%8A%D9%8F%D8%AA%D9%88%D9%82%D8%B9%20%D9%84%D9%87%D8%A7%20%D8%A3%D9%86%20%D8%AA%D9%84%D9%82%D9%89%20%D8%B1%D9%88%D8%A7%D8%AC%D8%A7%D9%8B%20%D9%88%D8%A7%D8%B3%D8%B9%D8%A7%D9%8B%20%D9%81%D9%8A%20%D8%A7%D9%84%D8%A3%D8%B3%D9%88%D8%A7%D9%82%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9.%20%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%B3%D9%85%D8%A7%D8%B9%D8%A9%20Ear%201%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%87%D9%86%D8%A7%D9%83%20%D8%A8%D8%B9%D8%B6%20%D8%A7%D9%84%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AA%D9%8A%20%D8%AA%D8%AA%D9%85%D8%AA%D8%B9%20%D8%A8%D9%87%D8%A7%20%D8%B3%D9%85%D8%A7%D8%B9%D8%A9%20Ear%201%D8%8C%20%D9%85%D9%86%D9%87%D8%A7:%20%D8%A7%D9%84%D8%AA...&mini=true&source=&title=%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%B3%D9%85%D8%A7%D8%B9%D8%A9%20Ear%201%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%85%D9%86%20%D8%B4%D8%B1%D9%83%D8%A9%20Nothing&url=https://www.alqiyady.com/%D9%85%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%B3%D9%85%D8%A7%D8%B9%D8%A9-ear-1-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%85%D9%86-%D8%B4%D8%B1%D9%83%D8%A9-nothing-414560.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%81%D9%8A-tiktok-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%8A%D9%87%D8%A7-414558.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20TikTok%20%D8%AA%D8%B9%D8%B1%D9%91%D9%81%20%D8%B9%D9%84%D9%8A%D9%87%D8%A7&url=https://www.alqiyady.com/%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%81%D9%8A-tiktok-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%8A%D9%87%D8%A7-414558.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2585%25D9%258A%25D8%25B2%25D8%25A7%25D8%25AA-%25D8%25AC%25D8%25AF%25D9%258A%25D8%25AF%25D8%25A9-%25D9%2581%25D9%258A-tiktok-%25D8%25AA%25D8%25B9%25D8%25B1%25D9%2591%25D9%2581-%25D8%25B9%25D9%2584%25D9%258A%25D9%2587%25D8%25A7-414558.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%81%D9%8A-tiktok-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%8A%D9%87%D8%A7-414558.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%8A%D8%B4%D9%87%D8%AF%20%D8%AA%D8%B7%D8%A8%D9%8A%D9%82%20TikTok%20%D8%A5%D8%AF%D8%AE%D8%A7%D9%84%20%D8%A8%D8%B9%D8%B6%20%D8%A7%D9%84%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AA%D8%B7%D8%A8%D9%8A%D9%82%D8%8C%20%D8%AA%D9%8F%D9%85%D9%83%D9%86%D9%87%20%D9%85%D9%86%20%D9%85%D9%86%D8%A7%D9%81%D8%B3%D8%A9%20%D8%A7%D9%84%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%A7%D9%84%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9%20%D9%81%D9%8A%20%D8%A5%D9%86%D8%B3%D8%AA%D8%BA%D8%B1%D8%A7%D9%85%20%D9%88%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83%D8%8C%20%D9%88%D9%81%D9%82%D8%A7%D9%8B%20%D9%84%D9%85%D8%A7%20%D8%A3%D8%B9%D9%84%D9%86%D9%87%20%D8%A7%D9%84%D9%82%D8%A7%D8%A6%D9%85%D9%88%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AA%D8%B7%D8%A8%D9%8A%D9%82%20%D8%AA%D9%8A%D9%83%20%D8%AA%D9%88%D9%83.%20%D8%A7%D9%84%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%B7%D8%A8%D9%8A%D9%82%20%D8%AA%D9%8A%D9%83%20%D8%AA%D9%88%D9%83%20%D8%AA%D8%AA%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20TikTok%20%D8%A8%D8%B4%D9%83%D9%84%20%D8%A3%D8%B3%D8%A7%D8%B3%D9%8A%20%D8%AD%D9%88%D9%84%20%D8%AE%D8%AF%D9%85%D8%A7%D8%AA%20%D8%A7...&mini=true&source=&title=%D9%85%D9%8A%D8%B2%D8%A7%D8%AA%20%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%20%D9%81%D9%8A%20TikTok%20%D8%AA%D8%B9%D8%B1%D9%91%D9%81%20%D8%B9%D9%84%D9%8A%D9%87%D8%A7&url=https://www.alqiyady.com/%D9%85%D9%8A%D8%B2%D8%A7%D8%AA-%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9-%D9%81%D9%8A-tiktok-%D8%AA%D8%B9%D8%B1%D9%91%D9%81-%D8%B9%D9%84%D9%8A%D9%87%D8%A7-414558.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%D9%86%D8%B5%D8%A7%D8%A6%D8%AD-%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83-%D8%B9%D9%84%D9%89-%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1-%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86-414300.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D9%81%D9%8A%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9:%20%D9%86%D8%B5%D8%A7%D8%A6%D8%AD%20%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1%20%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86&url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%D9%86%D8%B5%D8%A7%D8%A6%D8%AD-%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83-%D8%B9%D9%84%D9%89-%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1-%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86-414300.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D9%2581%25D9%258A-%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585-%25D8%25A7%25D9%2584%25D8%25AF%25D9%2588%25D9%2584%25D9%258A-%25D9%2584%25D9%2584%25D8%25B5%25D8%25AF%25D8%25A7%25D9%2582%25D8%25A9%25D9%2586%25D8%25B5%25D8%25A7%25D8%25A6%25D8%25AD-%25D8%25AA%25D9%258F%25D8%25B3%25D8%25A7%25D8%25B9%25D8%25AF%25D9%2583-%25D8%25B9%25D9%2584%25D9%2589-%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D9%2584%25D8%25A3%25D8%25B5%25D8%25AF%25D9%2582%25D8%25A7%25D8%25A1-%25D8%25A7%25D9%2584%25D8%25AC%25D9%258A%25D8%25AF%25D9%258A%25D9%2586-414300.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%D9%86%D8%B5%D8%A7%D8%A6%D8%AD-%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83-%D8%B9%D9%84%D9%89-%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1-%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86-414300.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D9%81%D9%87%D8%B1%D8%B3%20%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%20%D8%A3%D9%87%D9%85%D9%8A%D8%A9%20%D9%88%D8%AC%D9%88%D8%AF%20%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1%20%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1%20%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86%20%D9%81%D9%8A%2030%20%D9%85%D9%86%20%D9%8A%D9%88%D9%84%D9%8A%D9%88%20%D9%8A%D8%AD%D8%AA%D9%81%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%D8%8C%20%D8%A8%D9%86%D8%A7%D8%A1%20%D8%B5%D8%AF%D8%A7%D9%82%D8%A7%D8%AA%20%D8%B5%D8%AD%D9%8A%D8%A9%20%D9%87%D9%88%20%D8%AC%D8%B2%D8%A1%20%D9%85%D9%87%D9%85%20%D9%85%D9%86%20%D8%AD%D9%8A%D8%A7%D8%AA%D9%83%20%D8%A7%D9%84%D8%A7%D8%AC%D8%AA%D9%85%D8%A7%D8%B9%D9%8A%D8%A9%D8%8C%20%D9%8A%D9%85%D9%83%D9%86%20%D9%84%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1%20%D8%A3%D9%86%20%D9%8A%D9%83%D9%88%D9%86%20%D9%84%D9%87%D9%85%20%D8%AA%D8%A3%D8%AB%D9%8A%D8%B1%20%D9%83%D8%A8%D9%8A%D8%B1%20%D8%B9%D9%84%D9%89%20%D8%B7%D8%B1%D9%8A%D9%82%D8%A9%20%D8%AA%D9%81%D9%83%D9%8A%D8%B1%D9%83%20%D9%88%D8%B4%D8%B9%D9%88%D8%B1%D9%83%20%D9%88%D8%AA%D8%B5%D8%B1%D9%81%D9%83.%20%D9%84...&mini=true&source=&title=%D9%81%D9%8A%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A%20%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9:%20%D9%86%D8%B5%D8%A7%D8%A6%D8%AD%20%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83%20%D8%B9%D9%84%D9%89%20%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1%20%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86&url=https://www.alqiyady.com/%D9%81%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D9%8A-%D9%84%D9%84%D8%B5%D8%AF%D8%A7%D9%82%D8%A9%D9%86%D8%B5%D8%A7%D8%A6%D8%AD-%D8%AA%D9%8F%D8%B3%D8%A7%D8%B9%D8%AF%D9%83-%D8%B9%D9%84%D9%89-%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D9%84%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A1-%D8%A7%D9%84%D8%AC%D9%8A%D8%AF%D9%8A%D9%86-414300.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9-%D9%86%D9%88%D8%B1%D8%A9-%D8%AA%D9%88%D9%81%D8%B1-%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA-%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7-414527.html?utm_source=facebook.com&utm_medium=referral&utm_campaign=facebook_sharing
Title:

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?ext=sharethis&v=2&title=%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9%20%D9%86%D9%88%D8%B1%D8%A9%20%D8%AA%D9%88%D9%81%D8%B1%20%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9:%20%D8%AA%D8%B9%D8%B1%D9%81%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA%20%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7&url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9-%D9%86%D9%88%D8%B1%D8%A9-%D8%AA%D9%88%D9%81%D8%B1-%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA-%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7-414527.html?utm_source=flipboard.com&utm_medium=referral&utm_campaign=flipboard_sharing
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.alqiyady.com/%25D8%25AC%25D8%25A7%25D9%2585%25D8%25B9%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A3%25D9%2585%25D9%258A%25D8%25B1%25D8%25A9-%25D9%2586%25D9%2588%25D8%25B1%25D8%25A9-%25D8%25AA%25D9%2588%25D9%2581%25D8%25B1-%25D9%2588%25D8%25B8%25D8%25A7%25D8%25A6%25D9%2581-%25D8%25A3%25D9%2583%25D8%25A7%25D8%25AF%25D9%258A%25D9%2585%25D9%258A%25D8%25A9-%25D8%25AA%25D8%25B9%25D8%25B1%25D9%2581-%25D8%25B9%25D9%2584%25D9%2589-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25AE%25D8%25B5%25D8%25B5%25D8%25A7%25D8%25AA-%25D9%2588%25D8%25A7%25D9%2584%25D8%25B4%25D8%25B1%25D9%2588%25D8%25B7-414527.html?utm_source=twitter.com&utm_medium=referral&utm_campaign=twitter_sharing
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9-%D9%86%D9%88%D8%B1%D8%A9-%D8%AA%D9%88%D9%81%D8%B1-%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA-%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7-414527.html?utm_source=pinterest.com&utm_medium=referral&utm_campaign=pinterest_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?summary=%D8%A3%D8%B9%D9%84%D9%86%D8%AA%20%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9%20%D9%86%D9%88%D8%B1%D8%A9%20%D8%A8%D9%86%D8%AA%20%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86%D8%8C%20%D8%AA%D9%88%D9%81%D8%B1%20%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9%20%D8%B9%D9%84%D9%89%20%D8%AF%D8%B1%D8%AC%D8%A9%20%D8%A3%D8%B3%D8%AA%D8%A7%D8%B0%20%D9%85%D8%B3%D8%A7%D8%B9%D8%AF%20%D9%81%D9%85%D8%A7%20%D9%81%D9%88%D9%82%20%D9%84%D8%AD%D9%85%D9%84%D8%A9%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%D8%A7%D9%87%D8%8C%C2%A0%D9%84%D9%84%D8%B9%D8%A7%D9%85%20%D8%A7%D9%84%D8%AC%D8%A7%D9%85%D8%B9%D9%8A%201442/1443%D9%87%D9%80.%20%D9%88%D9%8A%D8%A8%D8%AF%D8%A3%20%D8%A7%D9%84%D8%AA%D9%82%D8%AF%D9%8A%D9%85%20%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%A3%D8%AD%D8%AF%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%2022/12/1442%D9%87%D9%80%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D9%81%D9%821/8/2021%D9%85%D8%8C%C2%A0%20%D9%88%D9%8A%D9%86%D8%AA%D9%87%D9%8A%20%D8%A8%D9%86%D9%87%D8%A7%D9%8A%D8%A9%20%D9%8A%D9%88%D9%85%20%D8%A7%D9%84%D8%AE%D9%85%D9%8A%D8%B3%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%2026/12/1442%D9%87%D9%80%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D9%81%D9%82...&mini=true&source=&title=%D8%AC%D8%A7%D9%85%D8%B9%D8%A9%20%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9%20%D9%86%D9%88%D8%B1%D8%A9%20%D8%AA%D9%88%D9%81%D8%B1%20%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9:%20%D8%AA%D8%B9%D8%B1%D9%81%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA%20%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7&url=https://www.alqiyady.com/%D8%AC%D8%A7%D9%85%D8%B9%D8%A9-%D8%A7%D9%84%D8%A3%D9%85%D9%8A%D8%B1%D8%A9-%D9%86%D9%88%D8%B1%D8%A9-%D8%AA%D9%88%D9%81%D8%B1-%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A3%D9%83%D8%A7%D8%AF%D9%8A%D9%85%D9%8A%D8%A9-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D8%AA%D8%AE%D8%B5%D8%B5%D8%A7%D8%AA-%D9%88%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D8%B7-414527.html?utm_source=linkedin.com&utm_medium=referral&utm_campaign=linkedin_sharing
Title:

Search URL Search Domain Scan URL

URL: https://www.layalina.com/
Title: ليالينا

Search URL Search Domain Scan URL

URL: https://www.ra2ej.com/
Title: رائج

Search URL Search Domain Scan URL

URL: https://www.arabsturbo.com/
Title: تيربو العرب

Search URL Search Domain Scan URL

URL: https://www.sa2eh.com/
Title: سائح

Search URL Search Domain Scan URL

URL: https://www.tajuki.com/
Title: تاجكِ

Search URL Search Domain Scan URL

URL: https://www.uaemoments.com/
Title: UAE Moments

Search URL Search Domain Scan URL

URL: https://www.babonej.com/
Title: بابونج

Search URL Search Domain Scan URL

URL: https://yummy.layalina.com/
Title: يمي

Search URL Search Domain Scan URL

URL: https://www.bashartek.com/
Title: بشرتِك

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo HTTP 301
https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo/

Request Chain 112

https://inv-nets.admixer.net/adxcm.aspx?ssp=5FEC4B7E-00BE-4619-A907-C423ED15D8EA&rurl=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadmixer%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
https://rtb.adxpremium.services/setuid?bidder=admixer&uid=b79d1377507e405a836c724eaaec3923

Request Chain 116

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=2e091a63-f1f6-4737-8065-44f64a21b761

Request Chain 117

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4289062115183121297

Request Chain 118

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=670d30b35c3f4c92

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1u_dCnxWgBcDg5UtM79Wg&google_cver=1

Request Chain 122

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/HETWaOoOautovnYVCF4fMQ?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8165988089564145909

Request Chain 123

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRSWWNGW-W-FB5O&sigv=1&esig=2~97af2588277cb180f1a2d54cb4dcb9999c7a1c35&us_privacy=1---

Request Chain 124

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JTV1dOR1ctVy1GQjVP&us_privacy=1---

Request Chain 125

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YQZUPQADSCgxQQAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQZUPQADSCgxQQAC&us_privacy=1---&_test=YQZUPQADSCgxQQAC

Request Chain 126

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTYxYzIzOTQ1YzcyMzE4NjdlYjZlMGRmOGQyYWE3ZjY0OTBkODE1Mw&us_privacy=1---

Request Chain 131

https://c1.adform.net/serving/cookie/match?party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sNpb51oeQnyB1LDh6j5MVA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bbf6106-543d-4200-83c7-d58988887b49

Request Chain 137

https://pixel.onaudience.com/?partner=214&mapped=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=15af223886a99efa2c5d49d2b55d41f0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7af8e84ac1694c66 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44494c84623&zcluid=7af8e84ac1694c66&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEEEtX-i0i_UW_8SpevhYjb4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44494c84623&zcluid=7af8e84ac1694c66&zdid=1332

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBEQTVCRTctNUExRS00MjdDLTgxRDQtQjBFMUVBM0U0QzU0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrqwtIn7tHTl8slrgN-LWw&google_cver=1

Request Chain 141

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cf916106-543e-4500-897e-b14d7ea5ae21&gdpr=0&gdpr_consent=

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1644853150093900243

Request Chain 143

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f19ad93f-2cea-4589-9200-b474a0376380

Request Chain 144

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4289062115183121297&gdpr=0&gdpr_consent=

Request Chain 146

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=hLVm1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcpJRRH HTTP 302
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4289062115183121297&mpk=hLVm1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcpJRRH HTTP 302
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4289062115183121297

Request Chain 147

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID

Request Chain 148

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2aca222944abde81 HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2aca222944abde81

Request Chain 152

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2aca222944abde81%26uid%3D%24%7BUID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2aca222944abde81&uid=2e091a63-f1f6-4737-8065-44f64a21b761

Request Chain 156

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D2aca222944abde81 HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

Request Chain 157

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2aca222944abde81%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=2aca222944abde81&uid=4289062115183121297

Request Chain 159

https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A

Request Chain 160

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D2aca222944abde81%26uid%3D%7B%24UID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=2aca222944abde81&uid=1904471b2aa9bf8e5d4157759b3e9b0c120ff74d

Request Chain 161

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D2aca222944abde81 HTTP 302
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=2aca222944abde81&uid=0200000030540661A524F548023EFC4B

Request Chain 162

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 164

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1

Request Chain 168

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a0c32ca6-67c2-421e-8d2f-1e2159cd0949&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 170

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f19ad93f-2cea-4589-9200-b474a0376380&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 174

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9fe3de65-c60f-4d01-bb2e-eb9aa32a7528&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 175

