zoxnews.uk Open in urlscan Pro
31.172.80.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zoxnews.uk/
Submission: On January 18 via api (January 18th 2024, 10:13:38 am UTC) from US — Scanned from US

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 44 domains to perform 141 HTTP transactions. The main IP is 31.172.80.62, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is zoxnews.uk.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 16th 2024. Valid for: 3 months.

This is the only time zoxnews.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	31.172.80.62 31.172.80.62	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2514:2000:1f:946:f000:21	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:ca9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:210... 2600:9000:210b:1200:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
10	147.75.195.77 147.75.195.77	54825 (PACKET) (PACKET)
2 22	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
26	35.241.34.106 35.241.34.106	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3 4	131.153.242.59 131.153.242.59	19437 (SS-ASH) (SS-ASH)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	162.19.138.118 162.19.138.118	() ()
1	23.52.165.154 23.52.165.154	() ()
2	2606:4700::68... 2606:4700::6813:9e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	213.19.162.80 213.19.162.80	() ()
3 4	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
9 15	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	80.77.87.162 80.77.87.162	46636 (NATCOWEB) (NATCOWEB)
1 1	82.145.213.8 82.145.213.8	() ()
6 9	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	216.22.16.69 216.22.16.69	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 5	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
4 4	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	2606:ae80:147... 2606:ae80:1471:1c::2040	() ()
6 7	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.223.40.198 52.223.40.198	() ()
6 6	35.211.178.172 35.211.178.172	() ()
1 1	199.38.167.130 199.38.167.130	() ()
1 1	23.205.2.235 23.205.2.235	() ()
2	23.46.226.102 23.46.226.102	() ()
2 2	35.190.90.30 35.190.90.30	() ()
1 1	64.58.232.176 64.58.232.176	() ()
1 1	69.169.86.39 69.169.86.39	() ()
5	147.75.195.55 147.75.195.55	() ()
2 2	35.227.252.103 35.227.252.103	() ()
1	37.157.5.132 37.157.5.132	() ()
1 1	162.248.18.34 162.248.18.34	() ()
2 2	104.18.36.155 104.18.36.155	() ()
1 3	63.251.86.49 63.251.86.49	() ()
1	104.36.115.123 104.36.115.123	() ()
1	162.19.138.83 162.19.138.83	() ()
5 6	8.43.72.97 8.43.72.97	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 3	52.94.223.37 52.94.223.37	() ()
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e	() ()
2 2	54.165.177.33 54.165.177.33	() ()
1 1	2600:9000:266... 2600:9000:266a:b000:1a:5235:f980:93a1	() ()
1 1	2600:9000:207... 2600:9000:2073:4800:1b:6b7d:2300:93a1	() ()
1	18.173.219.51 18.173.219.51	() ()
1 2	104.18.41.104 104.18.41.104	() ()
1	23.40.179.71 23.40.179.71	() ()
1 1	54.145.121.220 54.145.121.220	() ()
141	37

22 31.172.80.62 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

zoxnews.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:2000:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)

d3u598arehftfk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:ca9a (United States)

ASN13335 (CLOUDFLARENET, US)

hbagency.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:210b:1200:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 147.75.195.77 (Parsippany, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 51.222.239.232 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 35.241.34.106 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 131.153.242.59 (United States) 3 redirects

ASN19437 (SS-ASH, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.165.154 (None, )

ASN- ()

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (None, ) 1 redirects

ASN- ()

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.26 (Jersey City, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 8.43.72.98 (United States) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.162 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.40.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.69 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.82 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:1c::2040 (None, ) 2 redirects

ASN- ()

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.225.218.10 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (None, ) 3 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (None, ) 6 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.2.235 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.46.226.102 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.30 (None, ) 2 redirects

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (None, ) 1 redirects

ASN- ()

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.39 (None, ) 1 redirects

ASN- ()

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.195.55 (None, )

ASN- ()

sync.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (None, ) 2 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.34 (None, ) 1 redirects

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.49 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.123 (None, )

ASN- ()

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (None, )

ASN- ()

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.43.72.97 (None, ) 5 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.177.33 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:b000:1a:5235:f980:93a1 (None, ) 1 redirects

ASN- ()

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2073:4800:1b:6b7d:2300:93a1 (None, ) 1 redirects

ASN- ()

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.51 (None, )

ASN- ()

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, ) 1 redirects

ASN- ()

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.179.71 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.121.220 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	4dex.io script.4dex.io — Cisco Umbrella Rank: 1603 mp.4dex.io — Cisco Umbrella Rank: 2539 c.4dex.io — Cisco Umbrella Rank: 5844	28 KB
25	rubiconproject.com 16 redirects pixel-eu.rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381 secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	30 KB
22	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	9 KB
22	zoxnews.uk zoxnews.uk	657 KB
18	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 740 c3.a-mo.net — Cisco Umbrella Rank: 17331 assets.a-mo.net — Cisco Umbrella Rank: 1466 sync.a-mo.net	12 KB
9	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
8	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com	3 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326 aax-eu.amazon-adsystem.com	5 KB
7	pubmatic.com 6 redirects image8.pubmatic.com — Cisco Umbrella Rank: 664 image2.pubmatic.com — Cisco Umbrella Rank: 912 image4.pubmatic.com ow.pubmatic.com	3 KB
6	bidswitch.net 6 redirects x.bidswitch.net	4 KB
6	adform.net adx.adform.net — Cisco Umbrella Rank: 4252 cm.adform.net	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	4 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123	2 KB
3	lijit.com 1 redirects ap.lijit.com ce.lijit.com	1 KB
3	mookie1.com 3 redirects odr.mookie1.com ib.mookie1.com	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	a-mx.com 2 redirects id.a-mx.com — Cisco Umbrella Rank: 1489	2 KB
2	connatix.com 1 redirects capi.connatix.com	528 B
2	intentiq.com 1 redirects sync.intentiq.com sync1.intentiq.com	2 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	1 KB
2	openx.net 2 redirects rtb.openx.net	562 B
2	dotomi.com 2 redirects prebid-match.dotomi.com	673 B
2	id5-sync.com id5-sync.com	2 KB
2	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 3915	44 KB
2	hbagency.it hbagency.it — Cisco Umbrella Rank: 179126	152 KB
1	ipredictive.com 1 redirects sync.ipredictive.com	500 B
1	yahoo.net hb.yahoo.net	650 B
1	primis.tech 1 redirects live.primis.tech	555 B
1	linkedin.com px.ads.linkedin.com	516 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com	270 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	533 B
1	rfihub.com 1 redirects p.rfihub.com	761 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	727 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724	252 B
1	opera.com 1 redirects t.adx.opera.com	536 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 973	597 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	516 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	671 B
1	teads.tv at.teads.tv	333 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	6 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	cloudfront.net d3u598arehftfk.cloudfront.net	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
141	44

	Domain	Requested by
26	c.4dex.io	hbagency.it
22	onetag-sys.com	2 redirects hbagency.it onetag-sys.com
22	zoxnews.uk	zoxnews.uk
15	pixel.rubiconproject.com	9 redirects onetag-sys.com
10	prebid.a-mo.net	hbagency.it
9	cm.g.doubleclick.net	6 redirects onetag-sys.com
7	ups.analytics.yahoo.com	6 redirects assets.a-mo.net
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	x.bidswitch.net	6 redirects
5	sync.a-mo.net
5	s.amazon-adsystem.com	2 redirects onetag-sys.com
5	adx.adform.net	hbagency.it
5	mp.4dex.io	hbagency.it
4	image8.pubmatic.com	4 redirects
4	ib.adnxs.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	3 redirects
3	id.a-mx.com	2 redirects
2	capi.connatix.com	1 redirects
2	ce.lijit.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	odr.mookie1.com	2 redirects
2	eus.rubiconproject.com	assets.a-mo.net eus.rubiconproject.com
2	prebid-match.dotomi.com	2 redirects
2	assets.a-mo.net	prebid.a-mo.net assets.a-mo.net
2	id5-sync.com	hbagency.it
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	script.4dex.io	hbagency.it script.4dex.io
2	cmp.inmobi.com	hbagency.it cmp.inmobi.com
2	hbagency.it	d3u598arehftfk.cloudfront.net
1	sync.ipredictive.com	1 redirects
1	hb.yahoo.net
1	sync1.intentiq.com
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	lb.eu-1-id5-sync.com	hbagency.it
1	ow.pubmatic.com
1	ap.lijit.com
1	image4.pubmatic.com	1 redirects
1	cm.adform.net
1	ib.mookie1.com	1 redirects
1	global.ib-ibi.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	p.rfihub.com	1 redirects
1	bh.contextweb.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	t.adx.opera.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	at.teads.tv	hbagency.it
1	c3.a-mo.net	1 redirects
1	cdnjs.cloudflare.com	d3u598arehftfk.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	d3u598arehftfk.cloudfront.net	zoxnews.uk
1	fonts.googleapis.com	zoxnews.uk
141	63

This site contains no links.

