d2sx07l0uocghm.cloudfront.net Open in urlscan Pro
2600:9000:26c1:a00:11:685b:9e80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d2sx07l0uocghm.cloudfront.net/
Submission: On December 13 via api (December 13th 2023, 2:13:28 pm UTC) from US — Scanned from US

Summary HTTP 192 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 63 IPs in 4 countries across 53 domains to perform 192 HTTP transactions. The main IP is 2600:9000:26c1:a00:11:685b:9e80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d2sx07l0uocghm.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d2sx07l0uocghm.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:9000:26c... 2600:9000:26c1:a00:11:685b:9e80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:10:... 2606:4700:10::ac43:15e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.67.67.228 18.67.67.228	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3032::ac43:940c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2600:9000:26c... 2600:9000:26c1:cc00:11:685b:9e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:219... 2600:9000:2191:ac00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
5	23.48.104.43 23.48.104.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.55.205.47 23.55.205.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.10.80 18.160.10.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:b33a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.67.206.143 104.67.206.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:20:... 2606:4700:20::681a:686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	18.165.97.179 18.165.97.179	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	2607:f8b0:400... 2607:f8b0:4004:c07::68	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	23.222.197.151 23.222.197.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.222.5.91 23.222.5.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.14.231.222 52.14.231.222	16509 (AMAZON-02) (AMAZON-02)
1	54.82.106.150 54.82.106.150	14618 (AMAZON-AES) (AMAZON-AES)
1	159.65.235.129 159.65.235.129	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	157.245.86.108 157.245.86.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.199.103.5 34.199.103.5	14618 (AMAZON-AES) (AMAZON-AES)
2 6	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.21.82.241 52.21.82.241	14618 (AMAZON-AES) (AMAZON-AES)
1	54.87.125.83 54.87.125.83	14618 (AMAZON-AES) (AMAZON-AES)
1	35.211.232.87 35.211.232.87	19527 (GOOGLE-2) (GOOGLE-2)
1	2602:803:c002... 2602:803:c002:300::97	26667 (RUBICONPR...) (RUBICONPROJECT)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2600:1f18:288... 2600:1f18:2881:e202:29d8:6e0f:8d18:5887	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
2	23.50.125.215 23.50.125.215	16625 (AKAMAI-AS) (AKAMAI-AS)
10	157.230.190.220 157.230.190.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3 11	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
5 6	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	3.213.9.240 3.213.9.240	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 7	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2600:1f18:4e9... 2600:1f18:4e9:5a05:2bce:771f:29bf:5cba	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.211.233.246 35.211.233.246	15169 (GOOGLE) (GOOGLE)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
14 19	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
2 4	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 2	54.160.91.143 54.160.91.143	14618 (AMAZON-AES) (AMAZON-AES)
1	23.92.190.68 23.92.190.68	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	54.225.45.175 54.225.45.175	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	23.221.214.17 23.221.214.17	() ()
1	147.28.146.89 147.28.146.89	54825 (PACKET) (PACKET)
1 1	44.196.16.148 44.196.16.148	() ()
2 2	34.98.64.218 34.98.64.218	() ()
1 1	63.251.114.136 63.251.114.136	() ()
192	63

1 2600:9000:26c1:a00:11:685b:9e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2sx07l0uocghm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:15e8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gtrack.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.67.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-67-228.iad89.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::ac43:940c (United States)

ASN13335 (CLOUDFLARENET, US)

cont.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:26c1:cc00:11:685b:9e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dev01.avocadoposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2191:ac00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.104.43 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-43.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.205.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-205-47.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-80.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b33a (United States)

ASN13335 (CLOUDFLARENET, US)

sttcdn.comicstadium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.67.206.143 (Marietta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-67-206-143.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:686 (United States)

ASN13335 (CLOUDFLARENET, US)

cflcdn1.avocadoposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.97.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-97-179.iad55.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.197.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.5.91 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-91.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.231.222 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-231-222.us-east-2.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.106.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-106-150.compute-1.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.235.129 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebid.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.86.108 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.103.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-103-5.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.184 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.82.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-82-241.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.125.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-125-83.compute-1.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.232.87 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 87.232.211.35.bc.googleusercontent.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:300::97 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2881:e202:29d8:6e0f:8d18:5887 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

capig.worldtravelling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.230.190.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.223.22.214 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (North Charleston, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.9.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-9-240.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.34 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.62.154 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a05:2bce:771f:29bf:5cba (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.233.246 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 69.173.151.100 (United States) 14 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.91.143 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-91-143.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.92.190.68 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.45.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-45-175.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.214.17 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.16.148 (None, ) 1 redirects

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, ) 2 redirects

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.114.136 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	avocadoposts.com dev01.avocadoposts.com cflcdn1.avocadoposts.com — Cisco Umbrella Rank: 171604	5 MB
22	rubiconproject.com 14 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	29 KB
21	kueezrtb.com static.kueezrtb.com — Cisco Umbrella Rank: 11681 u.kueezrtb.com — Cisco Umbrella Rank: 12839 track.kueezrtb.com — Cisco Umbrella Rank: 10748 gtrack.kueezrtb.com — Cisco Umbrella Rank: 10751 exchange.kueezrtb.com — Cisco Umbrella Rank: 7780 sync.kueezrtb.com — Cisco Umbrella Rank: 7242	101 KB
14	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	192 KB
12	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	6 KB
12	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	81 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	105 KB
7	bidswitch.net 5 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1196 x.bidswitch.net — Cisco Umbrella Rank: 336	3 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610 secure.adnxs.com	22 KB
6	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 3926	47 KB
6	cont.website cont.website — Cisco Umbrella Rank: 119660	161 KB
5	gstatic.com fonts.gstatic.com	110 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	145 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	2 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	36 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	95 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	287 KB
3	cootlogix.com exchange.cootlogix.com Failed prebid.cootlogix.com — Cisco Umbrella Rank: 4850 sync.cootlogix.com — Cisco Umbrella Rank: 2363	1 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	openx.net 2 redirects u.openx.net	764 B
2	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 495	534 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 835 ap.lijit.com	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2269	967 B
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	772 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	822 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	577 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1466 at.teads.tv — Cisco Umbrella Rank: 4890	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	170 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842	40 KB
1	yieldmo.com 1 redirects ads.yieldmo.com	531 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	451 B
1	yahoo.net hb.yahoo.net	649 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 550	427 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 951	686 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370	607 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	tapad.com pixel.tapad.com — Cisco Umbrella Rank: 465 Failed	124 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	worldtravelling.com capig.worldtravelling.com — Cisco Umbrella Rank: 105185	395 B
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3730	463 B
1	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 4927	403 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2147	463 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655	709 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	823 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	392 B
1	t.co t.co — Cisco Umbrella Rank: 589	376 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	comicstadium.com sttcdn.comicstadium.com — Cisco Umbrella Rank: 138851	1016 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	cloudfront.net d2sx07l0uocghm.cloudfront.net log.d2sx07l0uocghm.cloudfront.net Failed	11 KB
192	53