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=32372355283106706493728561430297326528&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 177

https://bn01.er.bemail.it/zeotap.php?_bid=96d70711-2cc8-44da-5127-dd8e6a6b342a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021080109-30216-0.034430001627804740-0f163f11a177c72b1ac35ee6f0b372e0&zdid=533&env=mWeb

Request Chain 178

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6991368105395878033&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 179

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a

Request Chain 180

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=96d70711-2cc8-44da-5127-dd8e6a6b342a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=96d70711-2cc8-44da-5127-dd8e6a6b342a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361&bounce=1&random=3437027831 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=EOyHu3AozXh0mHkm7ucMVu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 182

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=96d70711-2cc8-44da-5127-dd8e6a6b342a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=15af223886a99efa2c5d49d2b55d41f0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 183

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-4ASTqkNE2oolIWThzMfIy0hpdhBnezO_0Q--~A&zpartnerid=570&env=mWeb

Request Chain 184

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtQaP3fXYIuhv2lYKOmh%2F6k3%2BS41iYitP1U%3D

Request Chain 188

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQZUPQADSCgxQQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 189

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=67f46106-5440-4300-a285-148f584a87ee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 190

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 191

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&dcc=t

Request Chain 192

https://tags.bluekai.com/site/87734?id=96d70711-2cc8-44da-5127-dd8e6a6b342a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 193

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Request Chain 198

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&dcc=t

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtzFV4OWkH2O2Ph_oWEUr8&google_cver=1

Request Chain 200

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQZUQJDr.nbjlM9AXIw2twAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGBeWg2TTRk6qpk_ow7_RqY&google_cver=1&google_hm=2

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YQZUQAADaaOA2wA4 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQZUQAADaaOA2wA4&gdpr=1&_test=YQZUQAADaaOA2wA4

Request Chain 204

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiTE7CDKkAAFkYJXgvdQ&expiration=1629014336&gdpr=1

Request Chain 209

https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5/ct?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup

Request Chain 211

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8709248361962390651

Request Chain 212

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 213

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A

Request Chain 215

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7840996681688352845

Request Chain 216

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c31e8850-cda2-4550-a0ba-b5eb658acc2e

Request Chain 224

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7351755767206548082

Request Chain 225

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f46106-5440-4300-a285-148f584a87ee&gdpr=1&gdpr_consent=

Request Chain 230

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 233

https://bcp.crwdcntrl.net/5/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=&google_gid=CAESEBjZX2a6REJgt-KLorsztxA&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 238

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=3650116984003556680 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=

Request Chain 244

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=15af223886a99efa2c5d49d2b55d41f0&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=15af223886a99efa2c5d49d2b55d41f0&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d8ad4bcb-db78-41aa-bf1e-921799b70fe8

Request Chain 245

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YQZUQAADaaOA2wA4

248 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.alqiyady.com/ 242 KB
26 KB 202ms
80ms Document
text/html 104.17.4.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.4.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39ae71c032124badcdba31039cb01d8d4d3f8f970b13fb5cd282c6bb92028a5

Request headers

:method: GET
:authority: www.alqiyady.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-type: text/html; charset=UTF-8
x-fastcgi-cache: HIT
x-cache: Hit from cloudfront
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: wNyo7sfNzZosJ0-rWDzWx53TppRw-093gVlvQ07YhIJwPEt0CIOvuw==
age: 55
cf-cache-status: HIT
expires: Sun, 01 Aug 2021 09:58:48 GMT
cache-control: public, max-age=7200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 677d85ff2baed901-AMS
content-encoding: br

GET
H2 200 jquery.min.js Show response
alqiyady.awicdn.com/public/theme/js/ 93 KB
33 KB 47ms
21ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/jquery.min.js?v=2

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e260c2442fac1bcf84eda23f04f1ae285b0841eef0a05bc283b01b52f70c1af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8648011
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Apr 2020 17:22:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e8a13e0-173d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d85ffca154a56-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 lazysizes.min.js Show response
alqiyady.awicdn.com/public/theme/js/ 7 KB
3 KB 49ms
23ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/lazysizes.min.js?v=2

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8648011
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Apr 2020 14:18:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e93232d-1c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d85ffca174a56-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 base.css
alqiyady.awicdn.com/public/theme/css/ 6 KB
2 KB 53ms
27ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/base.css?v=17

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e82ff34808498f3bacd8b35c08011552993821d588f53c15d5c343ddc6759a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8641818
cf-polished: origSize=6800
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Mar 2021 09:05:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60488be5-1a90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
cf-ray: 677d85ffb9ef4a56-FRA
cf-bgj: minify

GET
H2 200 root_style.css
alqiyady.awicdn.com/public/theme/css/alqiyady/ 2 KB
661 B 41ms
16ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/alqiyady/root_style.css?v=194

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

740ceba3b5d21bf024901a44c0d8eca7752d9a812b578b589c6eddc16888e238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8643278
cf-polished: origSize=2658
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Apr 2021 10:11:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"606d855a-a62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
cf-ray: 677d85ffb9f74a56-FRA
cf-bgj: minify

GET
H2 200 janna.css
alqiyady.awicdn.com/public/theme/fonts/janna/ 295 B
340 B 52ms
27ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/janna/janna.css?v=194

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a83dcfbbe019627469d0979246dbabd86a39d5e06810b8c160b542c7aab241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8648011
cf-polished: origSize=746
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 15:14:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6011835b-2ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
cf-ray: 677d85ffb9f94a56-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.css
alqiyady.awicdn.com/public/theme/css/ 101 KB
17 KB 54ms
29ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/bootstrap.min.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d3fa09997fae6fe4b855f167b5b453c6c1c7877c3410b9e3e5848e0542af0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
x-cache: Hit from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fd3330-192c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffb9fa4a56-FRA
x-amz-cf-id: ge12-l7uwLSZm9xcsqDfiRRPWiRgd8_3Qc0UKulze3olj4l7rev4RQ==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 awesome_v5.min.css
alqiyady.awicdn.com/public/theme/fonts/awesome_version5/ 56 KB
13 KB 49ms
24ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/awesome_v5.min.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0351cc02e795d3f2c9866bc8365582960cc37b4da9b8812267f27c133054367e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
x-cache: Hit from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fd3330-df38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca144a56-FRA
x-amz-cf-id: tpQiyhwkLbVHkpQ4KAX2dEf3DQNE3uvKXrsg7QWaM8zh9h3iEp3kwQ==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 animate.min.css
alqiyady.awicdn.com/public/theme/css/ 57 KB
5 KB 42ms
17ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/animate.min.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
x-cache: Hit from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61010c7e-e283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca0c4a56-FRA
x-amz-cf-id: ub9PKXR_H0apfPHW30RJYk5bvmIzcyg-hN_SS1JX5A7Tj_vBuqnRTg==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 reset.css
alqiyady.awicdn.com/public/theme/css/ 4 KB
2 KB 39ms
15ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/reset.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa84e55f54b28d3a40c93bba161812eb2b06db3cb642ff2ac4ccbcd6be6bb21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=5243
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-147b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffba014a56-FRA
x-amz-cf-id: 764-2fb9JZCZZU4qniC5r-NjVUy1yg_pZohJ6-bcAXBFOdhQWiG4Rg==
cf-bgj: minify

GET
H2 200 common.css
alqiyady.awicdn.com/public/theme/css/ 2 KB
866 B 40ms
15ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/common.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a40564362542d6b845176721daa4d7510403bee4bbbb13b47f23da3e93b8730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=2190
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-88e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffba064a56-FRA
x-amz-cf-id: _4h0FAhju456KlXY8KruX-G8ktTKK1o-qbPVnVk3oS9Dpem5VdY8MQ==
cf-bgj: minify

GET
H2 200 header.css
alqiyady.awicdn.com/public/theme/css/ 24 KB
4 KB 47ms
23ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/header.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186aaa5af2bfb0e3ce3642b9a90bd901aef3c44ac8a4bc1c80e3fe5e96094c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=28950
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-7116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca124a56-FRA
x-amz-cf-id: zirsLwqp53lgl3RjUVdHGjHCcNtGcO9G5W0Dpuqb0TyNpZmORQWjAw==
cf-bgj: minify

GET
H2 200 search.css
alqiyady.awicdn.com/public/theme/css/ 4 KB
1 KB 44ms
20ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/search.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d0723857425ef2e860578b7dc5e6b433513525afbe649bacb71a26e0aad1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=4934
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-1346"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffca094a56-FRA
x-amz-cf-id: Im4S18ZA1ObfO4boI4j4OKo4V29StS1DBWEloRC8lLKZ00QG5uUUdA==
cf-bgj: minify

GET
H2 200 slidemenu.css
alqiyady.awicdn.com/public/theme/css/ 13 KB
3 KB 51ms
27ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/slidemenu.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592a9b099e00ea61f50ac3e394155db6abeb19a6858f3c947d3ceba361b09f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=17668
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-4504"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffba084a56-FRA
x-amz-cf-id: P_zfeoyWqB-tinEwprrLoXjZeYbEjzUeHYyP5e5Cr-q8tQBdYnD4Kg==
cf-bgj: minify

GET
H2 200 z_index_control.css
alqiyady.awicdn.com/public/theme/css/ 2 KB
945 B 47ms
23ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/z_index_control.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b891c5240ca6b148d8330b3004c8022e6017107dd3a1265f8ccf122f4651aea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=3486
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-d9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffba054a56-FRA
x-amz-cf-id: ntRyL1hMLBBKqW3ES8JuEsFTp5jMsOo2rPVNRMTLk2wlfEEj4tIGGA==
cf-bgj: minify

GET
H2 200 footer.css
alqiyady.awicdn.com/public/theme/css/ 19 KB
3 KB 44ms
20ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56e33462ee73eb2a0085125cbef4793f3ce467c01579e8f9d818cdf13cf86997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=22945
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-59a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffba024a56-FRA
x-amz-cf-id: LpTV373M4qrEEfcbOKRYQQFeS09EPMdtHeXLl9961xhKJXbi1es4qA==
cf-bgj: minify

GET
H2 200 search_autocomplate.css
alqiyady.awicdn.com/public/theme/css/ 2 KB
763 B 41ms
18ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/search_autocomplate.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59aaba45fdc2d77d52783d1f7a5397fc594f07bc690f7686fb045e97cacb95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=2591
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-a1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffb9ff4a56-FRA
x-amz-cf-id: muOclrijr85FV9LfBpt_2orkhK6eAqMlD0HjClaA4OBSyR-tE-osAA==
cf-bgj: minify

GET
H2 200 canvas_newPosition.css
alqiyady.awicdn.com/public/theme/css/ 2 KB
689 B 40ms
17ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/canvas_newPosition.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bc5e12a42d5a5a01d6ca74be670b30dbe8e3b1ce81ce38138603df6eb63f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=2569
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-a09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca134a56-FRA
x-amz-cf-id: TLSyBJ1bPT7fgh1LYsYuvCZsjWmEUQSOGdc-WOX_YD-OkS8_d6UWkQ==
cf-bgj: minify

GET
H2 200 listing.css
alqiyady.awicdn.com/public/theme/css/ 21 KB
3 KB 43ms
20ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/listing.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f5a17dec53daa0d61ab93159c73639f938b6ff03843ce7798d8bc806228ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=24215
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-5e97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca104a56-FRA
x-amz-cf-id: dExreEAk88Lk0mYSRZPlf-ENS5L4Vy8a9AkVmvnWXcKRT8_q79C2yA==
cf-bgj: minify

GET
H2 200 homepage_BGintro_page.css
alqiyady.awicdn.com/public/theme/css/ 2 KB
1 KB 42ms
19ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/homepage_BGintro_page.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d4d2660052465f9c23409bfb7a85edfa13d242cd902ac5a8d33bcd52fcb36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 eec12a22159207af63748eccf10799b3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339312
cf-polished: origSize=2379
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: AMS54-C1
cf-ray: 677d85ffba004a56-FRA
x-amz-cf-id: Z9SlTvn7D6o_EWzUuE9_0Elisfh7z7od7V0p9AMR4LU-3K-vjCEG5w==
cf-bgj: minify

GET
H2 200 homepage_videoBlock.css
alqiyady.awicdn.com/public/theme/css/ 13 KB
2 KB 46ms
23ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/homepage_videoBlock.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0aaa5c402a65a3be2c033d1ef66328cb0f6f25605bca5294f22753867e4f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a36403421b18ef7385d5575765e6c415.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339312
cf-polished: origSize=14569
x-cache: Miss from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 09:02:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61011d2e-38e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: AMS54-C1
cf-ray: 677d85ffb9fd4a56-FRA
x-amz-cf-id: xjh-FO7WWKpCYqJzj2zSnP7qnfs5KMARAhNNz4tOetscKwWz0OfLFA==
cf-bgj: minify

GET
H2 200 banner.css
alqiyady.awicdn.com/public/theme/css/ 1 KB
570 B 41ms
18ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/banner.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6189fa407473310f621e704c6557cff7c1e73885901570b57f405a6aec9515f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=1654
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffca0f4a56-FRA
x-amz-cf-id: pGVjlyfRFqw3sWAIieeOgqnUhpBsE-cmKv86yaHa-45dMQ-eZjsrmg==
cf-bgj: minify

GET
H2 200 loader.css
alqiyady.awicdn.com/public/theme/css/ 3 KB
902 B 39ms
16ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/loader.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3557874c8146520233bee43fcf581021a80b5e2fe4b1dd0443c75b69a07f21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=3269
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: W/"60fd3330-cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffca0e4a56-FRA
x-amz-cf-id: BVwbVFPlT9RloB98mbYpnEYXOZsrJghXjbzUjR7vOvJjR5bFZUQsCg==
cf-bgj: minify

GET
H2 200 shareButton_slide.css
alqiyady.awicdn.com/public/theme/css/ 7 KB
1 KB 41ms
18ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/shareButton_slide.css?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73282072f654a1cbeddf1a3443021114f67ca2bd2a6ad7f9bef3f1f9e5aa81d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=7618
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-1dc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffba034a56-FRA
x-amz-cf-id: _6nziCVAGOTlFhHLEpzajoyykhjMZOjMcufsWdpB_WvbgM1nR8kvkQ==
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 141ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4362afba4d84aa4b436d0f369edf48229dd1969cc0a9edbe3853846f91723b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "945 / 992 of 1000 / last-modified: 1627683143"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24685
x-xss-protection: 0
expires: Sun, 01 Aug 2021 07:58:48 GMT

GET
H2 200 alqiyady.js Show response
adxbid.info/ 247 KB
76 KB 65ms
34ms Script
application/javascript 2606:4700:20::681a:75b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/alqiyady.js
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:75b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c2d4c23ad1a7550d5c9bfde5d915075f586d5233655e2662ac1e246d9a0fc3

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Jun 2021 10:09:56 GMT
server: cloudflare
age: 868
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8j3I%2FWRtVmK7RONa5riyF%2F02zBdCs43PIK2e3BjFtsP3G%2BLlqgx04Tgu0pQJBag3%2BlKyI%2FWeb%2F3YmQwNtAIlIMbHpa0G24yRGPmBA8kPo0H%2BXawjNp%2BVFveOhjZadlr3dG3lR2THHED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 677d86003983c277-FRA

GET
H2 200 logo_header.png
alqiyady.awicdn.com/public/alqiyady/responsive/images/ 3 KB
4 KB 19ms
17ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/alqiyady/responsive/images/logo_header.png?v=1.0.0

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9bf89233ac910bde8576a200636407127e5173292f689fa15c33155b8c7d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 296b717727b6ec130dd68764b732c2d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 268460
cf-polished: origFmt=png, origSize=9473
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo_header.webp"
vary: Accept
content-length: 3460
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Jul 2021 10:42:44 GMT
server: cloudflare
etag: "60f01124-2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: ATL50-C1
accept-ranges: bytes
cf-ray: 677d86001ab84a56-FRA
x-amz-cf-id: IvyoYXG2oJ-xqZzC_gk8NYG31UOmAMmOaJD48t8sgR8O27tW8gK0GA==
cf-bgj: imgq:85,h2pri

GET
H2 200 logo_sticky.png
alqiyady.awicdn.com/public/alqiyady/responsive/images/ 1 KB
1 KB 16ms
14ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/alqiyady/responsive/images/logo_sticky.png?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d626082c36e73f409a25cb77437de9c7a2a68570721374e802f288d619b7dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 290990
cf-polished: origFmt=png, origSize=1362
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo_sticky.webp"
vary: Accept
content-length: 1124
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
etag: "60fd3330-552"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001ab94a56-FRA
x-amz-cf-id: 65EWODNM5_tDb8-mUA5tjDz6wYWXC7W-dOzwfyGkvVX9-kUfocfFqA==
cf-bgj: imgq:85,h2pri

GET
H2 200 oppo-logo.png
alqiyady.awicdn.com/public/common/menu_logos/alqiyady/ 2 KB
3 KB 16ms
13ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/common/menu_logos/alqiyady/oppo-logo.png?v=1.0.0

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dacc88b3df4719fe67f95c1b55e0d6121d168bf79f6e3dcf56d2b0dbf08caab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 389953
cf-polished: origFmt=png, origSize=5998
x-cache: Hit from cloudfront
content-disposition: inline; filename="oppo-logo.webp"
vary: Accept
content-length: 2482
x-xss-protection: 1; mode=block
last-modified: Wed, 26 May 2021 09:51:26 GMT
server: cloudflare
etag: "60ae1a1e-176e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86001aba4a56-FRA
x-amz-cf-id: hb6n15gWcjBom1AKv4m7ctTxDxQmOBMQAZJ4fMAQvPRHRqEGy2YqnQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady-default-v4.jpg
alqiyady.awicdn.com/site-images/sites/default/files/ 2 KB
3 KB 23ms
20ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-default-v4.jpg?preset=v3.0_320X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47009634017a08b5b3f6897bd93f8984db1dc935551870d09f62f0d461de9dd2