Subject Issuer	Validity	Valid
zoxnews.uk cPanel, Inc. Certification Authority	`2024-01-16` - `2024-04-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
hbagency.it Cloudflare Inc ECC CA-3	`2023-09-20` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
c.4dex.io GTS CA 1D4	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://zoxnews.uk/
Frame ID: 81D3AF50AD84333CBBA0D9C2A8150EB3
Requests: 85 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 5E34BC2FE8FCE19ABC0580A0E9AA34BB
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0
Frame ID: E2893DE5734ED9E445F40B0025F7CB10
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 348D42945998D66717633E61A5406DC0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZoxNews -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

141
Requests

69 %
HTTPS

25 %
IPv6

44
Domains

63
Subdomains

37
IPs

4
Countries

1021 kB
Transfer

1682 kB
Size

56
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://id.a-mx.com/sync/?tagId=aGJhZ2VuY3kuaXQ&ref=null&u=https://zoxnews.uk/&tl=https://zoxnews.uk/&nf=0&rt=true&v=8.30.0&av=2.0&vg=pbjs_hbagencyicd&us_privacy=null&am=null&gdpr=0&gdpr_consent=undefined HTTP 302
https://c3.a-mo.net/b?uid=b83e7bf6-78a0-4355-aea2-62356ff99562&sh=id.a-mx.com& HTTP 302
https://id.a-mx.com/set?oid=b83e7bf6-78a0-4355-aea2-62356ff99562&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fzoxnews.uk%2F&domain=zoxnews.uk&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=PIpZqHxoNDV2WjlpeXB2VmxOWUlHNWYyNmNRK1E2SmJVdTVYOS9GQVVDQzhacERiTFFKbllvMDFNeXlGQnhLZ3k5V2UzRW04ajNlUDQ4ZUZ3ZHBYSURnYWhHdExtbXR4Mm5jdVNTdzkydTJqN2hMd2haTHlDYlE0MGJhYTVjMHBKTytuemxtdWprcFZCU3BoMlBaWFNJTnMwd3hqUzJNOExpbVlVdW5tOWZ0RnJCd2tkZ1JlNHNWSk1XMWZ4Z1NwbVA2K1ZOeHh6enRUS1QzVUdkdnQ1UDV5a3pKT0hqL2NIY2FxTEVPRTFWZ0Y4ckNZPXw&cppv=2

Request Chain 86

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=fba965a8-f9cf-4f00-8c77-a8e57b3f7d10&gdpr=0&gdpr_consent=

Request Chain 87

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LRJ20NFP-V-9GLI&gdpr=0

Request Chain 88

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8102615557943543431

Request Chain 89

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=83106598ffd14d54bb2f8d13ad3bce6&gdpr_consent=&gdpr=0

Request Chain 91

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=6399f72c-ef12-4a58-8b5f-46fae076ed40

Request Chain 92

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU38d53cd509864cfc93c302e1ff5655ae

Request Chain 93

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A&google_tc=

Request Chain 94

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=6764301336847328637

Request Chain 95

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko

Request Chain 96

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE5NEEzMjctMDc4Qy00OERGLTlCMEYtOTEwNDUzQzYyRjA1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4A94A327-078C-48DF-9B0F-910453C62F05

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC9w1IvS38mSqxQSSXDk4sA&google_cver=1

Request Chain 98

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=JaiI4Y1lNBk6&ev=1&us_privacy=&pid=562985

Request Chain 99

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6b0bffb03cb248a&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABvB2RxIHpzgMDBqNRAAAAAAA&expiration=1705659216

Request Chain 100

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A

Request Chain 101

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=

Request Chain 102

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288130090477374&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=

Request Chain 105

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx

Request Chain 106

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&gdpr=0&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&gdpr=0&us_privacy=1--- HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aba06538-8912-414f-bb4d-c1635efdd266&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10596195875225282096&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
https://ib.mookie1.com/image.sbmx?go=298769&pid=541&xid=10596195875225282096&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=&ssp=adaptmx HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596195875225282096&ssp=adaptmx&gdpr=&gdpr_consent= HTTP 302
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=

Request Chain 107

https://ups.analytics.yahoo.com/ups/58570/occ?uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d HTTP 302
https://ups.analytics.yahoo.com/ups/58570/occ?uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&verify=true HTTP 302
https://prebid.a-mo.net/setuid/yahoo?uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A

Request Chain 108

https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Damx_com%26uid%3D HTTP 302
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=amx_com&uid=b83e7bf6-78a0-4355-aea2-62356ff99562

Request Chain 109

https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1 HTTP 302
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=openx&uid=772edce5-793c-4503-af72-90db62251d01

Request Chain 111

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dpubmatic%26uid%3D4A94A327-078C-48DF-9B0F-910453C62F05&us_privacy=1--- HTTP 302
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=pubmatic&uid=4A94A327-078C-48DF-9B0F-910453C62F05

Request Chain 112

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
https://sync.a-mo.net/setuid?us_privacy=1---&A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=index_rtb&uid=Zaj5z943dsVNKBL1U5Q1NwAA%261273

Request Chain 114

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=appnexus&uid=8102615557943543431

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LRJ20NFP-V-9GLI HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0&gdpr_consent=undefined

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEwt8wPzE0NPNXTkFhEN-Ok&google_cver=1

Request Chain 125

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q8-Ihok_TI66xxhRlOwlyQ&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q8-Ihok_TI66xxhRlOwlyQ&gdpr=0

Request Chain 126

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRJ20NFP-V-9GLI&gdpr=0

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GUUaOK4vSEKRQvC_lTbqpQ&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GUUaOK4vSEKRQvC_lTbqpQ&gdpr=0

Request Chain 128

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LRJ20NFP-V-9GLI&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 129

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=&expires=30

Request Chain 130

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZDhjNDQ1NmJhMzgwYWQ1MGEwYjMyOTdmYWFkZTY4NzliMWQzZQ&gdpr=0

Request Chain 131

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/oomt8nqIFYN_N1UZVqx7Yg?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Tfn3K1E2oJYWNhBiHn8tzB_NKcytqm3nzi9pA--~A

Request Chain 132

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJKMjBORlAtVi05R0xJ&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEFm6rQcqU7DjwgsxId8aOa0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKMjBORlAtVi05R0xJ&google_push=&gdpr=0

Request Chain 133

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUD07LUfQAABQYKNiHVQ&expires=30&gdpr=0

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0&dnr=1

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRJ20NFP-V-9GLI&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI&ckls=true&ci=1VmUCQvbId&nc=false&trid=-702597494

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

Request Chain 138

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRJ20NFP-V-9GLI&redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRJ20NFP-V-9GLI&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zRDVEa2hwRTJ1RmdyZlpEampveHNicmxSeUVod3BpNX5B&gdpr=0&ovsid=LRJ20NFP-V-9GLI&dpid=58160

Request Chain 139

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4541a3ab-8be0-48c4-b57d-0acbf48b5eb7&expires=30&gdpr=0

141 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
zoxnews.uk/ 48 KB
49 KB 763ms
340ms Document
text/html 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1194e3bf744950c2197b6c9d293dfd7c78fb96c9c8ac0a47ea217cbe52df504b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Jan 2024 10:13:30 GMT
Keep-Alive: timeout=5, max=1000
Link: <https://zoxnews.uk/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK style.min.css
zoxnews.uk/wp-includes/css/dist/block-library/ 107 KB
108 KB 329ms
113ms Stylesheet
text/css 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:30 GMT
Last-Modified: Sun, 05 Nov 2023 19:40:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 110035

GET
BLOB 200
OK 2f3aabab-1456-48dd-bacb-330022033106
https://zoxnews.uk/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://zoxnews.uk/2f3aabab-1456-48dd-bacb-330022033106
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK styles.css
zoxnews.uk/wp-content/plugins/contact-form-7/includes/css/ 3 KB
3 KB 247ms
115ms Stylesheet
text/css 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:30 GMT
Last-Modified: Tue, 16 Jan 2024 22:48:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 2894

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 103ms
39ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: zoxnews.uk
URL: https://zoxnews.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 10:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 09:13:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 10:13:30 GMT

GET
H/1.1 200
OK style.css
zoxnews.uk/wp-content/themes/mh-magazine-lite/ 45 KB
45 KB 334ms
113ms Stylesheet
text/css 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 21:35:36 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 45602

GET
H/1.1 200
OK font-awesome.min.css
zoxnews.uk/wp-content/themes/mh-magazine-lite/includes/ 30 KB
31 KB 338ms
114ms Stylesheet
text/css 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 21:35:36 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 31000

GET
H/1.1 200
OK jquery.min.js Show response
zoxnews.uk/wp-includes/js/jquery/ 86 KB
86 KB 338ms
115ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 87553

GET
H/1.1 200
OK jquery-migrate.min.js Show response
zoxnews.uk/wp-includes/js/jquery/ 13 KB
14 KB 336ms
113ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Fri, 09 Jun 2023 05:49:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 13577