	Domain	Requested by
19	dev01.avocadoposts.com	d2sx07l0uocghm.cloudfront.net
18	cflcdn1.avocadoposts.com	d2sx07l0uocghm.cloudfront.net
12	pixel.rubiconproject.com	8 redirects
11	eb2.3lift.com	3 redirects cont.website eb2.3lift.com
8	sync.kueezrtb.com	cont.website sync.kueezrtb.com
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
7	cm.g.doubleclick.net	4 redirects eb2.3lift.com
6	x.bidswitch.net	5 redirects
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	cmp.inmobi.com	d2sx07l0uocghm.cloudfront.net cmp.inmobi.com
6	cont.website	d2sx07l0uocghm.cloudfront.net cont.website
5	ib.adnxs.com	1 redirects cont.website acdn.adnxs.com eb2.3lift.com
5	fonts.gstatic.com	fonts.googleapis.com
5	analytics.tiktok.com	d2sx07l0uocghm.cloudfront.net analytics.tiktok.com
5	securepubads.g.doubleclick.net	d2sx07l0uocghm.cloudfront.net securepubads.g.doubleclick.net www.googletagservices.com
4	s.amazon-adsystem.com	2 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	gtrack.kueezrtb.com	d2sx07l0uocghm.cloudfront.net
4	track.kueezrtb.com	d2sx07l0uocghm.cloudfront.net
4	cdnjs.cloudflare.com	d2sx07l0uocghm.cloudfront.net cdnjs.cloudflare.com
4	fonts.googleapis.com	d2sx07l0uocghm.cloudfront.net
4	www.googletagmanager.com	d2sx07l0uocghm.cloudfront.net www.googletagmanager.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	www.google.com	d2sx07l0uocghm.cloudfront.net tpc.googlesyndication.com securepubads.g.doubleclick.net
3	id5-sync.com	cont.website cdn.id5-sync.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	c.amazon-adsystem.com	d2sx07l0uocghm.cloudfront.net c.amazon-adsystem.com
3	static.kueezrtb.com	d2sx07l0uocghm.cloudfront.net static.kueezrtb.com
2	u.openx.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.sharethrough.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	a.sportradarserving.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	px.ads.linkedin.com	eb2.3lift.com
2	match.adsrvr.org	2 redirects
2	sync.cootlogix.com	cont.website
2	eus.rubiconproject.com	cont.website eus.rubiconproject.com
2	lb.eu-1-id5-sync.com	cont.website cdn.id5-sync.com
2	connect.facebook.net	d2sx07l0uocghm.cloudfront.net connect.facebook.net
2	stackpath.bootstrapcdn.com	d2sx07l0uocghm.cloudfront.net
1	ap.lijit.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	prebid.a-mo.net
1	hb.yahoo.net
1	ce.lijit.com
1	dis.criteo.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	acdn.adnxs.com	cont.website
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.tapad.com
1	www.facebook.com	d2sx07l0uocghm.cloudfront.net
1	capig.worldtravelling.com	connect.facebook.net
1	fastlane.rubiconproject.com	cont.website
1	grid.bidswitch.net	cont.website
1	hb.minutemedia-prebid.com	cont.website
1	tlx.3lift.com	cont.website
1	exchange.postrelease.com	cont.website
1	exchange.kueezrtb.com	cont.website
1	prebid.cootlogix.com	cont.website
1	hb.yellowblue.io	cont.website
1	hb-api.omnitagjs.com	cont.website
1	analytics.pangle-ads.com	analytics.tiktok.com
1	at.teads.tv	a.teads.tv
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com	d2sx07l0uocghm.cloudfront.net
1	t.co	d2sx07l0uocghm.cloudfront.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	u.kueezrtb.com	static.kueezrtb.com
1	cdn.id5-sync.com	d2sx07l0uocghm.cloudfront.net
1	secure.cdn.fastclick.net	d2sx07l0uocghm.cloudfront.net
1	sttcdn.comicstadium.com	cont.website
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	a.teads.tv	cont.website
1	static.ads-twitter.com	d2sx07l0uocghm.cloudfront.net
1	d2sx07l0uocghm.cloudfront.net
0	exchange.cootlogix.com Failed	cont.website
0	log.d2sx07l0uocghm.cloudfront.net Failed	cont.website
192	82

This site contains links to these domains. Also see Links.

Domain
dev01.avocadoposts.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
kueezrtb.com GTS CA 1P5	`2023-10-18` - `2024-01-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
cont.website GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
avocadoposts.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-21` - `2023-12-20`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
comicstadium.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.cootlogix.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-11-17`	a year	crt.sh
*.kueezrtb.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-09-14`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M02	`2023-04-09` - `2024-05-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
.amazonaws.com .amazonaws.com	`2023-08-15` - `2033-08-12`	10 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://d2sx07l0uocghm.cloudfront.net/
Frame ID: A38C43B36DDA5356193734E8796A795C
Requests: 137 HTTP requests in this frame

Frame: https://16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2745D04B99A4C10CC4CC1B3E5A1B2AD4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1694A698C18664C958CBE4FB565B2E90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A582168829068723A75757C4E1D8384
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkhIWPbelC9nCAJQNXY04e6eeVfw8Jo9e6UNNggAM8Ulz0h60kTXDVwRv0phHlO1IRIwRtDMky0fUThLwz_sCPVsDSGYXK5eh6jOsUG3nhpQESUSHk4mxPTg0qOlvFOVSQlSgm9vKZdOVzwtQypEdjwGGhfYexHNblOJNKzygLOF4x-GS457Si-n_uhNt1qJfsc2f--DRazSCzIFLzJ7rv9_lkdFg9UvjQUXf8PCdSicoKSUdBzuMNQq7lRw_lv93L7ZByZutLGLi0vYuRAQovzJ7H1rJJHS7J4Fu_uH0FCvQMwYS0Iro5J3-YaHRPZXIbM-iW8U7BAffIonIw9VVK344UTdlD9SOEhVIsUdM5osfAFyjmUdl6liZx-oTMf5fw7oHhdwo&sai=AMfl-YRdV-TQQDA4gLEVlAFZ9gTg0wUlE_2HpnedanApXOmkI6cd7tRsWkOu4SfugjmFu6rAzfZdy4oCyCRjutHTHagpj0Ps--Tlhj0AmCBShAP7Kh5iNvksIT7PG_MV4g&sig=Cg0ArKJSzHruQ6ZDBXsZEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 846C43F6C65581E4E56B5F83B8B38060
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 24D75C243ECC49AEEF8D828C9BE4B8D3
Requests: 19 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 60B0DF481D4B86D52A2F3C035243F8D1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E87B6D8F49727CA7EB043F35FF06E661
Requests: 2 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: E24D46AFA4368777573D0AB0CC5967AE
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: DEB702269A7818F1022B2E188A437FF1
Requests: 11 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 3D6C5543CBA56DC6E4D66CEC3101C995
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

avocadoposts – avocadoposts

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

192
Requests

80 %
HTTPS

37 %
IPv6

53
Domains

82
Subdomains

63
IPs

4
Countries

6931 kB
Transfer

10552 kB
Size

75
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://dev01.avocadoposts.com/

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/category/viral-life-hacks/
Title: Viral Life Hacks

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/category/lifestyle/
Title: Home Tips

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/category/entertainment/
Title: Kitchen Hacks

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/category/viral-stories/
Title: DIY

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/category/a-place-for-moms/
Title: Moms Share

Search URL Search Domain Scan URL

URL: https://twitter.com/Avocadoposts1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/avocadoposts2021/

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/lipstick-as-a-multi-functional-makeup-marvel/
Title: Lipstick as a Multi-Functional Makeup Marvel Amy J. Viral Life Hacks

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/beat-the-chill-ingenious-winter-hack-for-cozy-living/
Title: Beat the Chill: Ingenious Winter Hack for Cozy Living Ran A

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/innovative-plant-care-hacks-for-green-thumbs/
Title: Innovative Plant Care Hacks for Green Thumbs Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/the-power-of-the-humble-paper-clip/
Title: The Power of the Humble Paper Clip Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/knitting-101-a-beginners-guide-to-mastering-the-basics/
Title: Knitting 101: A Beginner’s Guide to Mastering the Basics Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/slide-through-winter-woes-a-handy-car-hack/
Title: Slide Through Winter Woes: A Handy Car Hack Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/unleash-your-inner-artist-with-diy-tie-dye/
Title: Unleash Your Inner Artist with DIY Tie-Dye Amy J. Whether you're looking to revamp your wardrobe or find an engaging weekend project, DIY ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/the-magic-of-coffee-grounds-in-deodorizing-shoes/
Title: The Magic of Coffee Grounds in Deodorizing Shoes Amy J. After a long day of being on the go, it's not uncommon for shoes to develop a distinct, ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/the-ultimate-hack-for-keeping-avocados-fresh-longer/
Title: The Ultimate Hack for Keeping Avocados Fresh Longer Amy J. Avocados are a beloved kitchen staple, perfect for everything from salads to sandwiches. ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/transform-your-space-with-a-diy-floating-shelf/
Title: Transform Your Space with a DIY Floating Shelf Amy J. In the era of minimalism and decluttering, optimizing your living space without ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/the-magic-of-white-vinegar-a-must-have-for-your-home/
Title: The Magic of White Vinegar: A Must-Have for Your Home Amy J. White vinegar isn't just a kitchen staple; it's a household hero with a multitude of ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/regrowing-vegetables-a-sustainable-trend-in-the-kitchen/
Title: Regrowing Vegetables: The Sustainable Trend Took Over the Kitchen Amy J. In an age where sustainability and eco-consciousness are increasingly important, a simple ...

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/terms-of-service/
Title: Terms Of Service

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/dmca/
Title: DMCA

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/ccpa/
Title: CCPA

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/the-ultimate-guide-to-a-flawless-diy-manicure/
Title: The Ultimate Guide to a Flawless DIY Manicure Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/crafting-an-expert-like-bouquet-simpler-than-you-think/
Title: Crafting an Expert-Like Bouquet: Simpler Than You Think Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/tips-for-organizing-your-childs-school-year/
Title: Tips for Organizing Your Child’s School Year Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/effective-strategies-for-mold-prevention-in-your-home/
Title: Effective Strategies for Mold Prevention in Your Home Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/tips-for-renters-looking-for-apartments/
Title: Best Tips For Renters Looking For Apartments Amy J.