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 242186
cf-polished: qual=85, origFmt=jpeg, origSize=13154
x-cache: Hit from cloudfront
content-disposition: inline; filename="alqiyady-default-v4.webp"
content-length: 2524
last-modified: Thu, 24 Jun 2021 10:26:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001abc4a56-FRA
x-amz-cf-id: DDK3rWhMwDe6njKDmqK1JDqswxyjmP69z-L-WELc2kebU6Tb3h86_A==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady-default-v4.jpg
alqiyady.awicdn.com/site-images/sites/default/files/ 4 KB
4 KB 15ms
13ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-default-v4.jpg?preset=v3.0_570X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e3e87f22e47461e52388ee1aeab92e22f4251b9acd2dfd45f3f3c3a6ab61dc

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 352630
cf-polished: qual=85, origFmt=jpeg, origSize=24604
x-cache: Hit from cloudfront
content-disposition: inline; filename="alqiyady-default-v4.webp"
content-length: 3692
last-modified: Thu, 24 Jun 2021 10:26:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d86001abd4a56-FRA
x-amz-cf-id: Z1bnvrZSRu8-llSY8E4Y_QQ3mxiizxoS92s_JPH3lTziuLC2rtOUQg==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady-default-v4.jpg
alqiyady.awicdn.com/site-images/sites/default/files/ 2 KB
3 KB 19ms
17ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-default-v4.jpg?preset=v3.0_300X300&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a46bdee9c1e96477b4f960e6c3bfb88feabdbceba681ba344f8a5983b231f58c

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 352630
cf-polished: qual=85, origFmt=jpeg, origSize=12513
x-cache: Hit from cloudfront
content-disposition: inline; filename="alqiyady-default-v4.webp"
content-length: 2510
last-modified: Thu, 24 Jun 2021 10:21:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: HIT
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86001abf4a56-FRA
x-amz-cf-id: IjnA8eDAEdBd9rUlDjd-rW8pjwRKeTfocJqAD43Kwnc7LuV6ONExXA==
cf-bgj: imgq:85,h2pri

GET
H2 200 btn_youtube.gif
alqiyady.awicdn.com/public/alqiyady/responsive/images/ 2 KB
2 KB 20ms
18ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/alqiyady/responsive/images/btn_youtube.gif?v3

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49885008f45d7b8cf80d58cd3aa6b35860c538b3c65b029b104888440842fd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 242186
cf-polished: origFmt=gif, origSize=3266
x-cache: Hit from cloudfront
content-disposition: inline; filename="btn_youtube.webp"
vary: Accept
content-length: 1620
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jun 2021 10:15:22 GMT
server: cloudflare
etag: "60c1e63a-cc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d86001ac04a56-FRA
x-amz-cf-id: -MAigX9QGZx9gSkIslHJ0H3Ogb4EUHdY769B-pV6xgAAFiHudBhGoA==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady-default-v4.jpg
alqiyady.awicdn.com/site-images/sites/default/files/ 2 KB
3 KB 21ms
19ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-default-v4.jpg?preset=v3.0_320X180&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 782fe32d0247d709fac11aa3e88764b447b5a38e0e5c5c03e3660f3bdec0854b

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 766551
cf-polished: qual=85, origFmt=jpeg, origSize=13060
x-cache: Hit from cloudfront
content-disposition: inline; filename="alqiyady-default-v4.webp"
content-length: 2430
last-modified: Thu, 24 Jun 2021 10:26:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86001ac34a56-FRA
x-amz-cf-id: XYwgBOTrsESfUO6fd0NkIFVZu-MbdsG7NB9pzeKB9YpfyO7H_LdTBA==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady-default-v4.jpg
alqiyady.awicdn.com/site-images/sites/default/files/ 4 KB
4 KB 23ms
21ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-default-v4.jpg?preset=v3.0_672X378&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c2b4cb80531f9c2803960e18674e329178f7e22d5233b1a17615d24795e846

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3272090
cf-polished: qual=85, origFmt=jpeg, origSize=29600
x-cache: Hit from cloudfront
content-disposition: inline; filename="alqiyady-default-v4.webp"
content-length: 4118
last-modified: Thu, 24 Jun 2021 10:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: HIT
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001ac44a56-FRA
x-amz-cf-id: zqf_7LPXHzXiaDTUleMOGw0wriiyZrWr5QlRTzVQ9FWwibDHz2LXRg==
cf-bgj: imgq:85,h2pri

GET
H2 200 bootstrap.min.js Show response
alqiyady.awicdn.com/public/theme/js/ 27 KB
7 KB 12ms
12ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/bootstrap.min.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee3d469a7c3e04ef0a39326b7661df9561a3a8ed795fc3e56fd6db88c7c856f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
x-cache: Hit from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fd3330-6b8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d85ffea604a56-FRA
x-amz-cf-id: I61GMmUkYopjzq3TAVBjCQKcLGt4AcBAf2Uo0JJNXg13q6MtLn1blg==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 layalina_slidemenu.js Show response
alqiyady.awicdn.com/public/theme/js/ 982 B
612 B 13ms
13ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/layalina_slidemenu.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e040f196c2746f638e0713abe161ea3b1b08125b144107add76e55b6d722423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=1784
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-6f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d85ffea664a56-FRA
x-amz-cf-id: CLZw2hsRMlg-r37r8R4Qva2CyalhVrBTTvA-mh5vZgmcLZKpG_ZynQ==
cf-bgj: minify

GET
H2 200 jquery.mobile.custom.min.js Show response
alqiyady.awicdn.com/public/theme/js/ 6 KB
3 KB 22ms
19ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/jquery.mobile.custom.min.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c07afe1084e4cefd0ce08b24ac43673be23f80d5e68e915413b52318d72505a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
x-cache: Hit from cloudfront
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Jul 2021 09:47:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60fd3330-1831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d86001aad4a56-FRA
x-amz-cf-id: F7WyzJCHe_XrXtxUpCQDtAxrpiQtZhKAx6zVQvoxULKydxL3OOFYeA==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 fixto.js Show response
alqiyady.awicdn.com/public/theme/js/ 12 KB
4 KB 16ms
13ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/fixto.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65f0cd6fe7ec10b8da06387aaf6f9c1943664d796265e9e064a7e6b44f7d5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=25386
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-632a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d86001ab14a56-FRA
x-amz-cf-id: KlEj-abKRnYs_mVR7keoonmX_AP5YOdgFzjT8E0JGBmYo5e5Pw5DHA==
cf-bgj: minify

GET
H2 200 common.js Show response
alqiyady.awicdn.com/public/theme/js/ 23 KB
6 KB 23ms
20ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/common.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38797c5b5146e79eea4dcf37de1adf08c5bfb655c75a83304ee806b21212e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=43095
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-a857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d86001ab24a56-FRA
x-amz-cf-id: oZoYUJ7bLMv-biZ73S_rAQRKXoY_m51QEz_FM_c8fjk5cZ2tyMEZwg==
cf-bgj: minify

GET
H2 200 jquery_cookie.js Show response
alqiyady.awicdn.com/public/theme/js/ 2 KB
1 KB 15ms
12ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/jquery_cookie.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=3121
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
cf-ray: 677d86001ab34a56-FRA
x-amz-cf-id: 0d0VkFxDxNr94YTdxrxTWOFwP3mPxmFOiXmaFk9TRma8o6zupWiLQg==
cf-bgj: minify

GET
H2 200 auto-complete.js Show response
alqiyady.awicdn.com/public/theme/js/v2/ 3 KB
1 KB 17ms
14ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/v2/auto-complete.js?v=111263402868

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e78af992126112b4cd094166ade15dbdd1be8cefba2d953580d90007a594f0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345688
cf-polished: origSize=8009
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 07:51:26 GMT
server: cloudflare
etag: W/"61010c7e-1f49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d86001ab54a56-FRA
x-amz-cf-id: ApYXwn6wRWX6cptcE0PWEQh81pYDUBavyiAqKA_hMj_zPSyq60jlJw==
cf-bgj: minify

GET
H2 200 adsjs.js Show response
ads.7awi.com/01adtech/livejs/ 1 KB
1 KB 94ms
68ms Script
application/javascript 2606:4700:3031::6815:49c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.7awi.com/01adtech/livejs/adsjs.js?v=83061627803788
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:49c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0218c9b2ac7db5dd766489504be57a67efe3bf633f053f6168ce018d10dc0d

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 Jun 2020 10:51:24 GMT
server: cloudflare
etag: W/"5ed4ddac-568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu5DuI8kWNH5WxTAzqsWHdaGMLl1sywm3nzp6I3H4yK%2FY63fWtBJ3Y3b0JlsGNaUdZBDXpc9o%2BR4MjS4hIXxdofYOEesIcW8KrKpBcFc2uVxEq1jtqs9Kdj%2Fe2Uc6ckvneuRPCBtTJqBHeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 677d860039b6d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 copywrites.js Show response
alqiyady.awicdn.com/public/theme/js/ 9 KB
4 KB 21ms
18ms Script
application/javascript 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/js/copywrites.js?v=2

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a3575f1225f8bdcbe686c52207c9a2e7adea55de38f37f89d51fc6ced29787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8642162
cf-polished: origSize=9687
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Dec 2020 09:40:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fd7331a-25d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
cf-ray: 677d86001ab64a56-FRA
cf-bgj: minify

GET
H2 200 trace Show response
www.alqiyady.com/cdn-cgi/ 278 B
389 B 55ms
54ms XHR
text/plain 104.17.4.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alqiyady.com/cdn-cgi/trace

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/js/jquery.min.js?v=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.4.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f8c60b9d5d8785255a8006fe98b90cdca9886e00d62fbfd29a0e2089f383cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/trace
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.alqiyady.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.alqiyady.com/
:method: GET
Accept: */*
Referer: https://www.alqiyady.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 677d86003d0dd901-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2707
date: Sun, 01 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 01 Aug 2021 09:13:41 GMT

GET
H2 200 icon_plus.png
alqiyady.awicdn.com/public/theme/images/ 54 B
333 B 17ms
17ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/icon_plus.png

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/slidemenu.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ecbcc65685831645aaab6e09a8ef222b6b3bc6f0cbff794469e79a8fd3adce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/slidemenu.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 295051
cf-polished: origFmt=png, origSize=98
x-cache: Hit from cloudfront
content-disposition: inline; filename="icon_plus.webp"
vary: Accept
content-length: 54
x-xss-protection: 1; mode=block
last-modified: Sat, 08 May 2021 07:13:42 GMT
server: cloudflare
etag: "60963a26-62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001ac54a56-FRA
x-amz-cf-id: nDANmjyNhHA5i171CGd7PBMofBgkpMlfV-NKxhiFusLB5ta9_J2pAQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 icon_newShare2.png
alqiyady.awicdn.com/public/theme/images/ 13 KB
13 KB 15ms
15ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/icon_newShare2.png?1

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/header.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5cde678aac6f9d31fc24ccc04ba676198303668bdab48b90f504ff68e9897f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/header.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 398408
cf-polished: origFmt=png, origSize=42956
x-cache: Hit from cloudfront
content-disposition: inline; filename="icon_newShare2.webp"
vary: Accept
content-length: 13510
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Jul 2021 11:05:02 GMT
server: cloudflare
etag: "60ec21de-a7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001ac94a56-FRA
x-amz-cf-id: FMo8SlLGTa-aYw9hUOVIB6N5BSAVN94HDXjBpgrKbFbGoppVuh3SKQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 logo_FooterMenuLayalina.png
alqiyady.awicdn.com/public/theme/images/ 1 KB
2 KB 15ms
15ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/logo_FooterMenuLayalina.png?v=seo-1

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/slidemenu.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1cdd9098b3492642a80bddbe4a5b637c5b5fe85a41cf0881833a1b80b603e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/slidemenu.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 905195
cf-polished: origFmt=png, origSize=2796
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo_FooterMenuLayalina.webp"
vary: Accept
content-length: 1246
x-xss-protection: 1; mode=block
last-modified: Thu, 20 May 2021 10:25:26 GMT
server: cloudflare
etag: "60a63916-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86001acf4a56-FRA
x-amz-cf-id: Wa_znz4bES8V8QlH8YxNwPIr7pCTjew0uUTflnE6B83oLPoJ9CRtlw==
cf-bgj: imgq:85,h2pri

GET
H2 200 JannaLT-Regular.woff
alqiyady.awicdn.com/public/theme/fonts/janna/regular/ 60 KB
60 KB 38ms
22ms Font
application/font-woff 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/janna/regular/JannaLT-Regular.woff

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/fonts/janna/janna.css?v=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b45bfe1abba7ba2a877e168adaeed3b8a8d94ade6b7bbfdbdfaaed87072f2df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.alqiyady.com
Referer: https://alqiyady.awicdn.com/public/theme/fonts/janna/janna.css?v=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8635682
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Apr 2020 17:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e8a154a-eef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d86003f144ec1-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 JannaLT-Bold.woff
alqiyady.awicdn.com/public/theme/fonts/janna/bold/ 56 KB
56 KB 30ms
15ms Font
application/font-woff 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/janna/bold/JannaLT-Bold.woff

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/fonts/janna/janna.css?v=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b82f08883d2d825282cf2fcea4d7828446ddee9737872fbb269e47a0c4b0326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.alqiyady.com
Referer: https://alqiyady.awicdn.com/public/theme/fonts/janna/janna.css?v=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8635682
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Apr 2020 17:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e8a154a-dec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d86003f184ec1-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 fa-solid-900.woff2
alqiyady.awicdn.com/public/theme/fonts/awesome_version5/ 74 KB
75 KB 36ms
21ms Font
application/font-woff 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/fa-solid-900.woff2

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/awesome_v5.min.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.alqiyady.com
Referer: https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/awesome_v5.min.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8641324
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Apr 2020 17:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e8a154a-12958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d86003f1a4ec1-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 fa-brands-400.woff2
alqiyady.awicdn.com/public/theme/fonts/awesome_version5/ 75 KB
75 KB 37ms
22ms Font
application/font-woff 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/fa-brands-400.woff2

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/awesome_v5.min.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.alqiyady.com
Referer: https://alqiyady.awicdn.com/public/theme/fonts/awesome_version5/awesome_v5.min.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8635682
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Apr 2020 17:28:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e8a154a-12b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400000
cf-ray: 677d86003f174ec1-FRA
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 6956a2aae6a5a08edff8bb97cc28f19b435e3fac-100121075831.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/c/b/387668/ 94 KB
94 KB 136ms
135ms Image
image/jpeg 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/c/b/387668/6956a2aae6a5a08edff8bb97cc28f19b435e3fac-100121075831.jpg?preset=v3.0_320X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4a67fd99d187d513015f122d3c713e7f7f1c4f98c39b4bce21dcb8a0e9b7ba

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 96338
last-modified: Sun, 01 Aug 2021 07:58:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=86400000
accept-ranges: bytes
cf-ray: 677d86008bb14a56-FRA
x-amz-cf-id: sdp2FthmAqQGSIWg5iOZaPocXT_cEPJWIbbkINVD7W8tj8-YrO4nPg==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 586ff670e03e0dfa025c2db7ffe1e7b61ddb9304-010821061902.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/f/e/414101/ 78 KB
78 KB 133ms
131ms Image
image/jpeg 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/f/e/414101/586ff670e03e0dfa025c2db7ffe1e7b61ddb9304-010821061902.jpg?preset=v3.0_320X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02d5cc43bf0238777649ffd251fb059f0158fd8aa1f87ad3b5e84e18a63bcba

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 79743
last-modified: Sun, 01 Aug 2021 07:58:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=86400000
accept-ranges: bytes
cf-ray: 677d86008bb34a56-FRA
x-amz-cf-id: SWdw3sNq8fExy9VLLGUd2oQVEEncRAa_ewZcG9eStdM9RzanmUAUyg==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 c5a09b99f188285d03ba57e1b56619a52a7eb4f8-010821061652.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/3/5/414001/ 71 KB
71 KB 127ms
126ms Image
image/jpeg 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/3/5/414001/c5a09b99f188285d03ba57e1b56619a52a7eb4f8-010821061652.jpg?preset=v3.0_320X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9f63df4960524ba8b54a8452386347d4d1bf2f313bcdd02936b0b1a43b4d94

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 72878
last-modified: Sun, 01 Aug 2021 07:58:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-fastcgi-cache: MISS
cache-control: public, max-age=86400000
accept-ranges: bytes
cf-ray: 677d86008bb44a56-FRA
x-amz-cf-id: rDsWLVdbHZbN1bazX_S26P1PiFhSA6cRsFC16GicbduVDzRcdus_kw==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 cf0ddf01400188c4ad5b13f97c54ab44bad72c01-270721070538.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/7/a/413698/ 18 KB
19 KB 17ms
16ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/7/a/413698/cf0ddf01400188c4ad5b13f97c54ab44bad72c01-270721070538.jpg?preset=v3.0_320X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c6ca1830769e27053e688d4fd11a0e616c58cd62f81b05a96c582bd26869cc

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 431384
cf-polished: qual=85, origFmt=jpeg, origSize=75160
x-cache: Hit from cloudfront
content-disposition: inline; filename="cf0ddf01400188c4ad5b13f97c54ab44bad72c01-270721070538.webp"
content-length: 18918
last-modified: Tue, 27 Jul 2021 07:49:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d86009bb54a56-FRA
x-amz-cf-id: JoxPp7CGe1V7nBXZtRz894ktjrXW-4jSiiW1a6SkCa03vmkerpnEOA==
cf-bgj: imgq:85,h2pri

GET
H2 200 b968b6de79d05cbbefffb41745a1a3b6d00eb7cc-310721210359.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/5/c/414629/ 22 KB
23 KB 15ms
14ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/5/c/414629/b968b6de79d05cbbefffb41745a1a3b6d00eb7cc-310721210359.jpg?preset=v3.0_570X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3503d912ed1fb8a6e3d97956bfc3f8affc61857896320bd8f749c9f6040c77ed