GET
H/1.1 200
OK scripts.js Show response
zoxnews.uk/wp-content/themes/mh-magazine-lite/js/ 36 KB
37 KB 365ms
119ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 21:35:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 37321

GET
H2 200 prebid_hb_7883_13357.js Show response
d3u598arehftfk.cloudfront.net/ 144 KB
33 KB 112ms
29ms Script
application/javascript 2600:9000:2514:2000:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_7883_13357.js
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:2000:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61adbdc5d195591f22eccc679d7a4f72f7390f9eb3754b0e1bec1c31b7065b51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:51:34 GMT
content-encoding: gzip
via: 1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 14:25:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 69718
etag: W/"3995c7a10dc080cde863740a9d988d30"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
x-amz-cf-id: DMS_XWU07kdAjNAEE4T1JI2tKu-Gdos7Ud-ca6RNQtlJHMtefThxCQ==

GET
H/1.1 200
OK 419216027_981964930397665_425055730235539228_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 18 KB
18 KB 553ms
115ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419216027_981964930397665_425055730235539228_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4e8a1eb1077af2ce2a1e75b0d0ebc4de5063eca00697faad1c88f00cdbf0c367

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 11:34:39 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 18219

GET
H/1.1 200
OK 419315408_981963610397797_4972520394475146855_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 19 KB
19 KB 113ms
113ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419315408_981963610397797_4972520394475146855_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5d0c09deac7b949a8e86c9d54fed8baa28d400c761bd737ffc3eccae6c25d129

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:55:55 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 19315

GET
H/1.1 200
OK 419239620_981956720398486_8432284697798576125_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 14 KB
14 KB 116ms
115ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419239620_981956720398486_8432284697798576125_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6cd0cf77c140ccc05407510b66b120025fc47859a07a1204b7ba98aedd79a2f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:48:56 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 14122

GET
H/1.1 200
OK index.js Show response
zoxnews.uk/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
11 KB 113ms
112ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 22:48:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 11117

GET
H/1.1 200
OK index.js Show response
zoxnews.uk/wp-content/plugins/contact-form-7/includes/js/ 13 KB
13 KB 115ms
114ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 22:48:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 13182

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 94ms
24ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zoxnews.uk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:32:24 GMT
x-content-type-options: nosniff
age: 171667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 10:32:24 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
zoxnews.uk/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 113ms
113ms Font
font/woff2 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://zoxnews.uk/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://zoxnews.uk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Tue, 16 Jan 2024 21:35:36 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 77160

GET
H/1.1 200
OK 419207366_981958390398319_5658973751961381851_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 19 KB
19 KB 116ms
115ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419207366_981958390398319_5658973751961381851_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: f253825e10bb970e1e05d3f8b0ee6cf4caee9bc221a184fcda5cc8547a71ddbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:40:39 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=997
Content-Length: 19372

GET
H/1.1 200
OK 419201782_981961707064654_3904075845760593309_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 13 KB
14 KB 114ms
113ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419201782_981961707064654_3904075845760593309_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 604a90464d3bdcee378b28fdff6082fea0bde19f725cb5ba30bd18e557c6140d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:33:09 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 13657

GET
H/1.1 200
OK 420068174_981959560398202_4938434532838296917_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 19 KB
19 KB 115ms
114ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/420068174_981959560398202_4938434532838296917_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: d99bf228727aac5c58c0c1524b6de17496e2e72234f0469497103ae7297a7f77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:27:51 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 19397

GET
H/1.1 200
OK 420188269_982127163714775_2965200647859414121_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 20 KB
20 KB 114ms
114ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/420188269_982127163714775_2965200647859414121_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 01cdea2349867adeaf02677aaaab03f7b1802d6440fab30ef5963b0cb3b405ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:23:42 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=997
Content-Length: 20295

GET
H/1.1 200
OK 419846727_981772200416938_5730365845517170851_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 9 KB
9 KB 113ms
112ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/419846727_981772200416938_5730365845517170851_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8f957dae566914d97343fae818dcda39865356335d2337cb300b2578ab35d1e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:16:21 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 8819

GET
H/1.1 200
OK 420060585_18430962307036669_3602991928802514748_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 16 KB
16 KB 113ms
113ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/420060585_18430962307036669_3602991928802514748_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: e11b8dd6654832fcb48d5e88336e3e56f0dbc83d3b0ebb304ee3f91f2daedba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:10:59 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=997
Content-Length: 16384

GET
H/1.1 200
OK 420048567_981818873745604_3552590007965653762_n-326x245.jpg
zoxnews.uk/wp-content/uploads/2024/01/ 20 KB
20 KB 115ms
114ms Image
image/jpeg 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zoxnews.uk/wp-content/uploads/2024/01/420048567_981818873745604_3552590007965653762_n-326x245.jpg
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0a4b88443bfce9f3cd01b3c71e1fd070929dc98d6f8c09f70f10727d27656024

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Wed, 17 Jan 2024 09:01:42 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=996
Content-Length: 20233

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
zoxnews.uk/wp-includes/js/ 18 KB
19 KB 113ms
113ms Script
application/javascript 31.172.80.62
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://zoxnews.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: zoxnews.uk
URL: https://zoxnews.uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 31.172.80.62 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Last-Modified: Thu, 02 Feb 2023 00:53:25 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=998
Content-Length: 18692

GET
H2 200 tcf2_cmp_hbagency.js Show response
hbagency.it/cdn/ 2 KB
1 KB 132ms
35ms Script
application/javascript 2606:4700:3037::ac43:ca9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_7883_13357.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ca9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5605aa52bfeebb8d52feaec247d7aed862816bd1fb0230f9a10a8a939b9c4207

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514
cf-polished: origSize=1710
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Nov 2023 08:45:19 GMT
server: cloudflare
etag: W/"6ae-60a5527fc04e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq1mqC%2FNlG%2BVL7lA61s90DY15EDICSW43Wi3mqsmrrAVU46kNFkPiq%2FZrxRhAo%2Fy7F1Vy0LHwxvb0h%2Bn525KcqWmXrvdJWavC4Fn2tcKKRe8BfVKRqSmAVaiVa6tHXV213110DwEomO1OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 847610d84cda4bbd-BUF

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 98ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_7883_13357.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 583723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5117
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXP8WtaJ48ljIckvuLVWpQt63OHYaYo6Dwu8FbdYOFpaDNvOlu17SG0YPjDYTdM1%2FLUyKVghN42mUg6OhEtMnY6pkP1jYTbH6zd3tFvVTCYoWdFMdAba8MloyUiZiZpQRLb6BKDhF1LmQtwcc%2BlGDSkd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 847610d819354bd2-BUF
expires: Tue, 07 Jan 2025 10:13:31 GMT

GET
H2 200 prebid_8.30.js Show response
hbagency.it/cdn/ 489 KB
150 KB 140ms
45ms Script
application/javascript 2606:4700:3037::ac43:ca9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hbagency.it/cdn/prebid_8.30.js
Requested by: Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_7883_13357.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ca9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701681e456189ce8940a68318d12671905ec131fa1819fe1fdf2c0d7e4f16b67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514
cf-polished: origSize=501914
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 11 Jan 2024 14:16:13 GMT
server: cloudflare
etag: W/"7a89a-60eac309f106c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIrEIp%2F1og1rOjgXi1TXT2J1hUmeIQ3Aky1acEY1xXCQCGPAIxfmQ1aRJozhhUpBeq7%2BLg8%2B63dFkbsIPKK%2FPIvOSzZKIGQWI8grITmb4TUxBMc0tWtioNnL4%2FHWMH1goY29MzD%2Bm4U8Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 847610d84cd94bbd-BUF

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/ 4 KB
2 KB 102ms
26ms Script
application/javascript 2600:9000:210b:1200:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/choice.js?tag_version=V3
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fe9373c70da8c3deb19bed67ef35e5001cb688217190b344699ce27520dc617

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:31 GMT
content-encoding: gzip
via: 1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 07:52:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 9
x-amz-server-side-encryption: AES256
etag: W/"831ccb50df1e7848f50f4f3771c7c828"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: OVYndzgxNSO0qUOGiadrP62fPY81xfJM9TmXyHhOdhcL1wr7V1i_oA==

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
42 KB 27ms
27ms Script
text/javascript 2600:9000:210b:1200:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=hbagency.it
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/cJsduNRegvC-s/hbagency.it/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:1200:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:48:24 GMT
content-encoding: br
via: 1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 1508
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"7636a5d5c097ff5973731fa30bece2ba"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: lchmnFWbL_MF-VjZbFINR9SLWcLycZ6YyMQEM1Tt5lUgL1_OT_Y7EA==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 108ms
34ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1825115
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCeN%2BdDDaP3x%2F26ty7gtLrIsQFQNXA3fE9v1LQ4JyauTBm7lGp8sAEGSs0qg%2FdEbV5dDnp0ADOUr%2F4NhLij%2FQ7pcgf%2FjLBG5ToAe53uLbFqRJfOjR5XuyPeZiqm0k81Uc62DNy%2FUcfY%2FCHy4"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 847610da3dba4bbd-BUF