Search URL Search Domain Scan URL

URL: https://dev01.avocadoposts.com/breathe-easy-your-summer-guide-to-beating-hay-fever/
Title: Breathe Easy: Summer Hacks to Beating Hay Fever Amy J.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://id5-sync.com/i/1351/8.gif?id5id=ID5*dSN20nuJ_CwJxazSazx4ZQ1DGPBFwDeR-8gYfgdKHDZ0ubO_euOGwzI0av9I2c74dLpc3dfm6hriWnAiy5h5fQ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1351/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F2%2F7%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1351/2/7/2.gif?puid=5181760045341968329&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1351/441/6/3.gif?puid=u_3af42f76-a23a-4c8d-b43f-ae18a810784f&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&ttl=%%TTL%% HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/1351/434/4/5.gif?puid=eee9b6fc-07d6-402e-9f82-19a049039bf8&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=5181760045341968329&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=5181760045341968329&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
https://id5-sync.com/c/1351/1246/3/6.gif?puid=H0IVaRZHk0GTZjJFRBax-zHl&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b4d9bJ7uxx7Svjl8K2qOGlQKG1LXJXrs3wqVEF0O3Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1351%2F124%2F2%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b4d9bJ7uxx7Svjl8K2qOGlQKG1LXJXrs3wqVEF0O3Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1351%2F124%2F2%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/1351/124/2/7.gif?puid=19bfe9c7-02b0-4c21-90af-c490f02bdf93&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1351/203/1/8.gif?puid=b0c5e08e-17b2-4049-a655-46606782b441&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Request Chain 153

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Request Chain 155

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&us_privacy=1--- HTTP 302
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=cd861ec5-299b-4157-ad96-226d9127fe05 HTTP 302
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=76f8e99f-7e7d-4e0e-8b7d-b0c0dd65e4df&ssp=themediagrid&bsw_param=cd861ec5-299b-4157-ad96-226d9127fe05

Request Chain 157

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%5BUID%5D HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=eee9b6fc-07d6-402e-9f82-19a049039bf8

Request Chain 159

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 160

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK4Fsl_JpCNZ6AW-3VlgmoU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 162

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D

Request Chain 164

https://pr-bh.ybp.yahoo.com/sync/triplelift/1413103878880075417021?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OK2MpzZE2oTPyGhI8XkPwsiz_WEO97kf0qt3QZZdcw--~A&dongle=0883

Request Chain 165

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1413103878880075417021&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eaabc97b-c1a3-4bb8-9a0b-5a32c62afbac&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=cd861ec5-299b-4157-ad96-226d9127fe05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 166

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=b0c5e08e-17b2-4049-a655-46606782b441&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 167

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=5181760045341968329&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 170

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/nB4o-5lhhzvaa26D3Hykpg?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RTFA18BE2oIvM.IED2EAyZkF6Evd5MkLQo48eQ--~A

Request Chain 171

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AA22BLMoRuuz7tmkvIjfzA&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AA22BLMoRuuz7tmkvIjfzA&gdpr=0

Request Chain 172

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 173

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU5MjFhM2Y3NGMzYzk4YzliYzMwZTk0NjlhMjVjMWRkMDRkYmVmMQ&gdpr=0&us_privacy=1---

Request Chain 174

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&gdpr=0&gdpr_consent=&expires=30

Request Chain 175

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4Y2fUFWxTq-7bS3XBwBVDA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4Y2fUFWxTq-7bS3XBwBVDA&gdpr=0

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIGxqXBfTEp2eP7fuSsrz9M&google_cver=1

Request Chain 177

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LQ3UQA4A-6-JF4X&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Request Chain 178

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEzVVFBNEEtNi1KRjRY&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESENZmWR4LegrD5P_OenyuO58&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEzVVFBNEEtNi1KRjRY&google_push=&gdpr=0

Request Chain 179

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACzSU7K83gAABNWPrBQDQ&expires=30&gdpr=0

Request Chain 180

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 181

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 182

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 183

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ3UQA4A-6-JF4X&redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ3UQA4A-6-JF4X&gdpr=0&redir=true&us_privacy=1--- HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12XzlnX3NoRTJ1R1lqOXI0bWNvOWlsSDBNc0Zocl92Q35B&gdpr=0&ovsid=LQ3UQA4A-6-JF4X&us_privacy=1---&dpid=58160

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 185

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Request Chain 186

https://match.sharethrough.com/universal/v1?supply_id=SzhEXqCN&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=84706356-5dae-4950-b02f-60828096552d&gdpr=0

Request Chain 187

https://ads.yieldmo.com/pbsync?is=kueez&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-yieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%24UID HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=3zZLWmpjjLpnqOmcKzF2&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 188

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-grid1%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr_consent=&us_privacy=1---&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=cd861ec5-299b-4157-ad96-226d9127fe05&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 189

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-xandr%26userId%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---&gdpr=0&gdpr_consent= HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=5181760045341968329&gdpr=0&gdpr_consent=&us_privacy=1---&gdpr=0&gdpr_consent=

Request Chain 190

https://u.openx.net/w/1.0/cm?id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%7BOPENX_ID%7D HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=1---&userId=c8f7011d-34a5-49cd-9d07-001024172d49

Request Chain 191

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%24UID HTTP 307
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=1---&userId=H0IVaRZHk0GTZjJFRBax-zHl

192 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d2sx07l0uocghm.cloudfront.net/ 51 KB
11 KB 204ms
66ms Document
text/html 2600:9000:26c1:a00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:a00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c539c2a7013af46795a85a1f97da41c6b4df0536bd366a6ff978c7fa29664d9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85674
content-encoding: gzip
content-type: text/html
date: Tue, 12 Dec 2023 14:25:25 GMT
etag: W/"26982460c5785df8bf4eb12b3d3e61b3"
last-modified: Mon, 11 Dec 2023 09:49:09 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6129f7f4feb0c02da809b6ee7e340b18.cloudfront.net (CloudFront)
x-amz-cf-id: ZFifsHLUtF3wavlGC3899N7ym3UIJtcxsOWhh8usx6AaNkWncS1Nbg==
x-amz-cf-pop: IAD61-P1
x-cache: Hit from cloudfront

GET
H2 200 latest.js Show response
static.kueezrtb.com/ 439 B
759 B 109ms
42ms Script
application/javascript 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/latest.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 57E1F1V7XKNJMC7W
age: 1303331
x-amz-id-2: 8KSf77tDTZ3RsJddsMxCe4XI2tDZH1MElmv/KKk8usYbTuUBHOd8GQ82gK13miwVCmrS6l4aJMk=
last-modified: Sun, 08 Oct 2023 15:41:30 GMT
server: cloudflare
etag: W/"f89c5fc5dc377ecc028df3e7a69bce1d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cache-control: max-age=31536000
cf-ray: 834ece94b8d17416-MIA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 187ms
62ms Script
application/javascript 18.67.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-67-228.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:59:27 GMT
content-encoding: gzip
via: 1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront), 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD89-P1
age: 832
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: bBeg_xsMARNyFE1t5WzrW3hlzrJqgm_X23p0qPZgN8soG3CBRg0nqA==

GET
H2 200 prebid.js Show response
cont.website/shared/js/ 497 KB
145 KB 128ms
58ms Script
application/javascript 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/js/prebid.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047513b5bce891d38c689082da877dc63e9fcddc824f39559f05bc66ad1ec39e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6639
cf-polished: origSize=509815
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 12:00:09 GMT
server: cloudflare
etag: W/"656727c9-7c777"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9erM5abwIbCQ%2BvpBEo9tYVq0scBMsiAgiiZKM6TXKX35auxLv1dfAaBmyp%2Ftae9osu3Z3aUZOfK7MyrKTdkRozpY2p6tS7i2SQ%2FaqVKX5ThINPV9KjAy2I2jbParuDGYXRhkidJP0Ys8Do%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 834ece94b83b25b8-MIA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 209ms
89ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ed0a0c9d5799dc647d9bb72061ae1d907d7291cba31de205e3352fd209aa303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29087
x-xss-protection: 0
server: cafe
etag: 123 / 19704 / m202312060101 / config-hash: 6228613185157617876
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 184ms
64ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-172772405-1

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98ee68dcf40cc845c86c14dc1dc0779fae2adba4ec5c72cbb0796fa3408df918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 244ms
125ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11145937726

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f231b35132c504d81c100a026b3bf499aa8c962d9319cd95d46110f18d18847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76237
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 185ms
66ms Font
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i&display=swap

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36526291bbfbcb97b25359110b3c2845c24172e729da131f0efb6a70291d8e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 13:29:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 187ms
68ms Font
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese&display=swap

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 12:32:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 98ms
35ms Font
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1222876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C6cQ%2FRz92GEVic1Kht2nXOyY2Gnu8XEYCV1%2F8eCdbWRd2NaAOs4HJ855RIv4bAqIUjuAFRiSt86D23XHSGazY8IzKqdebysna9MbMwWuaSsYiLbxBHFGUPnpo4VLm%2BIKAN6AYvjM6tY2tDILpX%2Fx0FA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ece94bbdf25b9-MIA
expires: Mon, 02 Dec 2024 14:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 185ms
66ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i&display=swap

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36526291bbfbcb97b25359110b3c2845c24172e729da131f0efb6a70291d8e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 14:11:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 184ms
65ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese&display=swap