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6937
cf-polished: qual=85, origFmt=jpeg, origSize=121494
x-cache: Hit from cloudfront
content-disposition: inline; filename="b968b6de79d05cbbefffb41745a1a3b6d00eb7cc-310721210359.webp"
content-length: 23030
last-modified: Sun, 01 Aug 2021 05:43:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d86009bb64a56-FRA
x-amz-cf-id: aBZiUqCcu4c00v4tcme5ZyezOjB_dk0BzPpPiBInZ52EtwqRScjESA==
cf-bgj: imgq:85,h2pri

GET
H2 200 alqiyady.png
www.alqiyady.com/public/theme/images/logos/ 822 B
1 KB 64ms
63ms Image
image/webp 104.17.4.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alqiyady.com/public/theme/images/logos/alqiyady.png

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.4.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce112452d8702100e468c3aae131d4da15e82d6b07023542e9d7675b5b6cf87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /public/theme/images/logos/alqiyady.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.alqiyady.com
referer: https://www.alqiyady.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4969
cf-polished: origFmt=png, origSize=2535
x-cache: Miss from cloudfront
content-disposition: inline; filename="alqiyady.webp"
vary: Accept
content-length: 822
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jul 2021 13:23:28 GMT
server: cloudflare
etag: "61015a50-9e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 677d86010db0d901-AMS
x-amz-cf-id: m2CvQjOzSxRZ7XjreD6U0O-CSQSgmI9weCkpinq4sXCh8HeY6q4lvg==
cf-bgj: imgq:85,h2pri

GET
H2 200 icon_all.png
alqiyady.awicdn.com/public/theme/images/ 2 KB
2 KB 11ms
11ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/icon_all.png?v=3

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/common.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e2ae16d8190a1bd9f692ad1d927ad37ed6fc997dc704c59568c3fa33504268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/common.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431378
cf-polished: origFmt=png, origSize=3841
x-cache: Hit from cloudfront
content-disposition: inline; filename="icon_all.webp"
vary: Accept
content-length: 1596
x-xss-protection: 1; mode=block
last-modified: Thu, 20 May 2021 10:25:26 GMT
server: cloudflare
etag: "60a63916-f01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d8600dc3d4a56-FRA
x-amz-cf-id: wQ-C204nwJJcZ11Q_GSNn0Du6o5-GTHfXVGEwNBsQfGGfCv5ffvYtA==
cf-bgj: imgq:85,h2pri

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2119980935&t=pageview&_s=1&dl=https%3A%2F%2Fwww.alqiyady.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%82%D9%8A%D8%A7%D8%AF%D9%8A%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D8%AC%D9%84%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%7C%20%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%20%D9%88%D8%A3%D8%B9%D9%85%D8%A7%D9%84%20%D9%88%D8%A3%D8%B2%D9%8A%D8%A7%D8%A1%20%D8%B1%D8%AC%D8%A7%D9%84%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1019308079&gjid=1121515776&cid=1687981899.1627804728&tid=UA-51678934-1&_gid=1501549885.1627804728&_r=1&_slc=1&z=1826357862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 532.json Show response
id5-sync.com/g/v1/ 131 B
445 B 201ms
53ms XHR
text/json 51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/532.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: adxbid.info
URL: https://adxbid.info/alqiyady.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

823833db81b7be86df3ebc3a0b87c237307b60a7b9914f9cd2a70aa5ee6cc415

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.alqiyady.com
Date: Sun, 01 Aug 2021 07:58:47 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8

GET
H2 200 footer_new_logos.png
alqiyady.awicdn.com/public/theme/images/ 14 KB
14 KB 11ms
10ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/footer_new_logos.png?v=28

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ca7e46361e5aaa2e023977ec29b61c0748bb6c6a8ce91f9297a941fc063ff15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 390522
cf-polished: origFmt=png, origSize=30265
x-cache: Hit from cloudfront
content-disposition: inline; filename="footer_new_logos.webp"
vary: Accept
content-length: 14326
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Jun 2021 12:36:32 GMT
server: cloudflare
etag: "60c0b5d0-7639"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86013cf94a56-FRA
x-amz-cf-id: tONrcEdAJO2BPD6ttYeDUVFbs2N-fUiFDotsI_3QTu79z3OXQdMTkQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 icon_newShare.png
alqiyady.awicdn.com/public/theme/images/ 2 KB
2 KB 13ms
13ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/icon_newShare.png?v=18

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09f5249462bb244befda516797646188a29e4e7188a84597738be5686ae6222e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 295898
cf-polished: origFmt=png, origSize=2934
x-cache: Hit from cloudfront
content-disposition: inline; filename="icon_newShare.webp"
vary: Accept
content-length: 2178
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Jul 2021 11:05:02 GMT
server: cloudflare
etag: "60ec21de-b76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86013d014a56-FRA
x-amz-cf-id: ajbFafR_nhpd-TELTyhwILuPdLt25bcKYin61SaC5ssiUdYZlMXb8A==
cf-bgj: imgq:85,h2pri

GET
H2 200 icon_newShare2.png
alqiyady.awicdn.com/public/theme/images/ 13 KB
13 KB 13ms
12ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/theme/images/icon_newShare2.png?v=18

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5cde678aac6f9d31fc24ccc04ba676198303668bdab48b90f504ff68e9897f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alqiyady.awicdn.com/public/theme/css/footer.css?v=111263402868
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1430515
cf-polished: origFmt=png, origSize=42956
x-cache: Hit from cloudfront
content-disposition: inline; filename="icon_newShare2.webp"
vary: Accept
content-length: 13510
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 11:24:56 GMT
server: cloudflare
etag: "60ed7808-a7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 677d86013d024a56-FRA
x-amz-cf-id: 8MJGCVTMMESvY0Wt3Plc7h2GSkGtUhvTFjZJyCbTOf2w4AUGOGXPkw==
cf-bgj: imgq:85,h2pri

GET
H2 200 hotjar-516204.js Show response
static.hotjar.com/c/ 4 KB
2 KB 171ms
62ms Script
application/javascript 13.224.96.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-516204.js?sv=6

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-116.zrh50.r.cloudfront.net

Software

Resource Hash

10b94bca27e80fff2b76764bb45e89a3fd32886375daf982a777adfba826dedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 17
etag: W/4b046fa11633e7bf4614cd157c02e9b8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
content-length: 1912
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-id: Z5BM_MVc20lLFMofCvopzcxK_UrixgPh_fwaij7hFZaWibzAfGpXlw==

GET
H2 200 website_mediaRWD.css
alqiyady.awicdn.com/public/theme/css/ 28 KB
6 KB 13ms
13ms Stylesheet
text/css 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://alqiyady.awicdn.com/public/theme/css/website_mediaRWD.css?v=600

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccf49e2daa20f6f9119fea34df0abb66e0f870b6563008037c8a16ce16bb35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3257095
cf-polished: origSize=35698
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Jun 2021 14:52:32 GMT
server: cloudflare
etag: W/"60d49c30-8b72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
cf-ray: 677d86015d384a56-FRA
x-amz-cf-id: x4OagoR7-OhiRP8e1FWD8HCthBZ1Mh3gsbOTATVB4kdTyMVZLmhz3A==
cf-bgj: minify

GET
H2 200 AGSKWxWdw1nIwmn3en95ThdWqa4RAD1Ne1JKQ5-e7soALsLObA3o7DWLIoRB9HTo_90twdgL8R609WeXne96FPmbn2I= Show response
fundingchoicesmessages.google.com/f/ 90 KB
34 KB 61ms
41ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWdw1nIwmn3en95ThdWqa4RAD1Ne1JKQ5-e7soALsLObA3o7DWLIoRB9HTo_90twdgL8R609WeXne96FPmbn2I=

Requested by

Host: alqiyady.awicdn.com
URL: https://alqiyady.awicdn.com/public/theme/js/copywrites.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

346c72627c42682dccda2557d4fbf01e989e1534e74abdce2024d33004ff8698

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NiNhgw9Uclx4o8nv1vvFdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NiNhgw9Uclx4o8nv1vvFdg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-NiNhgw9Uclx4o8nv1vvFdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NiNhgw9Uclx4o8nv1vvFdg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-51678934-1&cid=1687981899.1627804728&jid=1019308079&gjid=1121515776&_gid=1501549885.1627804728&_u=IEBAAAAAAAAAAC~&z=1027160454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 01 Aug 2021 07:58:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=2119980935&t=event&_s=2&dl=https%3A%2F%2Fwww.alqiyady.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%82%D9%8A%D8%A7%D8%AF%D9%8A%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D8%AC%D9%84%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%7C%20%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%20%D9%88%D8%A3%D8%B9%D9%85%D8%A7%D9%84%20%D9%88%D8%A3%D8%B2%D9%8A%D8%A7%D8%A1%20%D8%B1%D8%AC%D8%A7%D9%84%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=General%20Actions&ea=AdBlocker&el=0&_u=KEBAAAABAAAAAC~&jid=&gjid=&cid=1687981899.1627804728&tid=UA-51678934-1&_gid=1501549885.1627804728&z=861259327

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 06:50:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4104
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
www.alqiyady.com/editorial_calendar/editorial-calendar-logo/
Redirect Chain

https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo
https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo/

2 B
165 B

75ms
74ms

XHR
text/html

104.17.4.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo/
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.4.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.1687981899.1627804728; _gid=GA1.2.1501549885.1627804728; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1627804728630]]
:path: /editorial_calendar/editorial-calendar-logo/
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.alqiyady.com
referer: https://www.alqiyady.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4372
x-cache: Hit from cloudfront
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-fastcgi-cache: MISS
cache-control: public, max-age=7200
x-amz-cf-pop: AMS1-C1
cf-ray: 677d86023e91d901-AMS
x-amz-cf-id: auj7NNk6i9GGc_nqpht_fsjQ4GhBd9Aw89z2cnQ0HlngbtAU6R5GHA==
expires: Sun, 01 Aug 2021 09:58:48 GMT

Redirect headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4373
x-cache: Hit from cloudfront
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.alqiyady.com/editorial_calendar/editorial-calendar-logo/
cache-control: public, max-age=7200
x-fastcgi-cache: MISS
x-amz-cf-pop: AMS1-C1
cf-ray: 677d86019e2dd901-AMS
x-amz-cf-id: a07mvW6TsU9b2gfmniib3iCg19pmbeSuuMR57gRJQSjTdVM-pXtRjw==
expires: Sun, 01 Aug 2021 09:58:48 GMT

GET
H3-29 200 pubads_impl_2021072701.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
111 KB 105ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113834
x-xss-protection: 0
expires: Sun, 01 Aug 2021 07:58:48 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 181 B
145 B 99ms
51ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.alqiyady.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b0a2ce7e21b7b458a8b2aeb5ff48f1abc61d258be14c0e44ecefc160d957e263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
expires: Sun, 01 Aug 2021 07:58:48 GMT

POST
H3-29 204 AGSKWxXl1l3B8kS3CTCEIwOGX3jNB8i5BWMfaKav6HMvQ2wbNw0hRZBIvBt9sYZQluGz-xyPbgm6oJitMVV2doN4fK4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 36ms
23ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXl1l3B8kS3CTCEIwOGX3jNB8i5BWMfaKav6HMvQ2wbNw0hRZBIvBt9sYZQluGz-xyPbgm6oJitMVV2doN4fK4=?pvid=EE7F622C-120E-405A-8AE1-DCBAC6222837&anonid=857E87D8-2CBB-40CF-A3C3-BCB38400D512

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.Cck5FAeYn9Q.es5.O/d=1/rs=AJlcJMxy7U9RM8QH93oOjcm2asKiLur-Gg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j0lQa9AE8MEUwYzY1pwcUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j0lQa9AE8MEUwYzY1pwcUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-j0lQa9AE8MEUwYzY1pwcUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j0lQa9AE8MEUwYzY1pwcUA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxWZccPEl3G8CZ4-7M_xoVn7JCZBX8bN2sBXZRfPFXcCyqBhzhvFTv3TS_VfmmHswW72exfF5pfme-X9mKErmIs= Show response
fundingchoicesmessages.google.com/f/ 276 KB
64 KB 67ms
53ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZccPEl3G8CZ4-7M_xoVn7JCZBX8bN2sBXZRfPFXcCyqBhzhvFTv3TS_VfmmHswW72exfF5pfme-X9mKErmIs=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI3ODA0NzI4LDY0NzAwMDAwMF0sIkVFN0Y2MjJDLTEyMEUtNDA1QS04QUUxLURDQkFDNjIyMjgzNyIsIjg1N0U4N0Q4LTJDQkItNDBDRi1BM0MzLUJDQjM4NDAwRDUxMiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5hbHFpeWFkeS5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.Cck5FAeYn9Q.es5.O/d=1/rs=AJlcJMxy7U9RM8QH93oOjcm2asKiLur-Gg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efea7b2837c7c686608b75857126ac8c6c9442f40fc987a1aa981cf84d22eab4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1se8mpdfDjXgLAqgEc1LDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1se8mpdfDjXgLAqgEc1LDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-1se8mpdfDjXgLAqgEc1LDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1se8mpdfDjXgLAqgEc1LDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6826e3661c11495ebcad05355acd06f57f8ad7ed-310721191015.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/d/7/414616/ 11 KB
11 KB 13ms
12ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/d/7/414616/6826e3661c11495ebcad05355acd06f57f8ad7ed-310721191015.jpg?preset=v3.0_570X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789e0113622460e9a2b2018df16ecdc368c3c8d23ab385a02e111498413fbc00

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 9947
cf-polished: qual=85, origFmt=jpeg, origSize=70693
x-cache: Miss from cloudfront
content-disposition: inline; filename="6826e3661c11495ebcad05355acd06f57f8ad7ed-310721191015.webp"
cf-bgj: imgq:85,h2pri
content-length: 10914
last-modified: Sun, 01 Aug 2021 05:13:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 677d86022efc4a56-FRA
x-amz-cf-id: dG170CtBwTOY7XiepfGd-0vqcsuebGS4YX0ENPXe1R3ZhpBSJF2ekA==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 adebb10181d6d33d15e9076a0b711a5a5d183efa-310721164928.jpg
alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/0/e/414601/ 25 KB
25 KB 13ms
13ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alqiyady.awicdn.com/site-images/sites/default/files/alqiyady-prod/article/0/e/414601/adebb10181d6d33d15e9076a0b711a5a5d183efa-310721164928.jpg?preset=v3.0_570X320&save-png=1&rnd=1519151RND220215&f=2
Requested by: Host: www.alqiyady.com
URL: https://www.alqiyady.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fddd7ba3fe6496ac760349c3ce35d3a329d70615f6ec5542f07ea1ea13bac51

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 50996
cf-polished: qual=85, origFmt=jpeg, origSize=124884
x-cache: Miss from cloudfront
content-disposition: inline; filename="adebb10181d6d33d15e9076a0b711a5a5d183efa-310721164928.webp"
cf-bgj: imgq:85,h2pri
content-length: 25454
last-modified: Sat, 31 Jul 2021 17:48:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-fastcgi-cache: MISS
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86022efd4a56-FRA
x-amz-cf-id: eGtlCWA-HmhJl2DXnTjtF4A170ezCqdk_N0xKOquGyUl4oxu8QfmQg==
expires: Sat, 27 Apr 2024 07:58:48 GMT

GET
H2 200 modules.2ec2062e86adda67b2fe.js Show response
script.hotjar.com/ 220 KB
59 KB 164ms
60ms Script
application/javascript 13.224.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2ec2062e86adda67b2fe.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-516204.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-67.zrh50.r.cloudfront.net

Software

Resource Hash

6eec74058c22935ebfb7011dec4c87e2357f3ffa24d0811d1ad8a4b34c5f7075

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59453
access-control-allow-origin: *
last-modified: Fri, 30 Jul 2021 13:08:14 GMT
etag: "3d64a2924dd12d7253b5c81c121bdd25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vwH_8xfNMcs9SGZHJZkeiXmvhlMNuiGJQHI319VrkraZ1iOzus6dGw==

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 214ms
100ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.alqiyady.com
date: Sun, 01 Aug 2021 07:58:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 271ms
132ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=57&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=2a1b8029-0438-4ab4-8f79-4c125e346a69&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.18785928249596684
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d0dc400e77f455fd5c9580020cbcb0b667e190a4e0a09dd056c1cb054b58ff89

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 233ms
95ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=2&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=21f993cb-a9e9-477d-9d14-7959d92e136b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2571037898563544
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 21e68cef3bbcd960aaed2c5bc07015ba195b33b3814980e3b20e1f926c471e9f

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 276ms
134ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=10&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=e1575115-cdf8-4ae1-8a4f-0b17ccd7a84f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2671642553229854
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f33adc64fef9e2f52ef0b2a5596c8812c514ad9cc2e0ea70480884271e242d07

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 269ms
128ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=10&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=74e2ed61-e196-4455-8fce-aa4e7c94d7df&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4424340077497788
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7d82b0c598760a2f7b526fed185554f81afb26a7195981836311995763f8a897

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 269ms
128ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=57&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=b9a487d5-5840-4b78-94fc-f37e485e5df6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.694597425387677
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 12f31c2dbcca4bb1b726de4eba565776923f1dab7918c0fdb7a71a888513cfe2

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 249ms
106ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=15&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=b9294cec-42d3-4a16-8c64-ff8fc8db1489&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8276888222634655
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 43f9140d500abe2bdbf7fd958766f2d4961f5fcce14f44c387f2b0fd05eb1113

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 367ms
134ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=10&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=3e09d168-c3b3-47bc-b5b5-12295d17775d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7966483429833979
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 29bb5d7dc354e0a6c533b7153891ea5751bf48633d019a0370e8e73295ff9f96

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:49 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 353ms
104ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=15&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=eaad7f11-ae9e-461d-ad45-450800972c60&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26629416468786316
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6015383b23f037f587a269b1add544cd014dd0d8999d0654b08b864602a50495

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:49 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 502ms
232ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=10&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=184f4bb0-a287-4401-88bb-692c06a6ae9a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5317536629658697
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 393bcbb3d436d3814557cdf5e1e0e60238c919bbdba16532563e1cf7b294614e