POST
H2 204 prebid Show response
mp.4dex.io/ 0
283 B 188ms
122ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:31 GMT
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847610da4c186aed-BUF
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 410ms
143ms Fetch 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
518 B 138ms
55ms Fetch 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:31 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 92ms
31ms Fetch
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://zoxnews.uk
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 255ms
193ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:32 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YYyDDQrD1IrjzZE9ewMowm0Sfct%2BxeLJvGXKyzVsvjDjzJitVa9jwErz%2BvJJq5qwY%2BG3Ow7SQ4KlcZuF6rygXuCSR3zKDntk4Aod7%2FGquznpTxS%2BnG6%2B%2Bd5f4uWXvN%2FczFKHKoKYGG6PSD3"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 847610dad9644bd8-BUF

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 178ms
103ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112689&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_footer_fix&mts=ban&ban_szs=728x90&bdrs=adagio%2Cadf%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 178ms
104ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112690&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_bottom_left&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
316 B 174ms
100ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112691&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_middle_btf_third&mts=ban%2Cvideo&ban_szs=300x250%2C336x280%2C430x280%2C600x200%2C600x250%2C640x200%2C640x360&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban%2Cvideo
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 175ms
103ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112692&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_left&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 178ms
105ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112693&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_right&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 173ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112695&url_dmn=zoxnews.uk&pgtyp=article&plcmt=Interstitial&mts=ban&ban_szs=1x1%2C300x250%2C300x600%2C320x400%2C320x480%2C320x500%2C640x200%2C640x480&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 173ms
102ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112696&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_sidebar_atf&mts=ban&ban_szs=300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 175ms
105ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112697&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_sidebar_atf&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x600%2C320x100%2C320x50%2C970x250%2C970x90&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 202ms
133ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112698&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_middle_btf_third&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 111ms
99ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112689&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_footer_fix&mts=ban&ban_szs=728x90&bdrs=adagio%2Cadf%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 114ms
103ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112690&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_bottom_left&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 115ms
105ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112691&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_middle_btf_third&mts=ban%2Cvideo&ban_szs=300x250%2C336x280%2C430x280%2C600x200%2C600x250%2C640x200%2C640x360&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban%2Cvideo&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 117ms
106ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112692&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_left&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 117ms
107ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112693&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_right&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 109ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112695&url_dmn=zoxnews.uk&pgtyp=article&plcmt=Interstitial&mts=ban&ban_szs=1x1%2C300x250%2C300x600%2C320x400%2C320x480%2C320x500%2C640x200%2C640x480&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 126ms
118ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112696&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_sidebar_atf&mts=ban&ban_szs=300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 116ms
109ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112697&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_sidebar_atf&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x600%2C320x100%2C320x50%2C970x250%2C970x90&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 124ms
117ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=9dd01480-e61d-40b0-b55a-c610113dceaa&adu_code=hbagency_space_112698&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_middle_btf_third&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:32 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 31ms
25ms Fetch
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://zoxnews.uk
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
158 B 49ms
44ms Fetch 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 180ms
177ms Fetch 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 prebid Show response
mp.4dex.io/ 0
64 B 114ms
112ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847610e37a216aed-BUF
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 33ms
24ms Fetch
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://zoxnews.uk
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 125ms
116ms Fetch 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 92
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 154ms
146ms Fetch 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 prebid Show response
mp.4dex.io/ 0
41 B 121ms
113ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847610e3aa416aed-BUF
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 31ms
25ms Fetch
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://zoxnews.uk
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 154ms
148ms Fetch 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 prebid Show response
mp.4dex.io/ 0
41 B 116ms
112ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847610e3aa426aed-BUF
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 39ms
35ms Fetch 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 29ms
25ms Fetch
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://zoxnews.uk
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 118ms
115ms Fetch 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
134 B 62ms
58ms Fetch 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:32 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 34
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 prebid Show response
mp.4dex.io/ 0
41 B 137ms
131ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:33 GMT
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847610e3aa446aed-BUF
expires: 0

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 102ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=850bc642-2f2f-4c72-a21b-4609df3a37d6&adu_code=hbagency_space_112690&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_bottom_left&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 103ms
102ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=0a8e9d6a-9663-4b0b-a1dc-d1abf0944231&adu_code=hbagency_space_112692&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_left&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 101ms
100ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=95955bf6-dd26-4269-9677-5e59cc036565&adu_code=hbagency_space_112693&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_right&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 103ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=1&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=f6cda80a-c26a-4900-a07b-c88a93d8089d&adu_code=hbagency_space_112695&url_dmn=zoxnews.uk&pgtyp=article&plcmt=Interstitial&mts=ban&ban_szs=1x1%2C300x250%2C300x600%2C320x400%2C320x480%2C320x500%2C640x200%2C640x480&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 102ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=f6cda80a-c26a-4900-a07b-c88a93d8089d&adu_code=hbagency_space_112695&url_dmn=zoxnews.uk&pgtyp=article&plcmt=Interstitial&mts=ban&ban_szs=1x1%2C300x250%2C300x600%2C320x400%2C320x480%2C320x500%2C640x200%2C640x480&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 104ms
102ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=0a8e9d6a-9663-4b0b-a1dc-d1abf0944231&adu_code=hbagency_space_112692&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_left&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 104ms
102ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=850bc642-2f2f-4c72-a21b-4609df3a37d6&adu_code=hbagency_space_112690&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_bottom_left&mts=ban&ban_szs=300x250&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 102ms
101ms Fetch
image/gif 35.241.34.106
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?v=2&pbjsv=8.30.0&org_id=1078&site=zoxnews-uk&pv_id=bd26302c-6177-4bda-95d0-e79ce747b61b&auct_id=95955bf6-dd26-4269-9677-5e59cc036565&adu_code=hbagency_space_112693&url_dmn=zoxnews.uk&pgtyp=article&plcmt=bann_fix_right&mts=ban&ban_szs=120x600%2C160x600%2C1x1%2C300x250%2C300x600&bdrs=adagio%2Cadf%2Camx%2Conetag&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:33 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 109ms
33ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fzoxnews.uk%2F&domain=zoxnews.uk&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://zoxnews.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://zoxnews.uk
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 18 Jan 2024 10:13:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 260660
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

set Show response
id.a-mx.com/
Redirect Chain

https://id.a-mx.com/sync/?tagId=aGJhZ2VuY3kuaXQ&ref=null&u=https://zoxnews.uk/&tl=https://zoxnews.uk/&nf=0&rt=true&v=8.30.0&av=2.0&vg=pbjs_hbagencyicd&us_privacy=null&am=null&gdpr=0&gdpr_consent=un...
https://c3.a-mo.net/b?uid=b83e7bf6-78a0-4355-aea2-62356ff99562&sh=id.a-mx.com&
https://id.a-mx.com/set?oid=b83e7bf6-78a0-4355-aea2-62356ff99562&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&

99 B
607 B

33ms
33ms

Fetch
application/json

131.153.242.59
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/set?oid=b83e7bf6-78a0-4355-aea2-62356ff99562&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&
Protocol: HTTP/1.1
Server: 131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: /
Resource Hash: cd7e3c26993e27f78c900642aef78096854f56f7717111dcab845adcef862f36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: null
date: Thu, 18 Jan 2024 10:13:35 GMT
access-control-allow-credentials: true
content-length: 99
content-type: application/json

Redirect headers

access-control-allow-origin: null
location: https://id.a-mx.com/set?oid=b83e7bf6-78a0-4355-aea2-62356ff99562&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&
date: Thu, 18 Jan 2024 10:13:35 GMT
access-control-allow-credentials: true
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fzoxnews.uk%2F&domain=zoxnews.uk&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=PIpZqHxoNDV2WjlpeXB2VmxOWUlHNWYyNmNRK1E2SmJVdTVYOS9GQVVDQzhacERiTFFKbllvMDFNeXlGQnhLZ3k5V2UzRW04ajNlUDQ4ZUZ3ZHBYSURnYWhHdExtbXR4Mm5jdVNTdzkydTJqN2hMd2haTHlDYlE0MGJhYT...