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 14:11:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 102ms
39ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1222876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7%2F%2BcKVSwEm5fOHOJVJwPf82vmze6%2FiWXq4v0APIKKXkCpeu2LwuIpLdHHJVkXCn2S9v7epinKAgK3DEoXsl01e3UCNR5ahlJ3QBw%2FHQXzvF38oKLii93eI%2Bq2TA2kDjaR34eeqb5HnUtMhAsmM5TbM4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ece94bbdd25b9-MIA
expires: Mon, 02 Dec 2024 14:13:18 GMT

GET
H2 200 current-device.min.js Show response
dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/ 6 KB
2 KB 411ms
234ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/current-device.min.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4e7befdc4a47ae49a000917d13906bbd3657378f5d9d4c7a637cbdbe9a3de5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"bdb1893fac6fc36a4f587b0887eb2ab8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: mbFnwWXL-IRSmGlRRakiSKArwn4RZ4ubbFlM6YDvNfdPajMdtqU0Bg==

GET
H2 200 utils.js Show response
dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/ 3 KB
2 KB 491ms
315ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/utils.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 131e38326752be4e60fc8a32e883d2b5cfbcd20480fd3ad2c1962021d11bd9ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:23:59 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"ba68a78d1a7d109db6bc42b612e6a3bf"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: UZbT_MGSG_r8US5i63Gx3n_vLIVXIY-OubkpYUhgBjj3NxpViYt0Ig==

GET
H2 200 inf3.js Show response
cont.website/shared/ap/units/ 11 KB
1 KB 110ms
42ms Script
application/javascript 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/ap/units/inf3.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8cebbe7864ec628edb742f1661bb19900fc3d2dd3c8726755d26342af58f498

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4655
cf-polished: origSize=15122
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 11:57:17 GMT
server: cloudflare
etag: W/"6567271d-3b12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7V4aPwTQZdawnYE0suraYjdBM%2F6yt1X%2FOAs0R9bMdbUiOJdEgBfGJuPHxAGDpQ8l7ecOGR0f4WmppcTPXQ06kUr%2B%2B8kuYWxratnI1wArwYujkdLohbOJGf4pXG78TvwIYBjiNFEInx8xirE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 834ece94b83725b8-MIA

GET
H2 200 iiq.js Show response
dev01.avocadoposts.com/others/ 55 KB
13 KB 471ms
295ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/others/iiq.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71b391fe7d515c22eb76b1e57a79f1fb1db4963b2a753b741500a5e62fc4221d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"451019ca583f7a5da91fa7a1aff52d08"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: FnaVODnlH3FtPj0SJ0vOtyifNb_9Obt4dG_BVhEWKZPQ1aFd63yDMw==

GET
H2 200 app_iq.js Show response
cont.website/shared/js/ 35 KB
11 KB 116ms
48ms Script
application/javascript 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/js/app_iq.js?cookieless=true
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa845ef45c0d895fad4650192918fe39cdbe164d257d48548938c1c7bd2dfe60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4006
cf-polished: origSize=49887
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 11:57:17 GMT
server: cloudflare
etag: W/"6567271d-c2df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OyO9qDrMOFzbtkLoNKgooEO6EmoWUuYzfH513TX2iT%2Fgufli2H8X1hBLtxjP2zbaGNRxQP1wBFTrbRGlKktwtVRrkAHshRH4LdUsFzGgRjF9uiO3iQqmdNDHebmgBNvJe2%2FIis1iIphf3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 834ece94b83925b8-MIA

GET
H2 200 style.min.css
dev01.avocadoposts.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 414ms
238ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:36:41 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"71d925864153f0edf91037f3d31048e8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: HZCcV30L3q_x9FQXihPFji--fNk7OMzup9D3tUuQ4czjoxm-BUl_Og==

GET
H2 200 classic-themes.min.css
dev01.avocadoposts.com/wp-includes/css/ 217 B
518 B 433ms
257ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:36:41 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: "95e891f28e44a9b314c09545d86be2b7"
x-cache: Miss from cloudfront
content-type: text/css
content-length: 217
x-amz-cf-id: l1jqr3R1fFIyCcBQ8YYH316Cxy2W-1djs5YRumVFLzJH2ZxhwUes-A==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 104ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css?ver=4.3.1

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 2773251
cdn-cachedat: 09/17/2022 19:17:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8501e2a277b14348f0ca3ec390ab29fc
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 834ece94bd0367e4-MIA
cdn-requestpullsuccess: True

GET
H2 200 global.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 6 KB
2 KB 433ms
258ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/global.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9986b00250a74a0f42e7f49754012a5555b85f95b9938131ef68b7587dc775f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:21:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"ea48634d3db77ce197935d7611bfc490"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: Rh7CFyZCp6udCZN1DbVT5KBlqQ9NR3Dn8-ZiM2ZWOQFOPoc0hSISMw==

GET
H2 200 header.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 1 KB
901 B 449ms
274ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/header.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2a969106acb1cda4e7a7e2639c9aacff706b363491115aedd674f64b647257b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:21:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"7c1bf6a06deed1f31f410579ac025a0f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: z_iztsefQDKuhnXaFL5MDUg5Z6KNwuaYvWTMlEDMqtY9PvK-RV-Vxw==

GET
H2 200 footer.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 3 KB
1 KB 437ms
263ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/footer.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36939913e84226334e47de3b7d3da5a2425bfd34f2b1145de8d69b5846308d46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:21:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"028a5e783a91f7b78994cc7c92bab721"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: rUiYfBtLlsqistUdIIOsJUhINmxH-RQSzVbbFMpCtqdwNPBw8dTKyQ==

GET
H2 200 homepage.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 4 KB
1 KB 444ms
270ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/homepage.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b8c27886a37e49b6992abe9d3ec91dc31e4ccc62c28ac007522862a5084921

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:21:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"4040f191230a81df83e858b4aeca5afd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: G5IPP5zii0BuSGzPDOPsdidrMzVRDG-OtBD89xDNLJR8x0PZOLEfiQ==

GET
H2 200 aside.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 1 KB
657 B 373ms
199ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/aside.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 264f0d876a5af0d787607f502c97e1c3b234b57e88eaf59d262a26543e5f4aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:21:24 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"09e21ffd457f671875cb59b23e987d52"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: mO0WkNxrD0pAj2MqZFtxRsT-4GthP1y9ZTyMksTzzLoLBsGxqPObxw==

GET
H2 200 direct.css
dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/ 3 KB
1 KB 393ms
219ms Stylesheet
text/css 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/styles/direct.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74659aaeb9d9d62f07b4ff0a04587531bba24a85d951dad505546c4dbefc386b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:36:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"dbcf7976d3a461a13b2e03c0f8526491"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: 0jVDN0S7z6GQ8xbqtuq4M_pEsNHEzZEctuHQuxzKhhof_-OORMymHQ==

GET
H2 200 style1.css
cont.website/shared/css/ 2 KB
1 KB 106ms
40ms Stylesheet
text/css 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/css/style1.css
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 487e0ee33ae531d230b8da02fc3321efcd374bd02b79a9e3ee9ac046db1cbd54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5194
cf-polished: origSize=3083
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 11:57:17 GMT
server: cloudflare
etag: W/"6567271d-c0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aI5IWyMhvCea6RS%2FBgUM39bhSU5JgSzohw5hFUtidFbeVsHpG90%2FJ5idh4Y0lpcy3pCtusTfwgJSuVOHWyckqaKEDAcPNwB8Vczy4VuAsMzO%2F1Joo8rDXiY0fontu57jbQSxcjrRi8sP8W0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 834ece94b83625b8-MIA

GET
H2 200 modernizr.js Show response
dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/ 12 KB
5 KB 458ms
285ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/modernizr.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c28c332632d3b08443b90f6e39a2795db0b26cbd3053110d5df690f8b825c8f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"013aa4276cbf08c63f2d96dbd0a89e87"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: HkSv3fBEnANNi_5PUGNvmvp-ls7fmUT_W-aEyd_-f8abuTul8WKxew==

GET
H2 200 jquery.min.js Show response
dev01.avocadoposts.com/wp-includes/js/jquery/ 88 KB
30 KB 501ms
328ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:47:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"17738318d61d394f1de8890d589afaec"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: l14rZwYNrFfYZr0g1ABjNpNg8hUbiC25hjhiFJ7t8k6o410Pl0_NEQ==

GET
H2 200 jquery-migrate.min.js Show response
dev01.avocadoposts.com/wp-includes/js/jquery/ 11 KB
4 KB 487ms
314ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:47:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"79b4956b7ec478ec10244b5e2d33ac7d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: Ij_JNz6_y1LVCbuZ15CEJlj4m0NWP_0xEVvAd6ZGcNJrz4Apx0wK5Q==

GET
H2 200 additional.js Show response
dev01.avocadoposts.com/others/ 363 B
674 B 489ms
316ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/others/additional.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9160e2ce7cda07749b7cc66ac588c6c1b6b15a24f6e3d78dbf88c10ae4270ce9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: "09ec4cf271c135b99fa875adbe132903"
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 363
x-amz-cf-id: i5wivmJbPdPAkZjtDEKLphuOplJ8bKv5YRfaBVBLg9NIKN40RrB6ZQ==