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:49 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 394ms
124ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15624&site_id=102630&zone_id=1881348&size_id=57&gdpr=0&rp_schain=1.0,1!alqiyady.com,1994425,1,,,&rf=https%3A%2F%2Fwww.alqiyady.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=ef8188f9-9dd5-4e14-93d1-f8975fcb9050&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2880073216227259
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e72019a3a20091990cf62838570e3359c428ef36e22e974a7cbaf504f0333726

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:49 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 183ms
61ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.19.0-pre&cb=10083077489
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.alqiyady.com
date: Sun, 01 Aug 2021 07:58:48 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 auction Show response
rtb.adxpremium.services/openrtb2/ 325 B
885 B 261ms
247ms XHR
application/json 2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70cd4d5f64f93f513be5dd24649b0b81ff5eb38fee3f9be4d73640fbac680b9

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 01 Aug 2021 07:58:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8PsXG4q8EOudlQzQDYh4VmibySgqyRtoi2HZmYn80idsvKn3gfGcs8gFJb%2BEaR7mW3iQNrL3BSgVCtRc4ImVmRuMUWBFEqU55OjsxflT34zNEKkQUv2EnEeb3Mcvs4HlhsMr6Tsbup87w2UIpzVKxaZZLqD7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 677d8602cc72073e-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 144ms
48ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adxbid.info
URL: https://adxbid.info/alqiyady.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

563690dd67f0c87304ee5c8b460b91c186233a569de60927128cb22354cfaa36

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 01 Aug 2021 07:58:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 235b4c20-a763-437b-b954-b7f0018a7bd3
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.alqiyady.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
633 B 217ms
76ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.19.0-pre
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d33fd6a0999791db7a5773a9ef33ca7e8b50614979b35b426bafddb140330d9d

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 01 Aug 2021 07:58:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.alqiyady.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 232ms
136ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1627804728755&src=pbjs
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.alqiyady.com
date: Sun, 01 Aug 2021 07:58:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 18 KB
8 KB 310ms
182ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=556925&v=7.2&r={%22id%22:%22786cec9e35de565%22,%22imp%22:[{%22id%22:%227902d320e41a9bc%22,%22ext%22:{%22siteID%22:%22556925%22,%22sid%22:%22970x250%22},%22banner%22:{%22w%22:970,%22h%22:250,%22topframe%22:1}},{%22id%22:%22803665b8b0b462f%22,%22ext%22:{%22siteID%22:%22558455%22,%22sid%22:%22728x90%22},%22banner%22:{%22w%22:728,%22h%22:90,%22topframe%22:1}},{%22id%22:%2281bf3dc91716962%22,%22ext%22:{%22siteID%22:%22558456%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}},{%22id%22:%228231403f703014a%22,%22ext%22:{%22siteID%22:%22558456%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}},{%22id%22:%2283c6fee29106a78%22,%22ext%22:{%22siteID%22:%22556925%22,%22sid%22:%22970x250%22},%22banner%22:{%22w%22:970,%22h%22:250,%22topframe%22:1}},{%22id%22:%2284ea75a03b960c6%22,%22ext%22:{%22siteID%22:%22558457%22,%22sid%22:%22300x250%22},%22banner%22:{%22w%22:300,%22h%22:250,%22topframe%22:1}},{%22id%22:%22850966804bdba93%22,%22ext%22:{%22siteID%22:%22558456%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}},{%22id%22:%228638f7adb7c9f89%22,%22ext%22:{%22siteID%22:%22558457%22,%22sid%22:%22300x250%22},%22banner%22:{%22w%22:300,%22h%22:250,%22topframe%22:1}},{%22id%22:%2287481766f30ca79%22,%22ext%22:{%22siteID%22:%22558456%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}},{%22id%22:%2288994879d35115e%22,%22ext%22:{%22siteID%22:%22556925%22,%22sid%22:%22970x250%22},%22banner%22:{%22w%22:970,%22h%22:250,%22topframe%22:1}}],%22site%22:{%22page%22:%22https://www.alqiyady.com/%22},%22ext%22:{%22source%22:%22prebid%22},%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22alqiyady.com%22,%22sid%22:%221994425%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:0}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}&ac=j&sd=1
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f1886216d453beffe70576b29169e165def561e069b84c070ec4c98ae16014f

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:49 GMT
Content-Encoding: gzip
X-AK-INITIAL-GEO: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.228], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.alqiyady.com
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7688
X-AK-CLIENT-GEO: 09
Expires: Sun, 01 Aug 2021 07:58:49 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 12B5 2 KB
1 KB 162ms
54ms Document
text/html 13.224.96.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-516204.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-22.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.alqiyady.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: xTwHtleWRxJCDN8ifkw06vMcS1mO6Hz2Lv68zmHGxH6FP_XPnK2veQ==
age: 1237338

GET
H2 200 css
fonts.googleapis.com/ 52 KB
3 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.FGBMPZMss7M.es5.O/d=1/rs=AJlcJMxJK_lnTljdD8LeqncuO9XcSLlFdw/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4af55929f3443233536ceca1937331e5fa4d7523ba189a90be4fb44b185d571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 01 Aug 2021 07:58:48 GMT
server: ESF
date: Sun, 01 Aug 2021 07:58:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 01 Aug 2021 07:58:48 GMT

POST
H3-29 204 AGSKWxXl1l3B8kS3CTCEIwOGX3jNB8i5BWMfaKav6HMvQ2wbNw0hRZBIvBt9sYZQluGz-xyPbgm6oJitMVV2doN4fK4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 20ms
20ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.Cck5FAeYn9Q.es5.O/d=1/rs=AJlcJMxy7U9RM8QH93oOjcm2asKiLur-Gg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KMt3TPednq5WonS8xN9ZnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KMt3TPednq5WonS8xN9ZnA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-KMt3TPednq5WonS8xN9ZnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KMt3TPednq5WonS8xN9ZnA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.alqiyady.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 455621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v94/ 103 KB
103 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v94/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85d5dd7053310674bc60753c4c55ed355353c63af9f6a7aa3aca2199acb6676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.alqiyady.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:49:21 GMT
x-content-type-options: nosniff
age: 479367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105120
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 18:20:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:49:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.alqiyady.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 467422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 22:08:26 GMT

POST
H3-29 204 AGSKWxW0I21DK7UFIlC5YZGALCS3kbye_551kYCcTHgEv4PyJtccxc8DxhboGiT3sMflGie61CaqEBh_wSBhP-pfuyzOuXAd5rwuM8WjUylKO8Ojt18BobpRBpp1-SVE-pVZuQ-HnvLEOmB0IpQ4NpZ-mMFlZP8pA1knBpw20gXkm516K3xhmpSia6BdMIgZ Show response
fundingchoicesmessages.google.com/el/ 0
27 B 22ms
21ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW0I21DK7UFIlC5YZGALCS3kbye_551kYCcTHgEv4PyJtccxc8DxhboGiT3sMflGie61CaqEBh_wSBhP-pfuyzOuXAd5rwuM8WjUylKO8Ojt18BobpRBpp1-SVE-pVZuQ-HnvLEOmB0IpQ4NpZ-mMFlZP8pA1knBpw20gXkm516K3xhmpSia6BdMIgZ?dmid=8fa84c12409c5e07

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qFWKCofqDh0n7XrNm4bDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qFWKCofqDh0n7XrNm4bDmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.alqiyady.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qFWKCofqDh0n7XrNm4bDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qFWKCofqDh0n7XrNm4bDmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_header.png
alqiyady.awicdn.com/public/alqiyady/responsive/images/ 3 KB
4 KB 27ms
27ms Image
image/webp 2606:4700::6812:18eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alqiyady.awicdn.com/public/alqiyady/responsive/images/logo_header.png?v=1234

Requested by

Host: www.alqiyady.com
URL: https://www.alqiyady.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9bf89233ac910bde8576a200636407127e5173292f689fa15c33155b8c7d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:48 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 294246
cf-polished: origFmt=png, origSize=9473
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo_header.webp"
vary: Accept
content-length: 3460
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jul 2021 11:16:48 GMT
server: cloudflare
etag: "60e6dea0-2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 07:58:48 GMT
cache-control: public, max-age=86400000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 677d86038a0e4a56-FRA
x-amz-cf-id: IrHHuMWyOhG_yM5dMpNmPMUVm1qk-Q0XODI5tklYlD7LLvD1InrlDw==
cf-bgj: imgq:85,h2pri

POST
H3-29 200 graphql Show response
s2.adxpremium.services/ 84 B
805 B 44ms
30ms XHR
application/json 2606:4700:3036::ac43:bf92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:bf92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 121d0316c9c4265e93c539269456b91603231c6a5fefb85a24d4a37262515083

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 01 Aug 2021 07:58:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: HEAD, GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOVrq%2FkzpMnL3MbflV1Pu5CWJfl4qJmX6Ni%2FcxKO0wFL4S80GB3Qms7QMzKz%2BjwE9VLGRNam1dk31wz0qfpYUVppjAToi%2Fxzl4OjQKBpnY1wWDGWXbDWsbJEs7ipSdPfIZmPbHPH6sCK200LrcP3YcVJVgAk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
cf-ray: 677d8612daec4dee-FRA
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 graphql
s2.adxpremium.services/ Frame 0
0 68ms
45ms Preflight 2606:4700:3036::ac43:bf92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adxpremium.services/graphql
Protocol: H2
Server: 2606:4700:3036::ac43:bf92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.alqiyady.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 01 Aug 2021 07:58:51 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEikzZbIk8XH3oOtwLEF3%2BmelCFtOX3WS5h6EWGEZBsvmME1X21E0eh1GgXieIjnV60lgNOOpEmsqfGXhkBjQ1FpImCL%2Bc49ZkAuAkAhQMUW%2B4uQTzNwgWBOpG6ysmR1Wy0%2Fdjs1B421HjrNchWfvgwrA76k"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677d86127f1c062d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 66ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Aug 2021 07:58:51 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 229F 291 B
590 B 44ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.alqiyady.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.alqiyady.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.alqiyady.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 361
date: Sun, 01 Aug 2021 07:58:51 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 65ms
33ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://www.alqiyady.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Aug 2021 07:58:51 GMT

GET
H2 200 load-cookie.html Show response
user-sync.adxpremium.services/ Frame 4FBF 8 KB
4 KB 22ms
17ms Document
text/html 2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method: GET
:authority: user-sync.adxpremium.services
:scheme: https
:path: /load-cookie.html?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.alqiyady.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

date: Sun, 01 Aug 2021 07:58:52 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Fri, 26 Feb 2021 09:17:16 GMT
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7HO6z%2FhD7njLHELvWFLPhhFrm3eI1PWTw8OYRgtYNQ3KP%2Fu2dM6CWaCSGgQLjHiLN9j8wIxqG5Emw2rsHy0PedxFs%2BHRh4qAG75QyBKY0mPZLyxileBzoCPbEgmz%2B70UguZ43Xtpz0vqukvqjyoVMHz%2ByIC%2FD%2FWBqKrvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677d8618cef3073e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame FE78 2 KB
1 KB 208ms
67ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.alqiyady.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 01 Aug 2021 07:58:52 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2420 281 B
554 B 156ms
49ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.alqiyady.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03BRUZWfOAt9p435PGj8RsOaCrTlkuPKR3OktVOpDwv9SSinUkmtBwX7pFAFiVc1oUNlOpnhFx06om7GC88fYveTSs/Z; ses2=; vis2=102630^1; ses15=; vis15=102630^1; ses10=; vis10=102630^1; ses57=; vis57=102630^1; khaos=KRSWWNGW-W-FB5O; audit=1|hLZGFuTafB2p0oz29mX9HJqpp78UDnSwDD0ILwuZ3gssED/7wspGcJCb47HqpkxozGgYLOeyR4XMboWaW1ii7aQ2W5ogm1X6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Aug 2021 07:58:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame ADBA 926 B
1 KB 177ms
58ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/alqiyady.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.alqiyady.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alqiyady.com/

Response headers

Date: Sun, 01 Aug 2021 07:58:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: I7RgiFoOQkdU0lMiIWSsiOyAXMKlTb/2sZb3U9FAaD62zzIee/vfyxq63ArT6Qd2yFI4jM9SL9s=
x-amz-request-id: 2WNAJX1H4A46E3Z7
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2256
Expires: Sun, 01 Aug 2021 07:59:52 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 677d8619b84e41e2-AMS
Content-Encoding: gzip

POST
H3-29 200 cookie_sync Show response
user-sync.adxpremium.services/ Frame 4FBF 2 KB
1 KB 32ms
21ms XHR
application/json 2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/cookie_sync
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b8aa3fb1ad2203caebf344ce057287dc737e97bb327d79c97bec3a76d37fff

Request headers

Referer: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 01 Aug 2021 07:58:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sprr%2FqDhec3Yr%2Bdb%2BL7uBCxG%2Ft36BQBxa4l6unxEAYshDveNbs4tGpYM0H3FOaJYj1%2F%2F3eyIJ1S3XYPZHlSG5GN5CCYUThM2uEEUSdMlEKy7LS5bOHs94LDqnHKFq2vANzKABHXKB21Y%2FCD5Sym7qdodcW139OVZbpIzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user-sync.adxpremium.services
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 677d861909d0973c-FRA
expires: 0

GET
H3-29

200

setuid
rtb.adxpremium.services/ Frame 4FBF
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=5FEC4B7E-00BE-4619-A907-C423ED15D8EA&rurl=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadmixer%26uid%3D%24%24visitor_cookie%24%24
https://rtb.adxpremium.services/setuid?bidder=admixer&uid=b79d1377507e405a836c724eaaec3923

0
887 B

65ms
64ms

Image
text/plain

2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=admixer&uid=b79d1377507e405a836c724eaaec3923
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bq6llTlUb30lHqVRotlAX78r6ILAguBn%2BXO6uEHgsLCNdDIDkPIHR7HwBcvEy%2BVm2cAjiDRuetyD17sEY5Dc2lx641G%2BBco%2Ba4zxVMdKmr8%2BVo%2BXacbaX1LxYDUzj49BJ7fbRG%2F8OX8RF3ICbwEQEHG5LQcyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 677d861a0a04973c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: 0

Redirect headers

Date: Sun, 01 Aug 2021 07:58:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://rtb.adxpremium.services/setuid?bidder=admixer&uid=b79d1377507e405a836c724eaaec3923
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2420 31 KB
10 KB 53ms
52ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33888
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sun, 01 Aug 2021 17:23:40 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 95DB 54 B
326 B 197ms
76ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.alqiyady.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Sun, 01 Aug 2021 07:58:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:52 GMT
Connection: keep-alive

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 3A08 1 KB
1 KB 83ms
23ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=601760
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://user-sync.adxpremium.services/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

Server: VertaMedia 1.0
Date: Sun, 01 Aug 2021 07:58:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 736
Access-Control-Allow-Origin: https://user-sync.adxpremium.services
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 3A08
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=2e091a63-f1f6-4737-8065-44f64a21b761

86 B
547 B

701ms
409ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=2e091a63-f1f6-4737-8065-44f64a21b761
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=2e091a63-f1f6-4737-8065-44f64a21b761
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tiqi54qae9p9a2n5s26k1t05r3p9i1fj

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 3A08
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4289062115183121297

86 B
530 B

807ms
423ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4289062115183121297
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:52 GMT
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e92c0f37-7af8-4d2b-8815-0001a699eb2c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4289062115183121297
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

setuid
rtb.adxpremium.services/ Frame 3A08
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=670d30b35c3f4c92

0
977 B

29ms
27ms

Image
text/plain

2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=670d30b35c3f4c92
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3uc9Fa%2Fz6U7rxKLWglMJP967SxZCDKxPda0e0OctId7yaKb7wHmwgmJujp3WCbuc83eMLRZ7cgbuMO9X5KzfYjkFZRG5VpKmKx4kKK1kkWcc7ZfiDkEbClpP56M1VlLyPi7BecLOZaqhgGP36RSjlvACQzfKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 677d861e0c15973c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: 0

Redirect headers

Location: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=670d30b35c3f4c92
Date: Sun, 01 Aug 2021 07:58:52 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 2420 0
42 B 54ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2420 70 B
265 B 186ms
59ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2420
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1u_dCnxWgBcDg5UtM79Wg&google_cver=1

0
239 B

197ms
51ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1u_dCnxWgBcDg5UtM79Wg&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1u_dCnxWgBcDg5UtM79Wg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2420
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/HETWaOoOautovnYVCF4fMQ?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8165988089564145909

0
239 B

209ms
56ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8165988089564145909
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Sun, 01 Aug 2021 07:58:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8165988089564145909
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 2420
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRSWWNGW-W-FB5O&sigv=1&esig=2~97af2588277cb180f1a2d54cb4dcb9999c7a1c35&us_privacy=1---

0
444 B

30ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRSWWNGW-W-FB5O&sigv=1&esig=2~97af2588277cb180f1a2d54cb4dcb9999c7a1c35&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:53 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRSWWNGW-W-FB5O&sigv=1&esig=2~97af2588277cb180f1a2d54cb4dcb9999c7a1c35&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2420
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JTV1dOR1ctVy1GQjVP&us_privacy=1---

170 B
188 B

65ms
57ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JTV1dOR1ctVy1GQjVP&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JTV1dOR1ctVy1GQjVP&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2420
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YQZUPQADSCgxQQAC
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQZUPQADSCgxQQAC&us_privacy=1---&_test=YQZUPQADSCgxQQAC

0
239 B

199ms
54ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQZUPQADSCgxQQAC&us_privacy=1---&_test=YQZUPQADSCgxQQAC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627804733.410618,VS0,VE0
x-served-by: cache-fra19136-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQZUPQADSCgxQQAC&us_privacy=1---&_test=YQZUPQADSCgxQQAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2420
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTYxYzIzOTQ1YzcyMzE4NjdlYjZlMGRmOGQyYWE3ZjY0OTBkODE1Mw&us_privacy=1---

170 B
188 B

61ms
55ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTYxYzIzOTQ1YzcyMzE4NjdlYjZlMGRmOGQyYWE3ZjY0OTBkODE1Mw&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTYxYzIzOTQ1YzcyMzE4NjdlYjZlMGRmOGQyYWE3ZjY0OTBkODE1Mw&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame E292 1 KB
935 B 40ms
25ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

date: Sun, 01 Aug 2021 07:58:53 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 677d8620cc4e5373-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 4F02 0
0 27ms
25ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Sun, 01 Aug 2021 07:58:53 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 677d86211ce25373-FRA