362 B
1002 B

93ms
28ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PIpZqHxoNDV2WjlpeXB2VmxOWUlHNWYyNmNRK1E2SmJVdTVYOS9GQVVDQzhacERiTFFKbllvMDFNeXlGQnhLZ3k5V2UzRW04ajNlUDQ4ZUZ3ZHBYSURnYWhHdExtbXR4Mm5jdVNTdzkydTJqN2hMd2haTHlDYlE0MGJhYTVjMHBKTytuemxtdWprcFZCU3BoMlBaWFNJTnMwd3hqUzJNOExpbVlVdW5tOWZ0RnJCd2tkZ1JlNHNWSk1XMWZ4Z1NwbVA2K1ZOeHh6enRUS1QzVUdkdnQ1UDV5a3pKT0hqL2NIY2FxTEVPRTFWZ0Y4ckNZPXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d859a9f4932c4635b26eef5b49dd74e0c3f95054dade6b4ddf61c9d248d6ef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zoxnews.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1098563
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://zoxnews.uk
location: https://mug.criteo.com/sid?cpp=PIpZqHxoNDV2WjlpeXB2VmxOWUlHNWYyNmNRK1E2SmJVdTVYOS9GQVVDQzhacERiTFFKbllvMDFNeXlGQnhLZ3k5V2UzRW04ajNlUDQ4ZUZ3ZHBYSURnYWhHdExtbXR4Mm5jdVNTdzkydTJqN2hMd2haTHlDYlE0MGJhYTVjMHBKTytuemxtdWprcFZCU3BoMlBaWFNJTnMwd3hqUzJNOExpbVlVdW5tOWZ0RnJCd2tkZ1JlNHNWSk1XMWZ4Z1NwbVA2K1ZOeHh6enRUS1QzVUdkdnQ1UDV5a3pKT0hqL2NIY2FxTEVPRTFWZ0Y4ckNZPXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 235151
content-length: 0
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
411 B 721ms
103ms Fetch
application/json 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

9206fd9a5f9318e012f59f1718974f7d120b1ba7d1758779c7ca41c486025ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
333 B 735ms
97ms Fetch
text/plain 23.52.165.154

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17052&tfpvi=&gdpr_consent=&gdpr_status=0&gdpr_reason=0&ccpa_consent=&sv=prebid-v1
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.165.154 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:35 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://zoxnews.uk
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 18 Jan 2024 10:13:35 GMT

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 5E34 2 KB
727 B 32ms
30ms Document
text/html 147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: c901876b1cf2a6e6a3631eae321d23ba3b845736c184accc06b75bb715176d32

Request headers

Referer: https://zoxnews.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 634
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 10:13:34 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 1

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E289 4 KB
2 KB 32ms
31ms Document
text/html 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

bb8c3e59dea77c3c1fb5e2d438335cb6645bc96f8e9e4ab076dbf6e5181b2267

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://zoxnews.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1633
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 cframe.js Show response
assets.a-mo.net/js/ Frame 5E34 15 KB
7 KB 152ms
45ms Script
text/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/cframe.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d505557027e0ade57670f0bb639f6da435cf2dced6570ef9320f5b300275596

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
via: 1.1 d08458e6c6362fdf2a38806fcd2364e8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: BOS50-C3
age: 343
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 Jan 2024 19:43:16 GMT
server: cloudflare
etag: W/"6d6e621422848ca9d3a1aff682eb8dc0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 847610f04ec44bc7-BUF
x-amz-cf-id: tE2q0g72XGmwOJ4qKNHNsTIdeRjkvTKPFt-E2TPaklHKdHA9A0JIGw==
expires: Thu, 18 Jan 2024 11:13:35 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=fba965a8-f9cf-4f00-8c77-a8e57b3f7d10&gdpr=0&gdpr_consent=

0
340 B

51ms
22ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=fba965a8-f9cf-4f00-8c77-a8e57b3f7d10&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Thu, 18 Jan 2024 10:13:35 GMT
Server: MT3 1237 600843f master ord ord-pixel-x24 config_version:"410"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=fba965a8-f9cf-4f00-8c77-a8e57b3f7d10&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 18 Jan 2024 10:13:34 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LRJ20NFP-V-9GLI&gdpr=0

0
340 B

31ms
31ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LRJ20NFP-V-9GLI&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LRJ20NFP-V-9GLI&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: fda3adae7c485c39c6dd21b8ccbe87c2
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8102615557943543431

0
340 B

28ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8102615557943543431

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
an-x-request-uuid: 479a105a-af3e-45cc-9726-ba6a83f05a46
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=8102615557943543431
x-proxy-origin: 96.9.249.35; 96.9.249.35; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=83106598ffd14d54bb2f8d13ad3bce6&gdpr_consent=&gdpr=0

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=83106598ffd14d54bb2f8d13ad3bce6&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:35 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=83106598ffd14d54bb2f8d13ad3bce6&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1705572815901026-317

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E289 42 B
928 B 210ms
33ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=6399f72c-ef12-4a58-8b5f-46fae076ed40

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=6399f72c-ef12-4a58-8b5f-46fae076ed40

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:35 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=6399f72c-ef12-4a58-8b5f-46fae076ed40
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU38d53cd509864cfc93c302e1ff5655ae

0
340 B

43ms
42ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU38d53cd509864cfc93c302e1ff5655ae

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU38d53cd509864cfc93c302e1ff5655ae
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E289
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A&google_tc=

170 B
243 B

59ms
40ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjRwP0ejUiQrZIUMtPBbVhRrg-Nuh5GST_A&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=6764301336847328637

0
340 B

28ms
28ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=6764301336847328637

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=6764301336847328637
date: Thu, 18 Jan 2024 10:13:35 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E289
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko

43 B
479 B

189ms
34ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 41WJA8B6DK7QMVS6B9EY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE5NEEzMjctMDc4Qy00OERGLTlCMEYtOTEwNDUzQzYyRjA1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4A94A327-078C-48DF-9B0F-910453C62F05

0
340 B

38ms
23ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4A94A327-078C-48DF-9B0F-910453C62F05

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4A94A327-078C-48DF-9B0F-910453C62F05
date: Thu, 18 Jan 2024 10:13:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC9w1IvS38mSqxQSSXDk4sA&google_cver=1

0
340 B

27ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC9w1IvS38mSqxQSSXDk4sA&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC9w1IvS38mSqxQSSXDk4sA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=JaiI4Y1lNBk6&ev=1&us_privacy=&pid=562985

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=JaiI4Y1lNBk6&ev=1&us_privacy=&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=JaiI4Y1lNBk6&ev=1&us_privacy=&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5b8764964b-x7dwm
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6b0bffb03cb248a&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABvB2RxIHpzgMDBqNRAAAAAAA&expiration=1705659216

0
340 B

31ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABvB2RxIHpzgMDBqNRAAAAAAA&expiration=1705659216

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:36 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABvB2RxIHpzgMDBqNRAAAAAAA&expiration=1705659216
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A

0
340 B

43ms
40ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A
date: Thu, 18 Jan 2024 10:13:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=

0
340 B

26ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=
date: Thu, 18 Jan 2024 10:13:36 GMT
server: Kestrel
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame E289
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288130090477374&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=

0
340 B

29ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1705572811918&gdpr=0

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 18 Jan 2024 10:13:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 445ms
29ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 18 Jan 2024 10:13:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 416896
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 idl.js Show response
assets.a-mo.net/js/ Frame 5E34 3 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=zoxnews.uk&e=27&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
via: 1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: JFK52-P2
age: 320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 02 Nov 2023 21:08:31 GMT
server: cloudflare
etag: W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 847610f2efc84bc7-BUF
x-amz-cf-id: mBgkEkEConb3KmbGjZdbcA9yzUZUSAuY4CHkGbeqmyb-kwFU49iszg==
expires: Thu, 18 Jan 2024 11:13:35 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 348D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx

281 B
554 B

141ms
37ms

Document
text/html

23.46.226.102

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.226.102 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://prebid.a-mo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Jan 2024 10:13:36 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 18 Jan 2024 10:13:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server: AkamaiGHost

GET
H2

204

setuid
prebid.a-mo.net/ Frame 5E34
Redirect Chain

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&gdpr=0&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&gdpr=0&us_privacy=1---
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aba06538-8912-414f-bb4d-c1635efdd266&ssp=adaptmx&gdpr=0&gdpr_consent=
https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10596195875225282096&ssp=adaptmx&gdpr=0&gdpr_consent=
https://ib.mookie1.com/image.sbmx?go=298769&pid=541&xid=10596195875225282096&ssp=adaptmx&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=&ssp=adaptmx
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596195875225282096&ssp=adaptmx&gdpr=&gdpr_consent=
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=

0
113 B

27ms
26ms

Image
text/plain

147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:36 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Location: //prebid.a-mo.net/setuid?bidder=bid_switch&uid=aba06538-8912-414f-bb4d-c1635efdd266&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 18 Jan 2024 10:13:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 5E34
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d
https://ups.analytics.yahoo.com/ups/58570/occ?uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&verify=true
https://prebid.a-mo.net/setuid/yahoo?uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A

0
112 B

46ms
43ms

Image
text/plain

147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A
Protocol: H2
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-mDrfbnZE2uHrNt0yvGi8.6dp3NPsWoUmUlchRwM-~A
date: Thu, 18 Jan 2024 10:13:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

setuid
sync.a-mo.net/ Frame 5E34
Redirect Chain

https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Damx_com%26uid%3D
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=amx_com&uid=b83e7bf6-78a0-4355-aea2-62356ff99562

0
205 B

149ms
27ms

Image
text/plain

147.75.195.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=amx_com&uid=b83e7bf6-78a0-4355-aea2-62356ff99562
Protocol: H2
Server: 147.75.195.55 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=amx_com&uid=b83e7bf6-78a0-4355-aea2-62356ff99562
date: Thu, 18 Jan 2024 10:13:35 GMT
content-length: 0