GET
H2 200 logo-nav.png
dev01.avocadoposts.com/wp-content/themes/WT-Theme/images/ 8 KB
8 KB 284ms
282ms Image
image/png 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/images/logo-nav.png
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 616b4146dcb634286ecbe85e29fbca86b84e21303846a25e6c0e89c816bb1ba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:22:38 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: "35905df403ce9ab3e7fae192541f8bb8"
x-cache: Miss from cloudfront
content-type: image/png
content-length: 7865
x-amz-cf-id: 2gSrlCyoKVFdpxvAC7IqxWWxLkV8WPES3FaapMcLygdjyvHTA3n9sw==

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 92ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js?ver=1.14.7

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1125655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnO5v1lO4WkcHZnXwjeIUUgYhGR13%2BZnijWpMMPdaJG6U9PxBITR9ZQzlW1KHWieZSlQMsFiV%2F1E0k0UnrMF%2FGY1rVrUvnB%2BFnxNVr6V3AbeTxxJp%2FzPOJKwaX3a%2Boy1dBrgKZmYxx3SXGV%2B7LCNLaz%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ece94bbe225b9-MIA
expires: Mon, 02 Dec 2024 14:13:18 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 37ms
37ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js?ver=4.3.1

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 2690603
cdn-cachedat: 01/01/2023 03:35:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 12363c0dc47b99b2d41cc857f423abf6
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 834ece94fd6e67e4-MIA
cdn-requestpullsuccess: True

GET
H2 200 main.js Show response
dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/ 78 B
388 B 270ms
269ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/scripts/main.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc5bec18687a47f3769e3dc92b21dbe8f6aa80886b47d09b9d4cbd75bcb5b33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: "4fbafd8b3a4e36c0d5ff84cad972c2c9"
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: -bEmZHyRKB_o8xRJi1TuaAk1IDhuaxhvo3U_loCNPvNbqA9OcKNHdg==

GET
H2 200 latest.js Show response
static.kueezrtb.com/ 439 B
754 B 187ms
127ms Script
application/javascript 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/latest.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 08 Oct 2023 15:41:30 GMT
server: cloudflare
x-amz-request-id: GWYGZF5ZQ2PEB5J7
etag: W/"f89c5fc5dc377ecc028df3e7a69bce1d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cache-control: max-age=31536000
cf-ray: 834ece94dc7fda6b-MIA
x-amz-id-2: gcxBNEhOWV37Eh9MHzyBMoaISqDjZyVOwFXR9/0xa8lQkgnHCRSPQWpG30zR6fUs9cXDoJ/fbfc=

GET
H2 200 latest.js Show response
static.kueezrtb.com/js/ 204 KB
87 KB 41ms
40ms Script
application/javascript 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/js/latest.js?_=1702476798324
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9abdc15a542e768089fb710b4a62a7afe41b6a7b025429c8fc5fc0f8d5010d57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 14:28:50 GMT
server: cloudflare
x-amz-request-id: 4GGHC4VKZ0BYS2NV
age: 1044499
etag: W/"fa7e5da19fcb32d8c6f7e5d0361837f0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cf-ray: 834ece980e6c7416-MIA
x-amz-id-2: q33ABCMHpT+jAhRvrg36oO8bd7rYFyKcN6FYHY94XYUDM3w1tDsSimeBlglO3oxZnuSY4XCWLWg=

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/N77y9xgFmbm_A/avocadoposts.com/ 3 KB
2 KB 189ms
55ms Script
application/javascript 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/N77y9xgFmbm_A/avocadoposts.com/choice.js?tag_version=V3
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d7eb40854013f0d3294033bb3dab4e6190721699e33e9271eeaa4e938a2b77e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:12:47 GMT
content-encoding: gzip
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 19:58:22 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C1
age: 31
x-amz-server-side-encryption: AES256
etag: W/"13b9fb33a78175f830fec99c2b68f577"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SasnTjPQHN5dSTSA7a1i-4AFtN5q4kDo4NAuWg8dA4k9seiwG_Z3vA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 187ms
81ms XHR
application/javascript 18.67.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-67-228.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: J8ynZ7-j-P9itP2uaYHxlGyrcN11wJH9gpc9qY1WlcVRTp9Ni9DX3g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 59ms
54ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 316
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 12 Dec 2024 14:08:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
87 KB 67ms
63ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMBPYK833K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172772405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd811189abacdcd608a87b3f578599d1a8f2129aefea5a33efbabc0e1f825550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 95ms
91ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11145937726&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172772405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1051b4d5f202c8f90196d540a7d92a071968ad3ee7aab5dc9c0aab3df7521ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76274
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 14:13:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 221ms
108ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 14:13:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ac2psxSK8bGuUyMiPsyZ8L7Ft3ngDyUqYz8StobyVT6srPpSKcCpMsoG+ZKD0nNYDgQAVpaoyGAVBmG+v3cmaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 222ms
106ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200039-IAD

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 253ms
102ms Script
application/javascript 23.48.104.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHMSI3JC77UBJAEB5LB0&lib=ttq
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fc5f8ba73efd86260d3cb602b05630acf4141265fc07f23aa4541960072bd8b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 18650e7f
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231213141319D1522FCADCFDDF95B3AB-4E98F7956F378FF9-00
x-cache: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=7
content-length: 1335
pragma: no-cache
server: nginx
x-tt-logid: 20231213141319D1522FCADCFDDF95B3AB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.43
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd198110e6b3b6b7f33910d409c6b692cf4023d2f0912e733bf9ea195052937e60619d8e3bbc35dcb386134e0030d3f5b06ad2150e04faccd0d86917630b45818de6f155b76819391cc2e968fd7cf927b36e
expires: Wed, 13 Dec 2023 14:13:19 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 284ms
52ms Script
text/javascript 23.55.205.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cont.website
URL: https://cont.website/shared/js/app_iq.js?cookieless=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-205-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: 9VKTNVPFV7W344D7
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: 0wZeppYlnjKqRsx9T5yGA2OLeKEc6MNURztf3PB6sv7LZYZ3Lwx+FCSv336V4tvRlVCXNNzTImk=

GET
H2 200 55b646f2-4152-4307-b4ea-a32e9d3d5be2 Show response
config.aps.amazon-adsystem.com/configs/ 746 B
1016 B 502ms
401ms Script
application/javascript 18.160.10.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/55b646f2-4152-4307-b4ea-a32e9d3d5be2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-80.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1d3e107cb6c3358c61b571249a74f46b48d1d93b274dced809b8c62d20d08644

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 746
x-amz-cf-id: SEGLcU2tVHR1TgtgDtCqpTb0SKnlXmyN7WKNC9OjEB58ZRFybHzo0g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 792 B
1 KB 59ms
59ms XHR
application/json 18.67.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net&pubid=55b646f2-4152-4307-b4ea-a32e9d3d5be2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.67.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-67-228.iad89.r.cloudfront.net
Software: Server /
Resource Hash: 4a8b484fca8f10f7576888d534a77e7faeb0b345fb31e6857815d2fb21b241e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 792
x-amz-cf-id: bo_bv2HAlkg6Ns7K6b_rX7cczaYQz4dmXEOdxdTxAySYjJDxMge37g==

GET
H2 200 / Show response
sttcdn.comicstadium.com/ 613 B
1016 B 105ms
39ms Fetch
text/html 2606:4700:3037::ac43:b33a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sttcdn.comicstadium.com/
Requested by: Host: cont.website
URL: https://cont.website/shared/js/app_iq.js?cookieless=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b33a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40f894d6fdd262dfa4dc8353b357feba7801a210e334bdb69a4086d0ed315e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 e1c42f7e378e3bdce50f3034fd2550f4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P5
age: 22194
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 May 2023 21:09:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz6AIQZRq6sWjbwlFWD0HuLnq8XypAISWfDo6nGc7LKiUnJzc18zoaA6EOfpohoatGB%2F4zjJQt6CGlkYueTGU2LJrUvWDM7bJPSH3R7C70zHYfdUAoXkKCKZ30fr1f1FSpkmhyHkcmQHyFoGgkpVWQGETPtQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: X-User-Country
x-user-country: US
cf-ray: 834ece987cd9287a-MIA
x-amz-cf-id: OysSwgbo7rAAW58gB39KO9Rmkn1FCcWsFxGc19gF8znS5mfI_Q3NvA==

POST /
log.d2sx07l0uocghm.cloudfront.net/ 0
0

GET
H2 200 ads.js Show response
cont.website/shared/prebid/ad/ad-placement/ 24 B
557 B 96ms
37ms Fetch
application/javascript 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/prebid/ad/ad-placement/ads.js
Requested by: Host: cont.website
URL: https://cont.website/shared/js/app_iq.js?cookieless=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c5bed9af36cefd588c1640cf942b9ded86836525e0e11163cfdbee6bab59d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6579
cf-polished: origSize=25
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 11:57:17 GMT
server: cloudflare
etag: W/"6567271d-19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75tve85H09dU0AvtF3QGbw6WdqnWs5QCRypjAyotJwFXV1PsAuOTeNK3AiMbp7JRG7M1%2FI4v%2BeaXZ4Ayp6T4upeXT2GMP7InR7iaf0vqmem1ctP6qcovcR%2B1UeB3MEeOVk1hSB0hJGSWgRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 834ece987a33db15-MIA