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2459 14 KB
5 KB 195ms
65ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32805
expires: Sun, 01 Aug 2021 17:05:38 GMT
date: Sun, 01 Aug 2021 07:58:53 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2459 2 KB
3 KB 200ms
64ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27867603&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b02e144fe210b80bdafef0ffce19e8e8652bb6f4f7d737634d7e4afe6ba0b947

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:53 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 88AB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54

35 B
477 B

46ms
45ms

Document
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 01 Aug 2021 07:58:54 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=6290840133464461995; expires=Thu, 30 Sep 2021 07:58:54 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sun, 01 Aug 2021 07:58:54 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Wed, 01 Sep 2021 07:58:54 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame D242 35 B
134 B 167ms
59ms Document
image/gif 213.155.156.164
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.164 Uppsala, Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-164.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 14B9 43 B
360 B 168ms
57ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 01 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1022
x-powered-by: ASP.NET
date: Sun, 01 Aug 2021 07:58:53 GMT
content-length: 43

GET
H3-29 200 setuid Show response
rtb.adxpremium.services/ Frame 968E 0
1 KB 33ms
31ms Document
text/plain 2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: rtb.adxpremium.services
:scheme: https
:path: /setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZG1peGVyIjp7InVpZCI6ImI3OWQxMzc3NTA3ZTQwNWE4MzZjNzI0ZWFhZWMzOTIzIiwiZXhwaXJlcyI6IjIwMjEtMDgtMTVUMDk6NTg6NTIuNTMzODc4NTYzKzAyOjAwIn0sImFkdGVsbGlnZW50Ijp7InVpZCI6IjY3MGQzMGIzNWMzZjRjOTIiLCJleHBpcmVzIjoiMjAyMS0wOC0xNVQwOTo1ODo1My4xNDUwODY5NjIrMDI6MDAifX0sImJkYXkiOiIyMDIxLTA4LTAxVDA5OjU4OjUyLjUzMzg3Mzk4MiswMjowMCJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: SSCookie=1; Path=/; Expires=Sat, 30 Oct 2021 07:58:54 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZG1peGVyIjp7InVpZCI6ImI3OWQxMzc3NTA3ZTQwNWE4MzZjNzI0ZWFhZWMzOTIzIiwiZXhwaXJlcyI6IjIwMjEtMDgtMTVUMDk6NTg6NTIuNTMzODc4NTYzKzAyOjAwIn0sImFkdGVsbGlnZW50Ijp7InVpZCI6IjY3MGQzMGIzNWMzZjRjOTIiLCJleHBpcmVzIjoiMjAyMS0wOC0xNVQwOTo1ODo1My4xNDUwODY5NjIrMDI6MDAifSwicHVibWF0aWMiOnsidWlkIjoiQjBEQTVCRTctNUExRS00MjdDLTgxRDQtQjBFMUVBM0U0QzU0IiwiZXhwaXJlcyI6IjIwMjEtMDgtMTVUMDk6NTg6NTQuMDcwNDc1NjUzKzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wOC0wMVQwOTo1ODo1Mi41MzM4NzM5ODIrMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Sat, 30 Oct 2021 07:58:54 GMT; Secure; SameSite=None
vary: Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYx1GL%2BNeZf7mWx1tIIGsBO%2BqyFcUqX3hidfuyr4tGGfzwWskAjnyUPPbnaMdUhetPCMEnFx15DugNrLZm%2FEFnaRHXnap%2FEgoNqGk3v0eM%2Fxd15HoVoKtSPix5AfbOHuNgizcXTWBdopfWInVBmpFFhe00gCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677d8623ddfa973c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sNpb51oeQnyB1LDh6j5MVA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

64ms
64ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=32804
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 01 Aug 2021 17:05:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bbf6106-543d-4200-83c7-d58988887b49

0
260 B

203ms
65ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bbf6106-543d-4200-83c7-d58988887b49
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 03:01:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 01 Aug 2021 07:58:54 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bbf6106-543d-4200-83c7-d58988887b49
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 01 Aug 2021 07:58:53 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2459
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=15af223886a99efa2c5d49d2b55d41f0
https://spl.zeotap.com/?zdid=1332&zcluid=7af8e84ac1694c66
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44494c84623&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEEEtX-i0i_UW_8SpevhYjb4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44...

95 B
187 B

41ms
39ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEEEtX-i0i_UW_8SpevhYjb4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44494c84623&zcluid=7af8e84ac1694c66&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 677d862a0d1a96b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEEEtX-i0i_UW_8SpevhYjb4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=a0b86708-611d-458f-631a-a44494c84623&zcluid=7af8e84ac1694c66&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBEQTVCRTctNUExRS00MjdDLTgxRDQtQjBFMUVBM0U0QzU0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

201ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:529
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrqwtIn7tHTl8slrgN-LWw&google_cver=1

42 B
282 B

198ms
61ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrqwtIn7tHTl8slrgN-LWw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:1035
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrqwtIn7tHTl8slrgN-LWw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2459 43 B
610 B 232ms
61ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 31 Jul 2021 07:58:54 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cf916106-543e-4500-897e-b14d7ea5ae21&gdpr=0&gdpr_consent=

42 B
339 B

64ms
62ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cf916106-543e-4500-897e-b14d7ea5ae21&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 01 Aug 2021 07:58:57 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:cf916106-543e-4500-897e-b14d7ea5ae21&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 01 Aug 2021 07:58:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1644853150093900243

42 B
233 B

112ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1644853150093900243
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:383
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:54 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1644853150093900243
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f19ad93f-2cea-4589-9200-b474a0376380

42 B
294 B

149ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f19ad93f-2cea-4589-9200-b474a0376380
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:358
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f19ad93f-2cea-4589-9200-b474a0376380
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2459
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4289062115183121297&gdpr=0&gdpr_consent=

42 B
520 B

145ms
60ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4289062115183121297&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:448
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:54 GMT
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 106fdc2d-d399-46dd-b5f1-03a1f609fbfe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4289062115183121297&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2459 43 B
203 B 67ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

setuid
rtb.adxpremium.services/ Frame 4FBF
Redirect Chain

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=hLVm1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4289062115183121297&mpk=hLVm1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4289062115183121297

0
1 KB

21ms
21ms

Image
text/plain

2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4289062115183121297
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nX%2FaLfeZqnVDChN5KMGPZfh9gRS9qBbCF%2FJD7JYPuFMw441EmjOLeh4aMG%2BuzKNPX%2F0d%2B1vUw3MgEu2eHzwAwElvMgflQADTRY72LB4b3FKxiEEdU4PFFAaJfZNwmvPpVA0B7a%2FJWD17TLQeRTLUM0JIDj2qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 677d862cb864973c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: 0

Redirect headers

date: Sun, 01 Aug 2021 07:58:55 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzxjewIwv%2FczYgrhiquWBDWX%2BtAb9q1iLznooxQEniZJS03Ep%2BhU%2BStIhZgwduZmWwWR7%2BPQA74gacBlA6BrrCZY6WlZOrZqvupgABNZ8ZyzdGRRSv8ZOhA%2BO25fkTuVAYP8vduKCg0hf35UPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4289062115183121297
cf-ray: 677d862b7c6bc2ae-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame A21D
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...

3 KB
1 KB

57ms
57ms

Document
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: efa6f0dfd40ce927e7039efc9e23d1736b4e5b3b43202b732a155c31bdbb9bb9

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

server: openresty
date: Sun, 01 Aug 2021 07:58:55 GMT
content-type: text/html
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: E=AFNu9GDosMRxxbW-; path=/; domain=e-planning.net; expires=Sun, 30-Jul-2028 07:58:55 GMT; SameSite=None; Secure
expires: Sun, 01 Aug 2021 07:58:55 GMT
x-sid: AMS-610
content-encoding: gzip

Redirect headers

server: openresty
date: Sun, 01 Aug 2021 07:58:55 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid: AMS-610

GET
H2

200

um
u-ams02.e-planning.net/ Frame A21D
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2aca222944abde81
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2aca222944abde81

42 B
103 B

53ms
52ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2aca222944abde81
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=2aca222944abde81
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame A21D 39 KB
14 KB 152ms
50ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Fri, 31 Jul 2026 07:58:55 GMT

GET
H2 200 tm60118.js Show response
tag.navdmp.com/ Frame A21D 12 KB
4 KB 58ms
31ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm60118.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 16:32:07 GMT
server: cloudflare
age: 370
etag: W/"5fb54c87-2ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 677d862e6ea042d5-FRA
content-type: application/javascript
expires: Sun, 01 Aug 2021 08:52:45 GMT

GET
H2 200 retargetly_030920.js Show response
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame A21D 2 KB
1 KB 177ms
76ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 18:45:03 GMT
server: openresty
etag: W/"5f5139af-857"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Fri, 31 Jul 2026 07:58:55 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame A21D
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2aca222944abde81%26uid%3D%24%7BUID%7D
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2aca222944abde81&uid=2e091a63-f1f6-4737-8065-44f64a21b761

42 B
103 B

157ms
53ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2aca222944abde81&uid=2e091a63-f1f6-4737-8065-44f64a21b761
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2aca222944abde81&uid=2e091a63-f1f6-4737-8065-44f64a21b761
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: stivcutfvbe37t0hrue6n10gsko9s9no

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame A21D 5 KB
2 KB 542ms
135ms Script
text/plain 3.213.248.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ddf2b9cbd4366008c4f397c01b9da5a8a8742fab1acdae069bb9426afdf764b8

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1682

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame A21D 266 B
416 B 176ms
74ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Fri, 31 Jul 2026 07:58:55 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame A21D 0
104 B 93ms
65ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D2aca222944abde81%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame A21D
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D2aca222944abde81
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

37 B
37 B

51ms
50ms

Image
text/json

168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
server: nginx/1.10.3
content-type: text/json;charset=UTF-8

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date: Sun, 01 Aug 2021 07:58:55 GMT
server: nginx/1.10.3
content-type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame A21D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2aca222944abde81%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=2aca222944abde81&uid=4289062115183121297

42 B
104 B

162ms
52ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=2aca222944abde81&uid=4289062115183121297
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:55 GMT
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2816dc4d-f0f2-4a27-9800-f275ad7d5865
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=2aca222944abde81&uid=4289062115183121297
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A21D 0
478 B 195ms
47ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D2aca222944abde81%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:55 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.e-planning.net/ Frame A21D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58414/occ
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A

42 B
104 B

165ms
51ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Sun, 01 Aug 2021 07:58:55 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/ Frame A21D
Redirect Chain

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D2aca222944abde81%26uid%3D%7B%24UID%7D
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=2aca222944abde81&uid=1904471b2aa9bf8e5d4157759b3e9b0c120ff74d

42 B
103 B

53ms
53ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=2aca222944abde81&uid=1904471b2aa9bf8e5d4157759b3e9b0c120ff74d
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
server: openresty
content-type: image/gif

Redirect headers

Location: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=2aca222944abde81&uid=1904471b2aa9bf8e5d4157759b3e9b0c120ff74d
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

um
u-ams02.e-planning.net/ Frame A21D
Redirect Chain

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D2aca222944abde81
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=2aca222944abde81&uid=0200000030540661A524F548023EFC4B

42 B
103 B

61ms
54ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=2aca222944abde81&uid=0200000030540661A524F548023EFC4B
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=2aca222944abde81&uid=0200000030540661A524F548023EFC4B
date: Sun, 01 Aug 2021 07:58:40 GMT
server: nginx/1.20.1
content-type: text/html
content-length: 145
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FEB5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

49ms
49ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03BRUZWfOAt9p435PGj8RsOaCrTlkuPKR3OktVOpDwv9SSinUkmtBwX7pFAFiVc1oUNlOpnhFx06om7GC88fYveTSs/Z; ses2=; vis2=102630^1; ses15=; vis15=102630^1; ses10=; vis10=102630^1; ses57=; vis57=102630^1; khaos=KRSWWNGW-W-FB5O; audit=1|hLZGFuTafB2p0oz29mX9HJqpp78UDnSwDD0ILwuZ3gssED/7wspGcJCb47HqpkxozGgYLOeyR4XMboWaW1ii7aQ2W5ogm1X6; pux=2249%3D101528%262307%3D101528%262974%3D101528%263778%3D101528%26idl%3D101528%26brx%3D101528%26goog%3D101528%262249-DV360-Hosted%3D101528%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Aug 2021 07:58:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Sun, 01 Aug 2021 07:58:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0FA2 14 KB
5 KB 70ms
70ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2aca222944abde81%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2aca222944abde81%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=B0DA5BE7-5A1E-427C-81D4-B0E1EA3E4C54; chkChromeAb67Sec=1; DPSync3=1628985600%3A201_197_219%7C1627862400%3A174; SyncRTB3=1628985600%3A161_56_220_21_54_3_71_13_7%7C1629072000%3A35; KRTBCOOKIE_57=22776-4289062115183121297; PugT=1627804734; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENrqwtIn7tHTl8slrgN-LWw&KRTB&16514-CAESENrqwtIn7tHTl8slrgN-LWw&KRTB&23025-CAESENrqwtIn7tHTl8slrgN-LWw; KRTBCOOKIE_391=22924-1644853150093900243&KRTB&23263-1644853150093900243; KRTBCOOKIE_27=16735-uid:cf916106-543e-4500-897e-b14d7ea5ae21&KRTB&16736-uid:cf916106-543e-4500-897e-b14d7ea5ae21&KRTB&23019-uid:cf916106-543e-4500-897e-b14d7ea5ae21&KRTB&23114-uid:cf916106-543e-4500-897e-b14d7ea5ae21; KRTBCOOKIE_377=6810-f19ad93f-2cea-4589-9200-b474a0376380&KRTB&22918-f19ad93f-2cea-4589-9200-b474a0376380&KRTB&23031-f19ad93f-2cea-4589-9200-b474a0376380; SPugT=1627786908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=32803
expires: Sun, 01 Aug 2021 17:05:38 GMT
date: Sun, 01 Aug 2021 07:58:55 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame AE28
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1

2 KB
3 KB

81ms
80ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 35143d3de5c54f4b205f97839b8bba0f62da2ce1177ca23f518b6e973131a2ff

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YQZUQJDr.nbjlM9AXIw2twAA; CMPS=1185
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|230|45|176|88|46|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1813
Expires: Sun, 01 Aug 2021 07:58:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Connection: keep-alive
Set-Cookie: CMID=YQZUQJDr.nbjlM9AXIw2twAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Aug 2022 07:58:56 GMT CMPS=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 30 Oct 2021 07:58:56 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 30 Oct 2021 07:58:56 GMT CMST=YQZUQGEGVEAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 07:58:56 GMT CMRUM3=e6610654402760&2d6106544005a0&b06106544005a00&27610654400b40&8261065440a8c0&586106544005a0&2e6106544005a0&f16106544005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Aug 2022 07:58:56 GMT

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 01 Aug 2021 07:58:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Connection: keep-alive
Set-Cookie: CMID=YQZUQJDr.nbjlM9AXIw2twAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Aug 2022 07:58:56 GMT CMPS=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 30 Oct 2021 07:58:56 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame E9AD 7 KB
2 KB 45ms
44ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bde3958693affc143dc052b2a83f49d41fbd54fcf503891af73fd6a97839d69

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=96d70711-2cc8-44da-5127-dd8e6a6b342a; zsc=%CA%D0%3F%5BRnDK%B9%0E.%AD%F3S%89U%26%BB%A3%B2Y%F9%A5r%BE-w%82%7Fb%A8%E8%3B%06%99%C2%F4%83%96H%D7%87%C5%E6%7D%14%09%1D%8F%96%F4k%ED%252%23%9B%1D%F8O%88%06%08%0B%D0%601%3D%B5%C9%DB%CCo%7B%82%F9%095%AAA%EA6i
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
set-cookie: zc=96d70711-2cc8-44da-5127-dd8e6a6b342a; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%D3%8D%B1D%C4%EB%60%A7%94%BF%E9b%EB%F4Hm%DE%0DX%3Fj%C2%07%99%04%85%D1%14%E6c%DE%99%D1%01Lh4%3D%94%EB%7C%9D%D6%D0%CC%EF%EE%B9%60i%A6H%E0%FE%08hR%A7%7F%0F%F9Zl%E7%D3%7D%16%13-%0E6PVu%E0%A8%98%B2%9F%E8%C2%C19%D3%83%F0j%FE%E7%7CI%A4%8D%DC%E8%1F%E0n%94p%1D%D9%82NXN%BD%F7%5B%978%BB%AD%97%FB%98%DFH%04%F89%09%E2pS.%0E%DC%ACz%AD%5B%91%F7%25%9B7%12P%08%8F%9ES%A8M%B9%16%85%F5%11%40%26%FE%A6b%BA%17%CA%7D%3F%834%23%E5%D2%A2%DA%01%7D%9F%F7%A8; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 677d862f7f0596b6-FRA
content-encoding: br

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FEB5 31 KB
10 KB 55ms
53ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33885
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sun, 01 Aug 2021 17:23:40 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame E9AD 0
0 48ms
47ms Image
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=a0c32ca6-67c2-421e-8d2f-1e2159cd0949&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89...

95 B
153 B

31ms
30ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=a0c32ca6-67c2-421e-8d2f-1e2159cd0949&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d86310fb296b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=a0c32ca6-67c2-421e-8d2f-1e2159cd0949&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame E9AD 0
331 B 144ms
48ms Image
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D1...
https://mwzeom.zeotap.com/mw?cid=f19ad93f-2cea-4589-9200-b474a0376380&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89...