GET
H2

204

setuid
sync.a-mo.net/ Frame 5E34
Redirect Chain

https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=openx&uid=772edce5-793c-4503-af72-90db62251d01

0
114 B

39ms
31ms

Image
text/plain

147.75.195.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=openx&uid=772edce5-793c-4503-af72-90db62251d01
Protocol: H2
Server: 147.75.195.55 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:36 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=openx&uid=772edce5-793c-4503-af72-90db62251d01
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152

GET
H2 200 cookie
cm.adform.net/ Frame 5E34 43 B
106 B 392ms
125ms Image
image/gif 37.157.5.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dadform%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:36 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

204

setuid
sync.a-mo.net/ Frame 5E34
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo....
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dpubmatic%26uid%3D4A94A327-078C-48DF-9B0...
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=pubmatic&uid=4A94A327-078C-48DF-9B0F-910453C62F05

0
111 B

46ms
45ms

Image
text/plain

147.75.195.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=pubmatic&uid=4A94A327-078C-48DF-9B0F-910453C62F05
Protocol: H2
Server: 147.75.195.55 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=pubmatic&uid=4A94A327-078C-48DF-9B0F-910453C62F05
date: Thu, 18 Jan 2024 10:13:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
sync.a-mo.net/ Frame 5E34
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_p...
https://sync.a-mo.net/setuid?us_privacy=1---&A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=index_rtb&uid=Zaj5z943dsVNKBL1U5Q1NwAA%261273

0
111 B

47ms
44ms

Image
text/plain

147.75.195.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?us_privacy=1---&A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=index_rtb&uid=Zaj5z943dsVNKBL1U5Q1NwAA%261273
Protocol: H2
Server: 147.75.195.55 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VilJjKcVoMD1Wze6HyNhj7pr5vpduDkEviheIy6THhIFI2Bsl7Os7HdChJffQ9zZIHb6%2BTuPN1LSemjLAWJOPTuKXNIUfvK588VoJaDk%2FI6nsBqHiC8N6hSVTzxAcySP1LxshIqS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://sync.a-mo.net/setuid?us_privacy=1---&A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=index_rtb&uid=Zaj5z943dsVNKBL1U5Q1NwAA%261273
cache-control: no-cache
cf-ray: 847610f3bccd36b3-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5E34 0
277 B 114ms
31ms Image
text/plain 63.251.86.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dsovrn%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.49 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 18 Jan 2024 10:13:35 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

204

setuid
sync.a-mo.net/ Frame 5E34
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d%26bidder%3Dappnexus%26uid%3D%24UID
https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=appnexus&uid=8102615557943543431

0
111 B

142ms
27ms

Image
text/plain

147.75.195.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=appnexus&uid=8102615557943543431
Protocol: H2
Server: 147.75.195.55 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
an-x-request-uuid: 2de2fbac-5dc1-421b-ab44-0a085ffa72b2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.a-mo.net/setuid?A=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&bidder=appnexus&uid=8102615557943543431
x-proxy-origin: 96.9.249.35; 96.9.249.35; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ow.pubmatic.com/ Frame 5E34 0
249 B 111ms
26ms Image
text/html 104.36.115.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=amx&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&do=zoxnews.uk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.123 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
content-length: 0
content-type: text/html

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 5E34 43 B
1 KB 36ms
32ms Image
image/gif 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d&do=zoxnews.uk

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:35 GMT
an-x-request-uuid: ecff9c50-b78b-4c6b-b023-c539a38bb247
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK d2b64509-1c4e-4599-b504-51e39729d7af
https://prebid.a-mo.net/ Frame 5E34 171 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prebid.a-mo.net/d2b64509-1c4e-4599-b504-51e39729d7af
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d75353d2470ad39115af24d3122787a51d87ba8a6cbbf6a975202b54e3c24f46

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 171
Content-Type

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58771/ Frame 5E34 316 B
608 B 54ms
40ms XHR
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d

Requested by

Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=zoxnews.uk&e=27&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

5c19d51f81847cdac3b9c16d1c75b167e80416e7137d287e83e835d39778cae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://prebid.a-mo.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 10:13:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://prebid.a-mo.net
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
270 B 475ms
100ms Fetch
application/json 162.19.138.83

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 -, , ASN (),

Reverse DNS

Software

Resource Hash

b9fc3cabdd8781f7cd501018a347e42ee335cd8abc1f37eac82f0cf03bdc5e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 348D 40 KB
11 KB 59ms
51ms Script
text/html 23.46.226.102

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.226.102 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d4daa70ade701e011aea72fe106781fd6d3d192d17c9a5afc703d39fa1d4d78a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 10:13:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2024 01:29:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54987
Connection: keep-alive
Content-Length: 10964
Expires: Fri, 19 Jan 2024 01:30:03 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 348D 7 B
829 B 97ms
31ms XHR
application/json 8.43.72.97

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: b3266a43228eaeab48f59934ee9159da
Expires: 0

POST
H2 200 384.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 351ms
114ms Fetch
application/json 162.19.138.118

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/384.json

Requested by

Host: hbagency.it
URL: https://hbagency.it/cdn/prebid_8.30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

04a8766827f10bca21c6dd8bbca6ae54f51adac5f651bf8488bea35baaef6267

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://zoxnews.uk/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://zoxnews.uk
date: Thu, 18 Jan 2024 10:13:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LRJ20NFP-V-9GLI
https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0&gdpr_consent=undefined

0
112 B

32ms
29ms

Image
text/plain

147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0&gdpr_consent=undefined
Protocol: H2
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 348D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEwt8wPzE0NPNXTkFhEN-Ok&google_cver=1

42 B
919 B

78ms
33ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEwt8wPzE0NPNXTkFhEN-Ok&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEwt8wPzE0NPNXTkFhEN-Ok&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 348D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q8-Ihok_TI66xxhRlOwlyQ&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q8-Ihok_TI66xxhRlOwlyQ&gdpr=0

43 B
479 B

36ms
35ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q8-Ihok_TI66xxhRlOwlyQ&gdpr=0

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AV3PMYJNTJ0R6A0VCJB0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q8-Ihok_TI66xxhRlOwlyQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 348D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRJ20NFP-V-9GLI&gdpr=0

0
516 B

362ms
130ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRJ20NFP-V-9GLI&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4A0C60F637674ACD9472DF449DA059B6 Ref B: EWR311000104045 Ref C: 2024-01-18T10:13:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPNZ3knRjPZQd2FikO2Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRJ20NFP-V-9GLI&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 348D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GUUaOK4vSEKRQvC_lTbqpQ&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GUUaOK4vSEKRQvC_lTbqpQ&gdpr=0

43 B
479 B

112ms
111ms

Image
image/gif

52.94.223.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GUUaOK4vSEKRQvC_lTbqpQ&gdpr=0

Protocol

HTTP/1.1

Server

52.94.223.37 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JSYTAK507N1S0XDMRV53
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GUUaOK4vSEKRQvC_lTbqpQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LRJ20NFP-V-9GLI&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
720 B

105ms
45ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LRJ20NFP-V-9GLI&ex=d-rubiconproject.com&status=ok&gdpr=0

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XPH7SX0A38JAX3HF39BV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LRJ20NFP-V-9GLI&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 348D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=&expires=30

42 B
919 B

49ms
30ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a83f8aca-ae9e-4c88-aba0-fd1578204532&gdpr=0&gdpr_consent=&expires=30
date: Thu, 18 Jan 2024 10:13:36 GMT
server: Kestrel
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 348D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZDhjNDQ1NmJhMzgwYWQ1MGEwYjMyOTdmYWFkZTY4NzliMWQzZQ&gdpr=0

170 B
188 B

44ms
41ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZDhjNDQ1NmJhMzgwYWQ1MGEwYjMyOTdmYWFkZTY4NzliMWQzZQ&gdpr=0

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA0ZDhjNDQ1NmJhMzgwYWQ1MGEwYjMyOTdmYWFkZTY4NzliMWQzZQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 348D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/oomt8nqIFYN_N1UZVqx7Yg?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Tfn3K1E2oJYWNhBiHn8tzB_NKcytqm3nzi9pA--~A

42 B
919 B

43ms
42ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Tfn3K1E2oJYWNhBiHn8tzB_NKcytqm3nzi9pA--~A
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 18 Jan 2024 10:13:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Tfn3K1E2oJYWNhBiHn8tzB_NKcytqm3nzi9pA--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 348D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJKMjBORlAtVi05R0xJ&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEFm6rQcqU7DjwgsxId8aOa0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKMjBORlAtVi05R0xJ&google_push=&gdpr=0

170 B
188 B

41ms
40ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKMjBORlAtVi05R0xJ&google_push=&gdpr=0

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJKMjBORlAtVi05R0xJ&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 348D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUD07LUfQAABQYKNiHVQ&expires=30&gdpr=0