GET
H2 200 iiq.js Show response
dev01.avocadoposts.com/others/ 55 KB
13 KB 65ms
65ms Script
application/javascript 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev01.avocadoposts.com/others/iiq.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71b391fe7d515c22eb76b1e57a79f1fb1db4963b2a753b741500a5e62fc4221d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: W/"451019ca583f7a5da91fa7a1aff52d08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lfK-_rX-am3nnmvdt8_XVp97W9RLcbX11AvnVNy9o9C3rsemdfRgJA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 218ms
107ms Script
application/javascript 104.67.206.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.67.206.143 Marietta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-67-206-143.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 13 Dec 2023 14:28:19 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 139ms
49ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: KYRN300FYTM38510
age: 3028
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 834ece999a6b1283-MIA
x-amz-id-2: Dwvmx1Ab9D0IcwsEmfsUcerxSFgLYD7vDu3hyMqDT5o3e78Wcsua9RGnv94/n57l9RiQpQPb6kKbW11X5u9s1A==

GET
H2 200 fpd Show response
u.kueezrtb.com/ 400 B
543 B 71ms
68ms XHR
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u.kueezrtb.com/fpd?_=1702476798859&yv=21f0b14&h=d2sx07l0uocghm.cloudfront.net
Requested by: Host: static.kueezrtb.com
URL: https://static.kueezrtb.com/js/latest.js?_=1702476798324
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 420a5c6d75dc17a70b71148b9e81fd4fdc65dd026feac37b48c42fe46a3c4549

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
access-control-allow-credentials: true
cf-ray: 834ece98f80f7416-MIA
content-length: 316

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 67ms
62ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:init&_=1702476798858
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9918267416-MIA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 106ms
101ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:init&_=1702476798858
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9918297416-MIA

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 64ms
64ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:fpdr&_=1702476798859
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9978ec7416-MIA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 151ms
151ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:fpdr&_=1702476798859
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9978ef7416-MIA

GET
H2 200 abdetection.min.js Show response
cont.website/shared/js/ 5 KB
2 KB 39ms
37ms Script
application/javascript 2606:4700:3032::ac43:940c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cont.website/shared/js/abdetection.min.js
Requested by: Host: cont.website
URL: https://cont.website/shared/js/app_iq.js?cookieless=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:940c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ea4bb7c852bf87b6d93619623afcf107530ee8fdca83c07546991cb1a2d757

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 11:57:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1549
etag: W/"6567271d-12da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxPznmUojTpSbANiHk0lKoETNSjuw0s8sFdAPpOP9QVuaAzYZVATCiUPU%2FZYN6I7VFiU6LsZ6jNPYOksl16%2FY88cT8EvH51OfDKy%2BQVaPQ0s8xcX7S%2FSMUlPBL3gbbGzBseIe8fQEZyUYaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 834ece990f5225b8-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-nav.png
dev01.avocadoposts.com/wp-content/themes/WT-Theme/images/ 8 KB
8 KB 61ms
60ms Image
image/png 2600:9000:26c1:cc00:11:685b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev01.avocadoposts.com/wp-content/themes/WT-Theme/images/logo-nav.png
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:cc00:11:685b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 616b4146dcb634286ecbe85e29fbca86b84e21303846a25e6c0e89c816bb1ba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 6946167499a4b8f515865d62f0b0b284.cloudfront.net (CloudFront)
last-modified: Sun, 10 Dec 2023 16:22:38 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
etag: "35905df403ce9ab3e7fae192541f8bb8"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 7865
x-amz-cf-id: WN1vz1iBpJvlTKno8uhPKdYWTu0P7dtpiGTB8dFGyqBl4YUWbJNHOQ==

GET
H2 200 2-55-5.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/12/ 196 KB
196 KB 113ms
43ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/12/2-55-5.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71fd982e959aee42826d49240536c72ae019e1a2dc38e53db372e69b2fb84aac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 4d1732a7b984aa24841bb8f19fa21950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 5826
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 12:12:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLkXZZyi0RuYSDwyTtls98aKqEAOthTpcQ1gAhaCcNJSbcfOVgp1f4Bb8Blat5x0WMcR99Xm9ymJdyPhVaui5pDjcD2bfrpRErNdWXZzllnEgPQoLmYfjAKutgZVsQlXCBlE8dxu3pabg7GebZmOQxvbrXDLRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5e67bd-MIA
x-amz-cf-id: 36MCeQHUQ5j90J0ltRy18pKSMwFAEpINHMuh6tXX-RIYAx-dmaH6sQ==

GET
H2 200 1-20-6.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/ 283 KB
283 KB 201ms
131ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/1-20-6.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00eec85ca0e6d07829dbdd832abff70c27f09b038560e410f21dc965490e951b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 f27d77f5cb464d2f833e73d78c3c2ccc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 2974
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 13:12:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wbM8AhpPH3pJiuiON2Ekh7ckJQhhNsZxH7vGH%2Fb8lh7hzHuKWOGUapmk3%2B5naa5A0cEWEjv6WhaWgypWP1KxUI0sNACVNMjfdfDDMnIAIxJRiTRjJOIRlgz8%2B8lMvO%2FlfAQwce6CQvD1nWHO673aWndV%2Fjo6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5f67bd-MIA
x-amz-cf-id: p0o1YZ2Y5Dn7btEjNq3JQWU9WIKdj9RUav6ekMHtYUrAV9sB5dO-zA==

GET
H2 200 p1-2023-11-15T162027.373.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/ 261 KB
262 KB 200ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/p1-2023-11-15T162027.373.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179562f9c1df605f39de74775dbec37dc7f0e55220d47164b2ff014291bdaea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 f27d77f5cb464d2f833e73d78c3c2ccc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 1502
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Nov 2023 15:15:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGCA2ozJdR84b%2FJ%2BPwHsWurm7TCROZVPu4kcOe8B%2FSKQiVJhNKSXOsPe%2FhPCxauS29wmyjLsk0sDog0gCM6M37JX6dlc5JliJbSfEIsv18M2a3Uczg8P2gcohEJVN9FFwMqrqxcDK%2FJMY6M1SkiixSLw2ckALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae4e67bd-MIA
x-amz-cf-id: yUeqCStdNZAV8LlVy1iraBqfna5hvGZ_Ib5prVyCO15IRYS6ggPEcA==

GET
H2 200 2-2023-11-03T004548.695-17.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/ 506 KB
507 KB 199ms
129ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/2-2023-11-03T004548.695-17.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5bef25e833d895a8cadd7487d593c8b2658b2515bb472dfe6483b185582b879

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 ef7f0ce5a2e592b15a2956dcdb5832f0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 2974
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 14:49:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3wYrc8hamG68RKogRBRzZTTta1zekB%2FJm0ySJd24c60%2BieWi8dujFHcB4qVFH0N8PDDdjYxIVWLq9oatRyaH6ydUh19ktLWoW4qMVlzbEcQ4mi%2F3UzwxcgFkYXqGlVaOeIsd1IunbLAmCZ%2BzRrlWO%2FHzJNyxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5067bd-MIA
x-amz-cf-id: 9C2o7FIdxZ45ALoA5OmxWtAX0AJM6ijcr4gTQdxmAWN6xWB8Y-mOUg==

GET
H2 200 2-2023-10-24T222824.592-11.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/ 478 KB
478 KB 201ms
131ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/11/2-2023-10-24T222824.592-11.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b1e9ffc8ad1e5ca3582fbb15dfaecb0a9e029f26313e8f6ff1adbbb7347833

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 ca36547e4c089cf7a033b5970c38e816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 5827
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 16:13:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOyIdL2KR0UryvvKCZIdO7EGowu%2FSPg0pFpcshgwy3w97yVOGZMhJujpmRzfmIqZ%2BptzQYpQVKkkZyZA0WoJb%2ByfGgKOW%2FnnJHdnVPI7fVoirvBKdOvTHrMme40ytJR6oCV1Sq%2FlsPGbmxxeRZcBESyUPxbvbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5b67bd-MIA
x-amz-cf-id: CInUEBvHUMQw_TF2gWTyhZDyVBiy_-rRqkJdmXAFMqizkogr8Xn2RA==

GET
H2 200 3-56.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/ 198 KB
198 KB 200ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/3-56.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2154cde60af5e05154b8f610d056971cd084de9353b45e82b12f4a3123f047

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 8088bed6e8830a4b93ece0fd29c26828.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3140
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:55:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsAYH7UK7zipJ%2BU0wHxM5R6NNv25avtlAkv6Yvl2gZt5hvwwZPfAXLfllRiLk3jehg8YmTF0X1cu2sQycqqP%2FKSOtZ0l2XYyakgQOC8EEbtVTjSgVp%2BBzxAfVVY3dEUCDeg%2BXguuH4zDsL8xZuBm9YGkhX%2Btkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5567bd-MIA
x-amz-cf-id: Av17a9Iajtv65fNeY1Rf8rPizUTZsFU0BhPUXjFmktKOX6b_C07EIQ==