95 B
154 B

41ms
41ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f19ad93f-2cea-4589-9200-b474a0376380&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d86303f5996b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=f19ad93f-2cea-4589-9200-b474a0376380&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame E9AD 0
161 B 32ms
14ms Image
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 01 Aug 2021 07:58:55 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627804736.988181,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19168-FRA

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame E9AD 0
361 B 281ms
85ms Image
text/html 2607:ae80:5::49
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:5::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E9AD 0
41 B 66ms
63ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d70711-2cc8-44da-5127-dd8e6a6b342a%26reqId%3D11682ff1-7ac9-4a89-77a8-973e1cab9696%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=136...
https://mwzeom.zeotap.com/mw?cid=9fe3de65-c60f-4d01-bb2e-eb9aa32a7528&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

20ms
19ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=9fe3de65-c60f-4d01-bb2e-eb9aa32a7528&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8630af8596b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=9fe3de65-c60f-4d01-bb2e-eb9aa32a7528&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=32372355283106706493728561430297326528&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-...

95 B
153 B

38ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=32372355283106706493728561430297326528&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8630cf9596b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v012-0ce83c453.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: o+DKf5IoRRg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=32372355283106706493728561430297326528&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame E9AD 0
324 B 145ms
44ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=96d70711-2cc8-44da-5127-dd8e6a6b342a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021080109-30216-0.034430001627804740-0f163f11a177c72b1ac35ee6f0b372e0&zdid=533&env=mWeb

95 B
154 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021080109-30216-0.034430001627804740-0f163f11a177c72b1ac35ee6f0b372e0&zdid=533&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d86318fdd96b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021080109-30216-0.034430001627804740-0f163f11a177c72b1ac35ee6f0b372e0&zdid=533&env=mWeb
Date: Sun, 01 Aug 2021 07:59:00 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6991368105395878033&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-...

95 B
153 B

39ms
33ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6991368105395878033&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8630cf9796b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6991368105395878033&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame E9AD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a

95 B
426 B

52ms
46ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=96d70711-2cc8-44da-5127-dd8e6a6b342a
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=96d70711-2cc8-44da-5127-dd8e6a6b342a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=96d70711-2cc8-44da-5127-dd8e6a6b342a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=EOyHu3AozXh0mHkm7ucMVu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a...

95 B
153 B

32ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=EOyHu3AozXh0mHkm7ucMVu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d86316fcd96b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
last-modified: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=EOyHu3AozXh0mHkm7ucMVu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame E9AD 36 B
378 B 197ms
53ms Image
image/gif 89.163.159.107
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.107 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=96d70711-2cc8-44da-5127-dd8e6a6b342a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=15af223886a99efa2c5d49d2b55d41f0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7a...

95 B
233 B

18ms
18ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=15af223886a99efa2c5d49d2b55d41f0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d86313fc096b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=15af223886a99efa2c5d49d2b55d41f0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
cache-control: no-cache
x-server: 10.45.22.192
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-4ASTqkNE2oolIWThzMfIy0hpdhBnezO_0Q--~A&zpartnerid=570&env=mWeb

95 B
153 B

36ms
35ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-4ASTqkNE2oolIWThzMfIy0hpdhBnezO_0Q--~A&zpartnerid=570&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8632181496b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sun, 01 Aug 2021 07:58:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-4ASTqkNE2oolIWThzMfIy0hpdhBnezO_0Q--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtQaP3fXYIuhv2lYKOmh%2F6k3%2BS41iYitP1U%3D

95 B
153 B

20ms
19ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtQaP3fXYIuhv2lYKOmh%2F6k3%2BS41iYitP1U%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8631e80896b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtQaP3fXYIuhv2lYKOmh%2F6k3%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame E9AD 43 B
324 B 162ms
59ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E9AD 0
338 B 200ms
65ms Image
text/plain 52.51.35.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1627804736
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame E9AD 95 B
358 B 55ms
53ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQZUPQADSCgxQQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973...

95 B
153 B

43ms
35ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQZUPQADSCgxQQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8630cf9396b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1627804736.997669,VS0,VE89
x-served-by: cache-fra19136-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YQZUPQADSCgxQQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=67f46106-5440-4300-a285-148f584a87ee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff...

95 B
154 B

33ms
31ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=67f46106-5440-4300-a285-148f584a87ee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8632984596b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=67f46106-5440-4300-a285-148f584a87ee&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sun, 01 Aug 2021 08:01:23 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E9AD
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab...

0
337 B

67ms
66ms

Image
text/plain

52.51.35.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1627804736
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
date: Sun, 01 Aug 2021 07:58:56 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame E9AD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-512...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-512...

43 B
433 B

68ms
67ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&dcc=t
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=96d70711-2cc8-44da-5127-dd8e6a6b342a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://tags.bluekai.com/site/87734?id=96d70711-2cc8-44da-5127-dd8e6a6b342a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
176 B

32ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d863c4cdb96b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Sun, 01 Aug 2021 07:58:57 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 5cb6
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E9AD
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D96d...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361

95 B
153 B

38ms
37ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 677d8634a91496b6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
date: Sun, 01 Aug 2021 07:58:56 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame E9AD 557 B
496 B 40ms
39ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5682d68237a49e9b65e9a50574990f31e49eea4cd7f0e14549d8425286d72e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 677d862fdf2b96b6-FRA
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 204 cmp
spl.zeotap.com/ Frame E9AD 0
0 35ms
34ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=96d70711-2cc8-44da-5127-dd8e6a6b342a&reqId=11682ff1-7ac9-4a89-77a8-973e1cab9696&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=96d70711-2cc8-44da-5127-dd8e6a6b342a; zsc=%D3%8D%B1D%C4%EB%60%A7%94%BF%E9b%EB%F4Hm%DE%0DX%3Fj%C2%07%99%04%85%D1%14%E6c%DE%99%D1%01Lh4%3D%94%EB%7C%9D%D6%D0%CC%EF%EE%B9%60i%A6H%E0%FE%08hR%A7%7F%0F%F9Zl%E7%D3%7D%16%13-%0E6PVu%E0%A8%98%B2%9F%E8%C2%C19%D3%83%F0j%FE%E7%7CI%A4%8D%DC%E8%1F%E0n%94p%1D%D9%82NXN%BD%F7%5B%978%BB%AD%97%FB%98%DFH%04%F89%09%E2pS.%0E%DC%ACz%AD%5B%91%F7%25%9B7%12P%08%8F%9ES%A8M%B9%16%85%F5%11%40%26%FE%A6b%BA%17%CA%7D%3F%834%23%E5%D2%A2%DA%01%7D%9F%F7%A8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 677d86302f5096b6-FRA

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2459 0
384 B 162ms
53ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection: close
date: Sun, 01 Aug 2021 07:58:55 GMT
content-encoding: gzip
server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache
content-type: text/plain; charset=utf-8

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AE28 70 B
264 B 58ms
58ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQZUQJDr.nbjlM9AXIw2twAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AE28
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&dcc=t

43 B
645 B

139ms
138ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QNCSXW24R02H07G6Z7ER
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7RHK6HF310PVH7C7CF04
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame AE28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtzFV4OWkH2O2Ph_oWEUr8&google_cver=1

43 B
315 B

69ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtzFV4OWkH2O2Ph_oWEUr8&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGtzFV4OWkH2O2Ph_oWEUr8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AE28
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQZUQJDr.nbjlM9AXIw2twAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGBeWg2TTRk6qpk_ow7_RqY&google_cver=1&google_hm=2

43 B
1000 B

96ms
77ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGBeWg2TTRk6qpk_ow7_RqY&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGBeWg2TTRk6qpk_ow7_RqY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame AE28 0
44 B 404ms
132ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:55 GMT
content-length: 0
server: b

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AE28
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YQZUQAADaaOA2wA4
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQZUQAADaaOA2wA4&gdpr=1&_test=YQZUQAADaaOA2wA4

43 B
989 B

105ms
74ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQZUQAADaaOA2wA4&gdpr=1&_test=YQZUQAADaaOA2wA4
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627804736.390453,VS0,VE0
x-served-by: cache-fra19136-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQZUQAADaaOA2wA4&gdpr=1&_test=YQZUQAADaaOA2wA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame AE28 0
0 150ms
52ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AE28
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiTE7CDKkAAFkYJXgvdQ&expiration=1629014336&gdpr=1

43 B
1011 B

76ms
74ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiTE7CDKkAAFkYJXgvdQ&expiration=1629014336&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABiTE7CDKkAAFkYJXgvdQ&expiration=1629014336&gdpr=1
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 um
u-ams02.e-planning.net/ Frame AE28 42 B
103 B 52ms
52ms Image
image/gif 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=2aca222944abde81&uid=YQZUQJDr.nbjlM9AXIw2twAA%261174
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2aca222944abde81%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
server: openresty
content-type: image/gif

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame A21D 38 KB
11 KB 1171ms
57ms Script
application/json 13.224.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-104.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 23:55:21 GMT
content-encoding: gzip
etag: W/"2b2f816f40499d384e118ce88a266e02"
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 29017
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 0gNkKgvSNjTx-1R1fR0pfQOv_8St4iF3Ic2TZXL4JzQThscW7XMMBA==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 816B 636 B
578 B 49ms
48ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

server: openresty
date: Sun, 01 Aug 2021 07:58:55 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Fri, 31 Jul 2026 07:58:55 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 e-planning Show response
sync.quantumdex.io/usersync/ Frame 87B7 2 KB
1 KB 153ms
128ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/e-planning
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b19d62cb8a06c7ba950da92dc55d48bb0d48cd65b7c15104ea003b0e45f6c2d8

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/e-planning
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
content-type: text/html
set-cookie: uid=06d9544a-3ced-4f58-8f4f-fdfbef4a0610; expires=Sat, 21 Aug 2021 07:58:56 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7fWveXuPuykV1scNBlJQoG1QB2lxpqLE4KJNfXUUBRsiYM9YljhGH1ITAfew%2F5rL0SXVaA7vmAcOoVaMPkpgYmSHyCYsdX9e7IqbFKvpx5yBbpvSyL9vhCP0sgfNvGuLiG%2BA6d4tgRu3A5TspfmpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677d8631cf33bea6-FRA
content-encoding: br

GET
H2

200

setuid Show response
rtb.adxpremium.services/ Frame 2DA1
Redirect Chain

https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5/ct?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup

0
602 B

21ms
21ms

Document
text/plain

2606:4700:3033::6815:5473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: rtb.adxpremium.services
:scheme: https
:path: /setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: SSCookie=1; Path=/; Expires=Sat, 30 Oct 2021 07:58:56 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUkxZGtpdG56NkhLTEZ1cCIsImV4cGlyZXMiOiIyMDIxLTA4LTE1VDA5OjU4OjU2LjM4NDQ2NjM4KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wOC0wMVQwOTo1ODo1Ni4zODQ0NjQ3NjErMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Sat, 30 Oct 2021 07:58:56 GMT; Secure; SameSite=None
vary: Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGkEwGQU4W2tLPQWkUnoaYH%2BHLiiAVBS6waeJO9p4GzBDXbuL68YpIFZwFB6zl%2FKKSaMq%2BLL0ryzy6j4PN8%2FbQbbiTjCnGbECh36Ba871AnufW7eACcQ5lonDox6n31Jr%2FkgyUYlyMYVrkls23dX8IDgoLfaRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 677d86324d1d073e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server: openresty
date: Sun, 01 Aug 2021 07:58:56 GMT
content-type: text/html; charset=iso-8859-1
location: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AI1dkitnz6HKLFup
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: E=AI1dkitnz6HKLFup; path=/; domain=e-planning.net; expires=Sun, 30-Jul-2028 07:58:56 GMT; SameSite=None; Secure
expires: Sun, 01 Aug 2021 07:58:56 GMT
x-sid: AMS-610

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 816B 0
367 B 190ms
61ms Script
text/plain 51.158.29.12
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1627804736316

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87B7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8709248361962390651

43 B
349 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8709248361962390651
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilJJxzy4ORNjc81oUtJyX2itKlvss54gsdQBeYtblxE1GxFeSoxr%2FxnIvv%2B54UhX5fciEaaNCnQCWBY328YLxonHQk%2F8MXWcywkizYmgmys2DkkUsIwelzIXwrZmNuWTdgm7CCDT9R%2Fo67O4LqC7sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 677d86360888bea6-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 44a2140f-5ff3-412a-95a6-23b3636ab458
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8709248361962390651
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 87B7
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

44ms
43ms

Image
image/gif

51.195.5.38
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.38 , France, ASN16276 (OVH, FR),

Reverse DNS

p16.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Sun, 01 Aug 2021 07:58:56 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87B7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A

43 B
343 B

143ms
142ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRif34NmsfZf%2Bahht3ufz7DfTEz2iW73V21AGuOI0llr6%2BP1c6x3XkxSR3PQxb75yGn6CGpvBH%2Bh98k18PW6nPWdVq44%2FQyzG5fobGBBKW%2BeQ8Mu%2BVexc2rlp95oFkjV%2Bu47e1T5Cp%2FJ1udqpEZ%2Fvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 677d86331fa5bea6-FRA
content-length: 43

Redirect headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-p2uYsWpE2uHdXn.PJ8Tn5KnTNk.t2Ja8kMsVPqw-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 87B7 0
478 B 51ms
47ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87B7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7840996681688352845

43 B
324 B

142ms
141ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7840996681688352845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuYPcbZlT%2BS7NV2afoc8HEHh5GasGCK%2BOPVmuCAafnhxBylN9RsHLq7N40VfL2PM6ICHMRtja1EEFbAn6KEtIA5B9ZoVfN7FM3EVArqIuQ1J49MMVL3kM5y8KDl0YXjAr3DKRjqnT06HDN4tBlx18w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 677d863668aebea6-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
X-Proxy-Origin: 194.99.105.228; 194.99.105.228; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d2f6d7d9-daf2-45a4-b966-88bac4be10f6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7840996681688352845
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87B7
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c31e8850-cda2-4550-a0ba-b5eb658acc2e

43 B
327 B

132ms
130ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c31e8850-cda2-4550-a0ba-b5eb658acc2e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iACo%2BC39%2FoNMCKzOXBVzjq98bSsOdMONCWwmCNgoATk32yjdbcTuiC%2FPxMMbqmn0ta7kMMApJ7QCC4ctcQ5Mxx0j4qrpKeGidytZriSYDcw0Ch%2FfrqvAD5S2ltjgfNHOCIO40vUlhoMkB7252JA%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 677d8633cfccbea6-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c31e8850-cda2-4550-a0ba-b5eb658acc2e
date: Sun, 01 Aug 2021 07:58:56 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 87B7 42 B
103 B 55ms
52ms Image
image/gif 5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=06d9544a-3ced-4f58-8f4f-fdfbef4a0610
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
server: openresty
content-type: image/gif

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame C2F5 1 KB
3 KB 80ms
79ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 09982a8a5cb3cb2f065c39dfcbec98ece12ce7a37076a876bfb7a443a0e6c696

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YQZUQJDr.nbjlM9AXIw2twAA; CMPS=1185; CMPRO=1174; CMST=YQZUQGEGVEAA; CMRUM3=f16106544005a0&8261065440a8c0&586106544005a0&2e6106544005a0&27610654400b40&b06106544005a00&2d6106544005a0&e6610654402760
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|206|4|3|41|111|188|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1475
Expires: Sun, 01 Aug 2021 07:58:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Connection: keep-alive
Set-Cookie: CMID=YQZUQJDr.nbjlM9AXIw2twAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Aug 2022 07:58:56 GMT CMPS=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 30 Oct 2021 07:58:56 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 30 Oct 2021 07:58:56 GMT CMRUM3=f16106544005a0&ce6106544005a0&27610654400b40&036106544005a0&6f6106544005a0&496106544005a0&2e6106544005a0&8261065440a8c0&586106544005a0&046106544005a0&b06106544005a00&bc6106544005a00&2d6106544005a0&286106544005a00&e6610654402760&296106544005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Aug 2022 07:58:56 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 6FB6 43 B
551 B 91ms
47ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YQZUQ; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame FE73 2 KB
823 B 1166ms
49ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FEB5 284 B
536 B 50ms
49ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H2 200 YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C2F5 43 B
650 B 36ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame C2F5 0
234 B 54ms
52ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C2F5
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7351755767206548082

43 B
1023 B

89ms
77ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7351755767206548082
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7351755767206548082
pragma: no-cache
date: Sun, 01 Aug 2021 07:58:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C2F5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f46106-5440-4300-a285-148f584a87ee&gdpr=1&gdpr_consent=

43 B
1 KB

115ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f46106-5440-4300-a285-148f584a87ee&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:58:56 GMT

Redirect headers

Date: Sun, 01 Aug 2021 07:58:59 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f46106-5440-4300-a285-148f584a87ee&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 01 Aug 2021 07:58:58 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame C2F5 43 B
408 B 437ms
71ms Image
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:58:56 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame C2F5 0
330 B 49ms
45ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame C2F5 0
88 B 800ms
132ms Image
text/plain 52.4.51.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.51.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 setuid
sync.quantumdex.io/ Frame C2F5 43 B
326 B 142ms
140ms Image
image/gif 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YQZUQJDr-nbjlM9AXIw2twAABJYAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:58:56 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5JweWBvHd7gNi3YANucTGC7FM0tR3PQv8PUXNfMxbPaSot5poOXi918ojXe7RH5EoQq6pqcqUVhKxCdbQrJiQn%2Fi%2FKAKwncvAGQvxnyoyK5yYJ3a6tEUVXQgCXz0CdX1RIVI%2FN5ovwKrAcU6lzGVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 677d86335fb0bea6-FRA
content-length: 43

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 8BB5
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

158ms
157ms

Document
text/html

18.233.75.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4a623f5aaea07848a396333c2ffede3134149529ea6d9bbf575ef479d0a93d77

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=91f5012a-8a8f-4f1c-a456-38a62270f53c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Sun, 01 Aug 2021 07:59:00 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sun, 01 Aug 2021 07:59:00 GMT
pragma: no-cache

Redirect headers

date: Sun, 01 Aug 2021 07:58:59 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=91f5012a-8a8f-4f1c-a456-38a62270f53c; Path=/; Domain=eqads.com; Expires=Mon, 01 Nov 2021 07:58:59 GMT; Secure; SameSite=None