42 B
919 B

31ms
31ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUD07LUfQAABQYKNiHVQ&expires=30&gdpr=0
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEUD07LUfQAABQYKNiHVQ&expires=30&gdpr=0
Date: Thu, 18 Jan 2024 10:13:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0&dnr=1

43 B
663 B

30ms
30ms

Image
image/gif

63.251.86.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.49 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 10:13:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LRJ20NFP-V-9GLI&gdpr=0&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0

0
135 B

28ms
27ms

Image
text/plain

147.75.195.77
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0
Protocol: H2
Server: 147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:36 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LRJ20NFP-V-9GLI&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRJ20NFP-V-9GLI&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI&ckls=true&ci=1VmUCQvbId&nc=false&trid=-702597494

43 B
1 KB

274ms
111ms

Image
image/gif

18.173.219.51

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI&ckls=true&ci=1VmUCQvbId&nc=false&trid=-702597494
Protocol: H2
Server: 18.173.219.51 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:37 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: axYwu_67BF0YpNz-rILEDLllQPyaigS-0zEBwSqjXt12pqPj5UrKfQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 10:13:37 GMT
via: 1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRJ20NFP-V-9GLI&ckls=true&ci=1VmUCQvbId&nc=false&trid=-702597494
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: Q7SGxif6FNyoJNUCYOBNxgVRzYRVWoTXIwkHQaOLi4Md2Fe4OBwUmA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
capi.connatix.com/us/ Frame 348D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

82 B
82 B

61ms
54ms

Image
image/gif

104.18.41.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Protocol: H2
Server: 104.18.41.104 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:13:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 847610fa4953543d-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 18 Jan 2024 10:13:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LRJ20NFP-V-9GLI&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 847610f9d8b4543d-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

cksync
hb.yahoo.net/ Frame 348D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRJ20NFP-V-9GLI&redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRJ20NFP-V-9GLI&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zRDVEa2hwRTJ1RmdyZlpEampveHNicmxSeUVod3BpNX5B&gdpr=0&ovsid=LRJ20NFP-V-9GLI&dpid=58160

57 B
650 B

211ms
91ms

Image
image/gif

23.40.179.71

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zRDVEa2hwRTJ1RmdyZlpEampveHNicmxSeUVod3BpNX5B&gdpr=0&ovsid=LRJ20NFP-V-9GLI&dpid=58160

Protocol

Server

23.40.179.71 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 18 Jan 2024 10:13:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Thu, 18 Jan 2024 10:13:37 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zRDVEa2hwRTJ1RmdyZlpEampveHNicmxSeUVod3BpNX5B&gdpr=0&ovsid=LRJ20NFP-V-9GLI&dpid=58160
date: Thu, 18 Jan 2024 10:13:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 348D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4541a3ab-8be0-48c4-b57d-0acbf48b5eb7&expires=30&gdpr=0