GET
H2 200 p2-3-16.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/ 489 KB
490 KB 199ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/p2-3-16.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f179e3b77e2b2110718aeb36d20da1a87d2461a3e62b9d20a48f64d6477cf49d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
via: 1.1 ca36547e4c089cf7a033b5970c38e816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3282
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:57:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF8TOc94ZHbRN0Y3pmicprUxvrkjvsbWzmYvDfRCgZ3K9GFOh9teIGbI0rSiscYuzDciWPOEAutllAc%2FCkQGHZ5IqZ3xr2LKYrSn5atakyPyO0v3e3QLf3VscWQ3LauF8NU0GiiW9JR8g91MTCiq3E1kXBbJhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae5d67bd-MIA
x-amz-cf-id: TyR57j-Ez71H9IeoYPCauXgiVrHzUgRu_V8K3rblg8N5H3bHBESMRw==

GET
H2 200 3-2023-08-13T212010.577-3.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/ 221 KB
222 KB 131ms
128ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/3-2023-08-13T212010.577-3.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934cde0e1ed74d28e9fca8e96382a930d4293a3e5d45298393df35a8547a9784

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 0c72e8c84db7dda399af214342d1e968.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3140
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:55:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTayh3uxEDCCJauWX3Jbdy81V4vx8LbSWFohjUnNY0NZQYA7Wwlh%2FgV426cc%2FcHRHyequn1WzedxvGVFynrxI9Sk4qS3t%2B6kpk0Su1WjhNKh%2FjhPjgjjP5hjmydSV8YBN8X4%2F1MoatD7wRAN2acDlTDBBJ%2BLKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ae6167bd-MIA
x-amz-cf-id: FN9LZnAcMPDbhK4Msidk6n0FEee3vbyHF88loyk_uQUxQDD0w5ZKSA==

GET
H2 200 p2-39.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/ 313 KB
313 KB 133ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/10/p2-39.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb5411c1c9e2f24042e2aca3e25c80906775115f65b11f70aa49414321f7144

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 cbe4325ad36a5e433aca98cb0212142c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:57:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BB%2BfCia2GeFefCiZYzRqhT4e5QgiPYcY9ycxnbZn9mFi1QU2vDteniq5wDNu%2FsK5k9GXGTVi5e6z8z0OLAzjUDdeAsqNzmPlg%2BNa4r5M5ojefEKcQkUkIVnYlni51bx99HX0z1lPe7z8SIlxpgng%2Bdsdbnx6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9667bd-MIA
x-amz-cf-id: VqmBeSFL8mSjCwq2nSsuqAks9NutIVs2szyHKRrQ5XLJUWoxiyeMQw==

GET
H2 200 p1-7.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/ 135 KB
136 KB 132ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/p1-7.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00c34effe9cc4102167fa037cc52ea13f99f8b396d8eff6983b47479dfe6ed5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 96ef33fafb355df015bb2b6c144dad20.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:55:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ30tq0szNmUsf7u3olXugP%2FrTRW%2FoF0I34VzaDjCb5BnW%2FGBTq%2BIUerbx0SzaesM7lkpEtW1CrkLR%2B%2BmtaZNO5n1mHeyCNWrX3%2BXfrJeSEt7NOX2fxVRYgliDzEdGh3NauYyEJTWMLOKiL9UAb%2Fkb2%2FxEiFxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9867bd-MIA
x-amz-cf-id: zpABXX0SRvLJ1QR1KPC0sOJv-E12fhAQS8Hb_M_clHv3krtfGc5Okw==

GET
H2 200 3-50-39.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/ 166 KB
167 KB 133ms
130ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/3-50-39.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72e9fea2341d71bf28fce036f47eba710f10fe67cbf78879399ab9acb0329827

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 ca36547e4c089cf7a033b5970c38e816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQlVCOXSUjI9ngrjLL7tMTF5VU4CX7TUa5U8ewCxIge6ZCm5PvIYUC5UUsj3wmVwkfCqvpJm83DN5ddW2YmiyjnJcn4miTbDUy0LxzZCQXVtcHsKHDpkdwjRShZ6Z%2FFBvBkOGfWxLGi5QsGqd9FbLGlE%2FdDW5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9967bd-MIA
x-amz-cf-id: NHV0RPT595WC2swYOdpHR5RgoVjHIEhhsNmdJbJJQqcqw3bJjlbEBg==

GET
H2 200 2-2023-08-02T162105.085-68.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/ 294 KB
295 KB 133ms
131ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/2-2023-08-02T162105.085-68.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2ecf77df70d48d0691742492d12edeb88bd4350fd0bff52a98972bb2dcdb85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 15167ef85a9fc2764e4d5ca36adfffde.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 1009
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2%2FApyJHT3D8jtvPGYmLw9q4VSzND47Zizknkj5nSr9r7I6QLfuVbOLFUeY2ZPiBrTigrWZESVGJxTtv7YC4NUz8%2B%2FM5ZgXBtpxESJ1SEguDSS80gpSrDBeck8Nko5%2Fjl4x4xq%2B5UtBM2%2Bcrd7wn6gsIMIlb5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9a67bd-MIA
x-amz-cf-id: _CHewLLPZ7UpsVrUgf7wFSxkTBP5mAlIEPvyDB6HWDEesrsVaAVnnQ==

GET
H2 200 3-2023-08-24T000945.006-41.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/ 257 KB
257 KB 134ms
132ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/09/3-2023-08-24T000945.006-41.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d59495d0a19e2d2299a5a8b8a8ea2578dd2998ac1c0240ed863945b6eb3c44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 15167ef85a9fc2764e4d5ca36adfffde.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU3D4wFCwbq2QQDqujHQkxuJki4h4zJS3UHtfkP9IUWabhZAB0l0zDDvVgZOZKV%2Fc5S90n%2FfstUdfg6aATgdttMn%2FSIR6pVriRy0PTERSYqw3dx7BVguBG31fVDBF6QLABntV8KIiUXejvv31Rx303ZF0hB45Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9b67bd-MIA
x-amz-cf-id: t1yaBdZyEq8wEKm4swkzUG3ZcxaE0rapJNYVdRMaVfRne8Nu2CxmdA==

GET
H2 200 BeFunky-collage-7.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/ 339 KB
340 KB 134ms
132ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/BeFunky-collage-7.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b18386a7104ba7ae236635558372cea83d1f5b942abf6a04a9c3c45ee49fb3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 a3d81350f207075a8a67e8d7ae50f6de.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGkLTzi%2FB6UWfHKmJ1TKJN6c4gHsd1lodzBbcQ3lWNvHsxO7MEdRdYyfi1qoyZxq1QMdcU94mRJoj%2BJrLlWGoQNBzVDlIgwGvsIWpZP76HjciTfDH4APWYN%2B5M7OqONLRC07QBMNoEuYHhfOMEV1MbKoNlkaqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9c67bd-MIA
x-amz-cf-id: uYBfhcr-QYwwR-5yIC42DUNLH502hIsrwX5e98h5S11S96oeRoQMgA==

GET
H2 200 2-2023-08-13T215642.855-16.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/ 217 KB
211 KB 133ms
131ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/2-2023-08-13T215642.855-16.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 496af91206cfb87abe1ca17b477d3271afc9d27febaf24fa6dc3c36e90cc5777

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 15167ef85a9fc2764e4d5ca36adfffde.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 1009
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQUc3QsCDRKQSttt3c6OZC7vfdDRinrAj6oZsx6v%2FvGI1DR2vgtvxnglY8dFECg0UxAjM2rA%2B1jEG6DsuTEUbiZ9ZY4ki9PUz1iZ3vtXsqWAC%2FBDLDjooZqMXTGLcMGzJseLAEsHoF0oCK%2F5SX8%2BYeAYH%2BHNGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99ce9e67bd-MIA
x-amz-cf-id: dzNA4b8dBj_um4XI13-zVUKesqGNjWIUDeAu7ODNfgvyvF3Mb3HlWA==

GET
H2 200 3-2023-08-07T001321.620-2023-08-17T171152.841.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/ 241 KB
242 KB 133ms
131ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/3-2023-08-07T001321.620-2023-08-17T171152.841.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8da3b7862220785a8d7dec3d2facc0e3ddddcace7d817ee45bba5d699ea577

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 5ae109f86d7ae6f6423c92c14b951cf6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWhCDcyl4y3SR3%2BaITXWH1QirNb0guLvyd7Sc%2BNQcVIPNbM4pj4rHAATZg%2B%2FBvfcvfVRUtnM0%2Fiaw%2FbyRxijKAP7LPeIwm2rm8a4fVwjMuTVy3PmczjcxcFYhEV6jl7z9wUBonVKfYlmavcwgLKWzNjVKe0lCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99cea067bd-MIA
x-amz-cf-id: V03U8hUYbAgCQNWXUHRqyOG1bCY5AFlmbYwFFevFoxMflqeiLyfFGw==