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 8BB5 43 B
1 KB 76ms
75ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=91f5012a-8a8f-4f1c-a456-38a62270f53c&expiration=1635753540
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 07:59:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 01 Aug 2021 07:59:00 GMT

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame A21D 368 B
879 B 137ms
137ms XHR
text/plain 3.213.248.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=194.99.105.228&p=M1353665098&artime=2021-08-01T07:59:00.243Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGYWRzLnVzLmUtcGxhbm5pbmcubmV0JTJGZ2V0dWlkJTJGMSUyRjVhMWFkNzFkMmQ1M2EwZjUlM0ZodHRwcyUzQSUyRiUyRnJ0Yi5hZHhwcmVtaXVtLnNlcnZpY2VzJTJGc2V0dWlkJTNGYmlkZGVyJTNEZXBsYW5uaW5nJTI2Z2RwciUzRDElMjZnZHByX2NvbnNlbnQlM0QlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dXNlci1zeW5jLmFkeHByZW1pdW0uc2VydmljZXMv
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b4852100118862fb5f75d959f4d13e0dffe33bbc048bc87f0eea7e4bf56efb73

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 262

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/ Frame 2096
Redirect Chain

https://bcp.crwdcntrl.net/5/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr

1 KB
2 KB

94ms
93ms

Document
text/html

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b330aef11cb0bae6bc4bd86976a935c23a7bc4d9d0b1d93c5182dbb0fe5fe3d5

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Sun, 01 Aug 2021 07:59:00 GMT
content-type: text/html;charset=utf-8
content-length: 1152
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.71
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 28-Apr-2022 07:04:00 GMT;SameSite=None;Secure _cc_id=15af223886a99efa2c5d49d2b55d41f0;Path=/;Domain=crwdcntrl.net;Expires=Thu, 28-Apr-2022 07:04:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMDRNTDMyMrawMEu0tExNSzRKNk0xsUwxSjIF0oZpBgxAkMgW4vLr%2F%2F%2F%2F%2FCAOBAAAp6IN6w%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 28-Apr-2022 07:04:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIZAtxAVJQAAAMigEA";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 28-Apr-2022 07:04:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Sun, 01 Aug 2021 07:59:00 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.106
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 924D 281 B
554 B 49ms
49ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://user-sync.adxpremium.services/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Aug 2021 07:59:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 924D 31 KB
10 KB 56ms
55ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33880
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sun, 01 Aug 2021 17:23:40 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 4FBF 43 B
106 B 143ms
46ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 07:59:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1

200

p
a.audrte.com/ Frame A21D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=&google_gid=CAESEBjZX2a6REJgt-KLorsztxA&google_cver=1
https://a.audrte.com/p

68 B
1 KB

275ms
135ms

Image
image/png

3.213.248.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame A21D
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=3650116984003556680
https://ps.eyeota.net/match?bid=kh51m51&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=

0
344 B

45ms
44ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame A21D 1 KB
1 KB 183ms
44ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Content-Length: 1241
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 924D 284 B
536 B 50ms
49ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2096 70 B
264 B 59ms
57ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:59:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET image.sbxx
global.ib-ibi.com/ Frame 2096 0
0

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 2096 0
191 B 178ms
57ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:58:59 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=d8ad4bcb-db78-41aa-bf1e-921799b70fe8
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 2096
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=15af223886a99efa2c5d49d2b55d41f0&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=15af223886a99efa2c5d49d2b55d41f0&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d8ad4bcb-db78-41aa-bf1e-921799b70fe8

49 B
264 B

72ms
72ms

Image
image/gif

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d8ad4bcb-db78-41aa-bf1e-921799b70fe8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:59:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.137
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d8ad4bcb-db78-41aa-bf1e-921799b70fe8
date: Sun, 01 Aug 2021 07:59:00 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

tpid=YQZUQAADaaOA2wA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 2096
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YQZUQAADaaOA2wA4

49 B
265 B

72ms
72ms

Image
image/gif

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YQZUQAADaaOA2wA4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:59:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.226
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 01 Aug 2021 07:59:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627804740.457591,VS0,VE0
x-served-by: cache-fra19136-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YQZUQAADaaOA2wA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 2096 62 B
304 B 201ms
199ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=0b7c28efb49f6dfbae9b10756c8c358c
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=421030216/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 07:59:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=15af223886a99efa2c5d49d2b55d41f0

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.alqiyady.com/	1970-01-19 20:10:47	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1627804728630]]
.alqiyady.com/	1970-01-19 20:10:04	Name: _gat Value: 1
.alqiyady.com/	1970-01-19 20:10:06	Name: _hjFirstSeen Value: 1
.alqiyady.com/	1970-01-20 04:55:40	Name: _hjid Value: bfac386b-c897-441b-837b-4365ce600664
.alqiyady.com/	1970-01-19 20:11:31	Name: _gid Value: GA1.2.1501549885.1627804728
.alqiyady.com/	1970-01-20 13:41:16	Name: _ga Value: GA1.2.1687981899.1627804728

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 127) Message: arResponse->{"pxcalls":"https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent=\|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=\|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=6ai0dLscklZTheRBuOTorIkaw&gdpr=0&gdpr_consent="}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.7awi.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adxbid.info
alqiyady.awicdn.com
ap.lijit.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
biddr.brealtime.com
bn01.er.bemail.it
c1.adform.net
cdn.connectad.io
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cs.admanmedia.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.rtbsrv.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.ib-ibi.com
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
js.cookieless-data.com
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
rtb.adentifi.com
rtb.adxpremium.services
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s2.adxpremium.services
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.adtelligent.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.tidaltv.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams02.e-planning.net
ufo.approximity.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
user-sync.adxpremium.services
usermatch.krxd.net
vars.hotjar.com
www.alqiyady.com
www.google-analytics.com
global.ib-ibi.com
104.117.200.100
104.17.119.107
104.17.4.60
13.224.96.104
13.224.96.116
13.224.96.22
13.224.96.67
142.250.184.226
142.250.185.194
146.0.227.109
151.1.205.165
151.101.14.49
159.253.128.183
168.119.146.39
169.197.150.7
173.231.180.197
178.162.133.149
178.250.0.165
178.250.2.151
18.196.230.57
18.198.126.47
18.233.75.25
185.184.8.65
185.29.132.241
185.64.189.114
185.64.190.78
185.64.190.80
185.64.190.81
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
209.54.178.82
212.82.100.182
213.155.156.164
216.52.2.39
23.45.99.241
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:20::681a:24e
2606:4700:20::681a:75b
2606:4700:3031::6815:49c2
2606:4700:3033::6815:5473
2606:4700:3033::ac43:dcda
2606:4700:3036::ac43:bf92
2606:4700::6810:ef3
2606:4700::6812:18eb
2607:ae80:5::49
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9c
2a00:7c80:0:120::2
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1370
2a04:4e42:3::300
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5139::2
3.124.169.141
3.125.70.222
3.126.56.137
3.213.248.174
34.98.67.61
35.186.253.211
35.201.81.244
35.227.248.159
35.244.174.68
37.157.3.29
37.157.4.29
37.157.6.253
37.252.172.36
37.252.173.62
5.178.65.245
5.178.65.246
5.178.65.252
51.158.29.12
51.195.5.38
51.222.80.231
51.89.9.252
52.18.85.49
52.28.96.148
52.30.92.119
52.4.51.239
52.48.137.92
52.51.35.200
52.70.197.1
52.95.116.38
54.170.215.80
62.149.0.72
66.155.71.150
66.155.71.25
69.173.144.138
69.173.144.141
69.173.144.165
76.223.111.131
85.114.159.118
88.214.206.142
89.163.159.107
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
0351cc02e795d3f2c9866bc8365582960cc37b4da9b8812267f27c133054367e
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09982a8a5cb3cb2f065c39dfcbec98ece12ce7a37076a876bfb7a443a0e6c696
09f5249462bb244befda516797646188a29e4e7188a84597738be5686ae6222e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
10b94bca27e80fff2b76764bb45e89a3fd32886375daf982a777adfba826dedf
121d0316c9c4265e93c539269456b91603231c6a5fefb85a24d4a37262515083
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12f31c2dbcca4bb1b726de4eba565776923f1dab7918c0fdb7a71a888513cfe2
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
186aaa5af2bfb0e3ce3642b9a90bd901aef3c44ac8a4bc1c80e3fe5e96094c75
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1a4a67fd99d187d513015f122d3c713e7f7f1c4f98c39b4bce21dcb8a0e9b7ba
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
21e68cef3bbcd960aaed2c5bc07015ba195b33b3814980e3b20e1f926c471e9f
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
25b8aa3fb1ad2203caebf344ce057287dc737e97bb327d79c97bec3a76d37fff
29bb5d7dc354e0a6c533b7153891ea5751bf48633d019a0370e8e73295ff9f96
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5682d68237a49e9b65e9a50574990f31e49eea4cd7f0e14549d8425286d72e
346c72627c42682dccda2557d4fbf01e989e1534e74abdce2024d33004ff8698
3503d912ed1fb8a6e3d97956bfc3f8affc61857896320bd8f749c9f6040c77ed
35143d3de5c54f4b205f97839b8bba0f62da2ce1177ca23f518b6e973131a2ff
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
393bcbb3d436d3814557cdf5e1e0e60238c919bbdba16532563e1cf7b294614e
3e5cde678aac6f9d31fc24ccc04ba676198303668bdab48b90f504ff68e9897f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4362afba4d84aa4b436d0f369edf48229dd1969cc0a9edbe3853846f91723b40
43f9140d500abe2bdbf7fd958766f2d4961f5fcce14f44c387f2b0fd05eb1113
46e3e87f22e47461e52388ee1aeab92e22f4251b9acd2dfd45f3f3c3a6ab61dc
47009634017a08b5b3f6897bd93f8984db1dc935551870d09f62f0d461de9dd2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49885008f45d7b8cf80d58cd3aa6b35860c538b3c65b029b104888440842fd3f
4a623f5aaea07848a396333c2ffede3134149529ea6d9bbf575ef479d0a93d77
4b0218c9b2ac7db5dd766489504be57a67efe3bf633f053f6168ce018d10dc0d
4bde3958693affc143dc052b2a83f49d41fbd54fcf503891af73fd6a97839d69
4e040f196c2746f638e0713abe161ea3b1b08125b144107add76e55b6d722423
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
563690dd67f0c87304ee5c8b460b91c186233a569de60927128cb22354cfaa36
56e33462ee73eb2a0085125cbef4793f3ce467c01579e8f9d818cdf13cf86997
592a9b099e00ea61f50ac3e394155db6abeb19a6858f3c947d3ceba361b09f2b
5ca7e46361e5aaa2e023977ec29b61c0748bb6c6a8ce91f9297a941fc063ff15
5d0aaa5c402a65a3be2c033d1ef66328cb0f6f25605bca5294f22753867e4f5b
5f1886216d453beffe70576b29169e165def561e069b84c070ec4c98ae16014f
6015383b23f037f587a269b1add544cd014dd0d8999d0654b08b864602a50495
6189fa407473310f621e704c6557cff7c1e73885901570b57f405a6aec9515f4
61a3575f1225f8bdcbe686c52207c9a2e7adea55de38f37f89d51fc6ced29787
6a40564362542d6b845176721daa4d7510403bee4bbbb13b47f23da3e93b8730
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b82f08883d2d825282cf2fcea4d7828446ddee9737872fbb269e47a0c4b0326
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c07afe1084e4cefd0ce08b24ac43673be23f80d5e68e915413b52318d72505a
6eec74058c22935ebfb7011dec4c87e2357f3ffa24d0811d1ad8a4b34c5f7075
72f8c60b9d5d8785255a8006fe98b90cdca9886e00d62fbfd29a0e2089f383cd
73282072f654a1cbeddf1a3443021114f67ca2bd2a6ad7f9bef3f1f9e5aa81d0
740ceba3b5d21bf024901a44c0d8eca7752d9a812b578b589c6eddc16888e238
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
782fe32d0247d709fac11aa3e88764b447b5a38e0e5c5c03e3660f3bdec0854b
789e0113622460e9a2b2018df16ecdc368c3c8d23ab385a02e111498413fbc00
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7d626082c36e73f409a25cb77437de9c7a2a68570721374e802f288d619b7dfd
7d82b0c598760a2f7b526fed185554f81afb26a7195981836311995763f8a897
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
823833db81b7be86df3ebc3a0b87c237307b60a7b9914f9cd2a70aa5ee6cc415
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c2b4cb80531f9c2803960e18674e329178f7e22d5233b1a17615d24795e846
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
8ccf49e2daa20f6f9119fea34df0abb66e0f870b6563008037c8a16ce16bb35a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dacc88b3df4719fe67f95c1b55e0d6121d168bf79f6e3dcf56d2b0dbf08caab
90ecbcc65685831645aaab6e09a8ef222b6b3bc6f0cbff794469e79a8fd3adce
91c6ca1830769e27053e688d4fd11a0e616c58cd62f81b05a96c582bd26869cc
96d3fa09997fae6fe4b855f167b5b453c6c1c7877c3410b9e3e5848e0542af0d
97c2d4c23ad1a7550d5c9bfde5d915075f586d5233655e2662ac1e246d9a0fc3
9a9f63df4960524ba8b54a8452386347d4d1bf2f313bcdd02936b0b1a43b4d94
9fddd7ba3fe6496ac760349c3ce35d3a329d70615f6ec5542f07ea1ea13bac51
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a46bdee9c1e96477b4f960e6c3bfb88feabdbceba681ba344f8a5983b231f58c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa84e55f54b28d3a40c93bba161812eb2b06db3cb642ff2ac4ccbcd6be6bb21e
aa9bf89233ac910bde8576a200636407127e5173292f689fa15c33155b8c7d54
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee3d469a7c3e04ef0a39326b7661df9561a3a8ed795fc3e56fd6db88c7c856f
b02e144fe210b80bdafef0ffce19e8e8652bb6f4f7d737634d7e4afe6ba0b947
b0a2ce7e21b7b458a8b2aeb5ff48f1abc61d258be14c0e44ecefc160d957e263
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19d62cb8a06c7ba950da92dc55d48bb0d48cd65b7c15104ea003b0e45f6c2d8
b1a83dcfbbe019627469d0979246dbabd86a39d5e06810b8c160b542c7aab241
b330aef11cb0bae6bc4bd86976a935c23a7bc4d9d0b1d93c5182dbb0fe5fe3d5
b39ae71c032124badcdba31039cb01d8d4d3f8f970b13fb5cd282c6bb92028a5
b45bfe1abba7ba2a877e168adaeed3b8a8d94ade6b7bbfdbdfaaed87072f2df9
b4852100118862fb5f75d959f4d13e0dffe33bbc048bc87f0eea7e4bf56efb73
b891c5240ca6b148d8330b3004c8022e6017107dd3a1265f8ccf122f4651aea2
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c02d5cc43bf0238777649ffd251fb059f0158fd8aa1f87ad3b5e84e18a63bcba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c38797c5b5146e79eea4dcf37de1adf08c5bfb655c75a83304ee806b21212e8a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ce112452d8702100e468c3aae131d4da15e82d6b07023542e9d7675b5b6cf87e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dc400e77f455fd5c9580020cbcb0b667e190a4e0a09dd056c1cb054b58ff89
d33fd6a0999791db7a5773a9ef33ca7e8b50614979b35b426bafddb140330d9d
d3557874c8146520233bee43fcf581021a80b5e2fe4b1dd0443c75b69a07f21a
d4af55929f3443233536ceca1937331e5fa4d7523ba189a90be4fb44b185d571
d85d5dd7053310674bc60753c4c55ed355353c63af9f6a7aa3aca2199acb6676
dc1cdd9098b3492642a80bddbe4a5b637c5b5fe85a41cf0881833a1b80b603e0
ddf2b9cbd4366008c4f397c01b9da5a8a8742fab1acdae069bb9426afdf764b8
e260c2442fac1bcf84eda23f04f1ae285b0841eef0a05bc283b01b52f70c1af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4d2660052465f9c23409bfb7a85edfa13d242cd902ac5a8d33bcd52fcb36f
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e72019a3a20091990cf62838570e3359c428ef36e22e974a7cbaf504f0333726
e78af992126112b4cd094166ade15dbdd1be8cefba2d953580d90007a594f0bc
e7f5a17dec53daa0d61ab93159c73639f938b6ff03843ce7798d8bc806228ae5
e82ff34808498f3bacd8b35c08011552993821d588f53c15d5c343ddc6759a8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa6f0dfd40ce927e7039efc9e23d1736b4e5b3b43202b732a155c31bdbb9bb9
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
efea7b2837c7c686608b75857126ac8c6c9442f40fc987a1aa981cf84d22eab4
f2e2ae16d8190a1bd9f692ad1d927ad37ed6fc997dc704c59568c3fa33504268
f33adc64fef9e2f52ef0b2a5596c8812c514ad9cc2e0ea70480884271e242d07
f3d0723857425ef2e860578b7dc5e6b433513525afbe649bacb71a26e0aad1d4
f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661
f59aaba45fdc2d77d52783d1f7a5397fc594f07bc690f7686fb045e97cacb95d
f65f0cd6fe7ec10b8da06387aaf6f9c1943664d796265e9e064a7e6b44f7d5fa
f70cd4d5f64f93f513be5dd24649b0b81ff5eb38fee3f9be4d73640fbac680b9
f8bc5e12a42d5a5a01d6ca74be670b30dbe8e3b1ce81ce38138603df6eb63f85
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

www.alqiyady.com Open in urlscan Pro 104.17.4.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

248 Requests

100 %HTTPS

25 %IPv6

76 Domains

114 Subdomains

81 IPs

14 Countries

1588 kBTransfer

3377 kBSize

6 Cookies

88 Outgoing links

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.alqiyady.com Open in urlscan Pro
104.17.4.60 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

100 %
HTTPS

25 %
IPv6

76
Domains

114
Subdomains

81
IPs

14
Countries

1588 kB
Transfer

3377 kB
Size

6
Cookies

248 HTTP transactions
0 data transactions