42 B
919 B

35ms
33ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4541a3ab-8be0-48c4-b57d-0acbf48b5eb7&expires=30&gdpr=0
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4541a3ab-8be0-48c4-b57d-0acbf48b5eb7&expires=30&gdpr=0
Date: Thu, 18 Jan 2024 10:13:36 GMT
Connection: keep-alive
X-CI-RTID: 0af6368c-9443-44bd-9572-db85e9eb9014
Content-Length: 155
Content-Type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zoxnews.uk/	1970-01-21 02:31:48	Name: _sharedID Value: 975776ea-956b-4b64-b005-c67c1c29035c
.zoxnews.uk/	1970-01-21 02:31:48	Name: _sharedID_cst Value: kSylLAssaw%3D%3D
.a-mo.net/	1970-01-21 02:31:48	Name: amuid2 Value: 4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d
.prebid.a-mo.net/	1970-01-21 02:31:48	Name: sd_amuid2 Value: 4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d
.prebid.a-mo.net/	1970-01-21 02:31:48	Name: __amc Value: 2_1705572811_1705572813
.onetag-sys.com/	1970-01-21 03:15:59	Name: OTP Value: uwey1iVzmPrOHYCD0W5hqp6DYWFJj3nx595Ltqducko
.mathtag.com/	1970-01-21 03:12:08	Name: uuid Value: fba965a8-f9cf-4f00-8c77-a8e57b3f7d10
pixel.rubiconproject.com/	1970-01-20 19:55:48	Name: receive-cookie-deprecation Value: 1
.admanmedia.com/	1970-01-20 18:06:20	Name: admtr Value: 6399f72c-ef12-4a58-8b5f-46fae076ed40
.admanmedia.com/	1970-01-20 18:06:20	Name: ac_r Value: CS253
.adnxs.com/	1970-01-20 19:55:48	Name: uuid2 Value: 8102615557943543431
.pubmatic.com/	1970-01-20 17:47:39	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-21 03:22:12	Name: IDE Value: AHWqTUkX8TUR1CNeKiM2C7YJphp-6InUML0HJPcEU_NA3yXKSqbcB4GaZoF-78DCQQI
.pubmatic.com/	1970-01-20 19:55:48	Name: SyncRTB3 Value: 1706745600%3A220
.pubmatic.com/	1970-01-21 02:31:48	Name: KADUSERCOOKIE Value: 4A94A327-078C-48DF-9B0F-910453C62F05
.adnxs.com/	1970-01-20 19:55:48	Name: anj Value: dTM7k!M4.FEVNsVF']wIg2C')vA1_S!]tbP6j2F-.o%/6/guKFUasEC<[)hbB/qN)Ac%bhQ9]A_HKq]._BRoCE[!3nT0MXfFt=d'hauHa<QGn8@'s>Tw`<Z9
.adnxs.com/	1970-01-20 19:55:48	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNGM0ZDMxZmUtYjZmZC00MzMxLWJiMWMtZmE5ZDExYjM0YzVkIiwiZXhwaXJlcyI6IjIwMjQtMDQtMTdUMTA6MTM6MzVaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMThUMTA6MTM6MzVaIn0=
.adnxs.com/	1970-01-21 03:22:12	Name: XANDR_PANID Value: Lb2EOmjYd-d4FwTmUcBA0GRmEQipca27TxfNN4gOf9kCg5qh-DK_gM9ceQ93bnx4MAupvIE81XD_pAu_AG7YkBaeGK0OX1SQzAVpGePLVDc.
.contextweb.com/	1970-01-21 02:24:36	Name: V Value: JaiI4Y1lNBk6
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 414fe6f40096f916
.a-mo.net/	1970-01-21 02:31:48	Name: amdt_t Value: h::1705572815907
.smartadserver.com/	1970-01-21 03:16:27	Name: pid Value: 6764301336847328637
.ads.stickyadstv.com/	1970-01-20 18:29:24	Name: UID Value: 83106598ffd14d54bb2f8d13ad3bce6
.yahoo.com/	1970-01-21 02:32:10	Name: A3 Value: d=AQABBM_5qGUCENW3gv-8ldlsvvW19orQG-oFEgEBAQFLqmWyZdxH0iMA_eMAAA&S=AQAAAlnzUBsNzhdRwBbLbmpvWOE
.bidswitch.net/	1970-01-21 02:31:48	Name: c Value: 1705572815
.bidswitch.net/	1970-01-21 02:31:48	Name: tuuid_lu Value: 1705572815
.ow.pubmatic.com/	1970-01-20 19:55:48	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNGM0ZDMxZmUtYjZmZC00MzMxLWJiMWMtZmE5ZDExYjM0YzVkIiwiZXhwaXJlcyI6IjIwMjQtMDItMDFUMTA6MTM6MzUuOTI2Nzg5MzI5WiJ9fX0=
.casalemedia.com/	1970-01-21 02:31:48	Name: CMID Value: Zaj5z943dsVNKBL1U5Q1NwAA
.casalemedia.com/	1970-01-20 19:55:48	Name: CMPS Value: 1273
.casalemedia.com/	1970-01-20 19:55:48	Name: CMPRO Value: 1273
.pubmatic.com/	1970-01-20 17:47:39	Name: pi Value: 159706:3
.pubmatic.com/	1970-01-20 19:55:48	Name: chkChromeAb67Sec Value: 3
.a-mx.com/	1970-01-21 02:31:48	Name: amdt_t Value: po::1705572815944
.a-mx.com/	1970-01-21 02:31:48	Name: amuid2 Value: 4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d
.openx.net/	1970-01-21 02:31:48	Name: i Value: 9d5c6c73-6924-491d-9e28-98268759ec71%7C1705572815
.dotomi.com/	1970-01-20 17:46:12	Name: DotomiTest Value: 6b0bffb03cb248a
.analytics.yahoo.com/	1970-01-21 02:31:48	Name: IDSYNC Value: 196y~2g8y
.adx.opera.com/	1970-01-21 02:31:48	Name: UID Value: OPU38d53cd509864cfc93c302e1ff5655ae
.bidswitch.net/	1970-01-21 02:31:48	Name: tuuid Value: aba06538-8912-414f-bb4d-c1635efdd266
.criteo.com/	1970-01-21 03:07:48	Name: partitioned_bundle Value: AXrp0V9DajVsJTJGSmZoUkhUVkVpJTJCYWZBdmpIJTJGd0tUWXhENzVHU2g3TGkzMWNaTThvcXdmeUhEJTJGWTQlMkJNenNUUGJ5dURwRnBKVm5IYUoyVDhkTG1NN3RmQ3N6bVNkSjFXZHZzTDBPY3d4VkFJSTU2T1paeE1wYUlrN3lnSW14cFliakFKN3JHelFCUmFLa0dXb0ZLQ2x4WnRPbHFnJTNEJTNE
.zoxnews.uk/	1970-01-21 03:07:12	Name: cto_bundle Value: nlFHeV9DajVsJTJGSmZoUkhUVkVpJTJCYWZBdmpIJTJGd0tUWXhENzVHU2g3TGkzMWNaTThvcXdmeUhEJTJGWTQlMkJNenNUUGJ5dURwRnBKVm5IYUoyVDhkTG1NN3RmQ3N6bVNkSjFXZHZzTDBPY3d4VkFJSTU2T1lyM3FoODR3eVNFanEzQVRiRjBLaWY
.zoxnews.uk/	1970-01-21 03:07:12	Name: cto_bidid Value: VqDwpV9qbWtJSjRvdzRJdmhQYUt0cFc3Z3JoWWhtc05YS1NjSE5kV01kRU5FMEIwQTVvJTJGZmwlMkIyR3k0RnVkcnhRNjJYalY5RkphUzhLUmdNODJlOVFZbjYxNFElM0QlM0Q
.sync.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_14 Value: 1
.sync.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_0 Value: 1
.prebid.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_9 Value: 1
.sync.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_2 Value: 1
.sync.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_4 Value: 1
.rubiconproject.com/	1970-01-21 02:31:48	Name: khaos Value: LRJ20NFP-V-9GLI
.rubiconproject.com/	1970-01-21 02:31:48	Name: audit Value: 1\|0dXNx9iuQ5M1OPd50kxnpl4J0+5qMu9gPCB+BMmFxyd+xL8LlrcUaNFPQvtUuGl1LZNgk4UPchxCqQ3+tQhlLHMDvubSxZCGZ+mZHK3G628OfYviG3bLtKMcNyKzNUHRdNagGyTJzJG4QAAJAquNLfwDR7756vKs
pixel-eu.rubiconproject.com/	1970-01-20 19:55:48	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 02:33:15	Name: TDID Value: a83f8aca-ae9e-4c88-aba0-fd1578204532
.sync.a-mo.net/	1970-01-20 17:47:39	Name: _sv3_13 Value: 1
.mookie1.com/	1970-01-21 03:15:00	Name: id Value: 10596195875225282096
.mookie1.com/	1970-01-21 03:15:00	Name: mdata Value: 1\|10596195875225282096\|1705572816126
.mookie1.com/	1970-01-21 03:15:00	Name: ov Value: 06bdb5db5c371c33e36dbe167258d6ad
.adsrvr.org/	1970-01-21 02:33:15	Name: TDCPM Value: CAEYBSABKAIyCwjMg7XTm4bMPBAFOAE.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://zoxnews.uk').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://zoxnews.uk').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=zoxnews.uk&e=27&uid=4c4d31fe-b6fd-4331-bb1c-fa9d11b34c5d(Line 1) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://zoxnews.uk').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://zoxnews.uk').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.stickyadstv.com
adx.adform.net
ap.lijit.com
assets.a-mo.net
at.teads.tv
bh.contextweb.com
c.4dex.io
c3.a-mo.net
capi.connatix.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cmp.inmobi.com
cs.admanmedia.com
d3u598arehftfk.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
gum.criteo.com
hb.yahoo.net
hbagency.it
ib.adnxs.com
ib.mookie1.com
id.a-mx.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
sync.a-mo.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync1.intentiq.com
t.adx.opera.com
token.rubiconproject.com
ups.analytics.yahoo.com
x.bidswitch.net
zoxnews.uk
104.18.36.155
104.18.41.104
104.36.115.123
131.153.242.59
142.251.40.162
147.75.195.55
147.75.195.77
162.19.138.118
162.19.138.83
162.248.18.34
162.248.18.37
18.173.219.51
198.148.27.131
199.38.167.130
209.54.182.161
213.19.162.80
216.200.232.249
216.22.16.69
23.205.2.235
23.40.179.71
23.46.226.102
23.52.165.154
2600:1f18:4e9:5a02:3c33:5926:76d2:8c3e
2600:9000:2073:4800:1b:6b7d:2300:93a1
2600:9000:210b:1200:1b:cadc:ef40:93a1
2600:9000:2514:2000:1f:946:f000:21
2600:9000:266a:b000:1a:5235:f980:93a1
2606:4700:20::681a:9a9
2606:4700:3037::ac43:ca9a
2606:4700:4400::ac40:994e
2606:4700::6811:180e
2606:4700::6813:9e13
2606:ae80:1471:1c::2040
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
2620:100:a001::c
2620:1ec:21::14
3.225.218.10
31.172.80.62
35.190.90.30
35.211.178.172
35.227.252.103
35.241.34.106
37.157.4.29
37.157.5.132
51.222.239.232
52.223.40.198
52.94.223.37
54.145.121.220
54.165.177.33
63.251.28.233
63.251.86.49
64.58.232.176
68.67.160.26
69.169.86.39
74.119.119.139
8.28.7.82
8.43.72.97
8.43.72.98
80.77.87.162
82.145.213.8
01cdea2349867adeaf02677aaaab03f7b1802d6440fab30ef5963b0cb3b405ba
04a8766827f10bca21c6dd8bbca6ae54f51adac5f651bf8488bea35baaef6267
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c
0a4b88443bfce9f3cd01b3c71e1fd070929dc98d6f8c09f70f10727d27656024
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1194e3bf744950c2197b6c9d293dfd7c78fb96c9c8ac0a47ea217cbe52df504b
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e8a1eb1077af2ce2a1e75b0d0ebc4de5063eca00697faad1c88f00cdbf0c367
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe9373c70da8c3deb19bed67ef35e5001cb688217190b344699ce27520dc617
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5605aa52bfeebb8d52feaec247d7aed862816bd1fb0230f9a10a8a939b9c4207
5c19d51f81847cdac3b9c16d1c75b167e80416e7137d287e83e835d39778cae8
5d0c09deac7b949a8e86c9d54fed8baa28d400c761bd737ffc3eccae6c25d129
5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f
604a90464d3bdcee378b28fdff6082fea0bde19f725cb5ba30bd18e557c6140d
61adbdc5d195591f22eccc679d7a4f72f7390f9eb3754b0e1bec1c31b7065b51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79
6cd0cf77c140ccc05407510b66b120025fc47859a07a1204b7ba98aedd79a2f7
701681e456189ce8940a68318d12671905ec131fa1819fe1fdf2c0d7e4f16b67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d505557027e0ade57670f0bb639f6da435cf2dced6570ef9320f5b300275596
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8f957dae566914d97343fae818dcda39865356335d2337cb300b2578ab35d1e3
9206fd9a5f9318e012f59f1718974f7d120b1ba7d1758779c7ca41c486025ec5
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b9fc3cabdd8781f7cd501018a347e42ee335cd8abc1f37eac82f0cf03bdc5e58
bb8c3e59dea77c3c1fb5e2d438335cb6645bc96f8e9e4ab076dbf6e5181b2267
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c901876b1cf2a6e6a3631eae321d23ba3b845736c184accc06b75bb715176d32
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd7e3c26993e27f78c900642aef78096854f56f7717111dcab845adcef862f36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4daa70ade701e011aea72fe106781fd6d3d192d17c9a5afc703d39fa1d4d78a
d75353d2470ad39115af24d3122787a51d87ba8a6cbbf6a975202b54e3c24f46
d859a9f4932c4635b26eef5b49dd74e0c3f95054dade6b4ddf61c9d248d6ef0e
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d99bf228727aac5c58c0c1524b6de17496e2e72234f0469497103ae7297a7f77
e11b8dd6654832fcb48d5e88336e3e56f0dbc83d3b0ebb304ee3f91f2daedba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f253825e10bb970e1e05d3f8b0ee6cf4caee9bc221a184fcda5cc8547a71ddbb

zoxnews.uk Open in urlscan Pro 31.172.80.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

69 %HTTPS

25 %IPv6

44 Domains

63 Subdomains

37 IPs

4 Countries

1021 kBTransfer

1682 kBSize

56 Cookies

0 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zoxnews.uk Open in urlscan Pro
31.172.80.62 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

69 %
HTTPS

25 %
IPv6

44
Domains

63
Subdomains

37
IPs

4
Countries

1021 kB
Transfer

1682 kB
Size

56
Cookies

141 HTTP transactions
0 data transactions