GET
H2 200 p3-2023-08-10T112718.321.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/ 170 KB
171 KB 134ms
132ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/p3-2023-08-10T112718.321.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c157f9055d5957f5da641a8f2966d53a3e758f232c280b4bf86c9b46f5f1272b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 873ea86a53e828bcd9ffd511bda586c8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
age: 3283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqhgTGpnO%2BjY4INH9zA6xwZSk7yrXg1OGxY0SGznasDySIK02pKdEKpl%2BuZsPl8clRfR16Q5%2B7p8NNqFt3Bm1If9UxTpXUOcKYLHPWv70j5II%2F5TTyaJzqAEoq%2FtDzRuPJjkceSOpsIg8EsVBQSgF5N41ACWkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99cea167bd-MIA
x-amz-cf-id: IWZvq8S8bUTHCtMsrlZl6yy-wxEaj2tylCEPMjpsXfMRCCXnDXWSUg==

GET
H2 200 3-2023-07-28T024624.090-76.jpg
cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/ 295 KB
296 KB 134ms
133ms Image
text/html 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cflcdn1.avocadoposts.com/wp-content/uploads/2023/08/3-2023-07-28T024624.090-76.jpg
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d25922379728b588b07b8037516f9b9b31cb4af4efc5172ababb4929d2b45a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 e763a229a66d7c303966816658a2f986.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-P8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 11:54:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTFW1AsHJ8G%2Bd3l%2FsCeD78AfgmzK2PcKZaT1QPRDn%2Fp5gbCrmyOQUbac5BKIM5U6sef6iUbo0lp7S%2BcCUfJ3YkstjeHbyt%2FU6i%2FojglGsHvxsTReymzWulZNc4cXIoUuvr8r%2FE%2Bio8BRy1qY0NuCr8jLebN3pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=31536000
cf-ray: 834ece99cea267bd-MIA
x-amz-cf-id: BJNUTOUIb9YH96jSrY3WY9evrTCtOhm71JjDpqThTYnKDR3pzL1ZyQ==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 346ms
234ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:07:43 GMT
x-content-type-options: nosniff
age: 3936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 13:07:43 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 65ms
34ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1125655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3VBlO7nybP%2BjdQxYRHBHQAyG8xn4VcfTbZowArJBifKtsv8xHB7K8mk0wjPf9nWOEvsJ8wm5U9ZjbQfgtEQd4HN%2BNY2FqbIXOX9AOmbLQU%2B4o9X2FnrUw5jwewBDbESdTJMtEinUbPy969fsmc7x20u"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ece994f546dc2-MIA
expires: Mon, 02 Dec 2024 14:13:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 326ms
215ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 12:05:51 GMT
x-content-type-options: nosniff
age: 7648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 12:05:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 210ms
99ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:54:38 GMT
x-content-type-options: nosniff
age: 19121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 08:54:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 209ms
98ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:46:26 GMT
x-content-type-options: nosniff
age: 8813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 11:46:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 308ms
197ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2sx07l0uocghm.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 12:20:58 GMT
x-content-type-options: nosniff
age: 6741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 12:20:58 GMT

GET
H2 204 dye
track.kueezrtb.com/ 0
54 B 112ms
112ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:fpdrd&_=1702476798933
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece99b9677416-MIA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 173ms
173ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:fpdrd&_=1702476798933
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9a3a7d7416-MIA

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 63ms
63ms Script
text/javascript 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=avocadoposts.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/N77y9xgFmbm_A/avocadoposts.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:24:31 GMT
content-encoding: gzip
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
age: 2928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"7636a5d5c097ff5973731fa30bece2ba"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: BYHzFexB1PY_N0rqyOvsLJ1TQjP1Kf-QWXXysxFdST0oJ-y18fti2w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 215ms
55ms Script
text/javascript 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172772405-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 12:21:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6723
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Dec 2023 14:21:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11145937726/ 2 KB
2 KB 183ms
69ms Script
text/javascript 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11145937726/?random=1702476798466&cv=11&fst=1702476798466&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9111437303&gcd=11l1l1l1l1&dma=0&tcfd=1000g&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&hn=www.googleadservices.com&frm=0&us_privacy=error&auid=1315032748.1702476799&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11145937726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5b83d6a4689fc5fefd0c883a83d82d9052e69d3f5e39666c428ac90123f0280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1230
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
181 B 182ms
108ms Ping
text/plain 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WMBPYK833K&gtm=45je3bt0v881750545&_p=1702476798326&gcd=11l1l1l1l1&dma=0&tcfd=1000g&cid=87838880.1702476799&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702476798&sct=1&seg=0&dl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&dt=avocadoposts%20%E2%80%93%20avocadoposts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1151
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMBPYK833K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 136 B
431 B 448ms
146ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

910373329dfc23d328182c30d4a9885d5b372f029f62d4f57ec25b82f396ff6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
473 B 240ms
70ms XHR
text/javascript 18.165.97.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&pid=TMbXMLREzWFEZ&cb=0&ws=1600x1200&v=23.1211.1645&t=2500&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F21617817323%2Fap-desktop-is1_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21617817323%2Fap-desktop-is1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=55b646f2-4152-4307-b4ea-a32e9d3d5be2&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.97.179 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-97-179.iad55.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5a0e8b615e213d3d5cc20b095e088b16.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P4
x-amz-rid: W2Y066236C6WXWEZKZHY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: zFqDS56i4abOgvCbMjgJY3Yh7x8T6v_ABFPECzwbGGWlo6aRP3XEZw==

GET
H2 200 geoip Show response
cmp.inmobi.com/ 46 B
329 B 166ms
57ms XHR
application/json 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=avocadoposts.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 965fc2dbbf709019c656248e3f818c143b4211b6eb94bd249d778972b7f82145

Request headers

Accept: application/json, text/plain, */*
Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-C1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 46
x-amz-cf-id: JsqTyfsfwMRhRG27KOr_l1YyxxSMmiMPjq8tq7NlO1xkSlCztAinyg==

GET
H2 200 adsct
t.co/i/ 43 B
376 B 187ms
49ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a331b065-4a5d-4b1a-98f0-e544912731b5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c855453f-7c32-40c5-9626-fa81b2602a78&tw_document_href=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7mvk&type=javascript&version=2.3.29

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: dd0567c105d531cb
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d23f8da4967ff1658eea1546cb0f047bf371500e193c4d3f26964255ef4166ff
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 185ms
47ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a331b065-4a5d-4b1a-98f0-e544912731b5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c855453f-7c32-40c5-9626-fa81b2602a78&tw_document_href=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7mvk&type=javascript&version=2.3.29

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 13 Dec 2023 14:13:18 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 32ddc78ca0d1d028
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: cc5487802bc9aab16aaa565e4ae87fc21bc1334cd45dcd1e127d05b881368aa5
content-length: 43

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 55ms
54ms Script
application/javascript 23.48.104.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHMSI3JC77UBJAEB5LB0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 186517e4
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090732118C6D70C02C17C7F2DAF1
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0101701fda43ecfd91e6c82b9a58ddbd288c95adf7d0c05d6e1e3a007e30d6c4b64fde9b44c54fac5982d33c738b1945d94bdca1ceabc586512df6459369b947939d599554a5f8bf4ed52f3b3487afdf2880b8553be306a06b76e00c587ce76b67
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 108254

GET
H2 200 geoip Show response
cmp.inmobi.com/ 46 B
329 B 98ms
57ms XHR
application/json 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=avocadoposts.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 965fc2dbbf709019c656248e3f818c143b4211b6eb94bd249d778972b7f82145

Request headers

Accept: application/json, text/plain, */*
Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-C1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 46
x-amz-cf-id: 1JXzmMPb62kufVcKDY5yX4wHoSnrCN8zrbk2xN9wTCyVFUEAmSHGeA==

GET
H2 200 2016908341805183 Show response
connect.facebook.net/signals/config/ 370 KB
116 KB 860ms
858ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2016908341805183?v=2.9.138&r=stable&domain=d2sx07l0uocghm.cloudfront.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cbd1c79f9b7638d0cfb01f8183e33b3524c95d29286fd7bc6d784cf443691dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 14:13:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Bdb9JxaV3MaPHzZU6X5KJMvcsv7yZhhTwk6nIbFLSm+B+zEDZsaXBe2eN4nD9lVbVI4taTuacZe3/5u5JItf0A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 63ms
62ms XHR
text/plain 2607:f8b0:4004:c1b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=985291870&t=pageview&_s=1&dl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=avocadoposts%20%E2%80%93%20avocadoposts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=675810652&gjid=818414148&cid=87838880.1702476799&tid=UA-172772405-1&_gid=918730814.1702476799&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&tcfd=1000g&jsscut=1&z=147305418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11145937726/ 42 B
455 B 178ms
66ms Image
image/gif 2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11145937726/?random=1702476798466&cv=11&fst=1702476000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9111437303&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNcDtLKnvWug244vyzR1yRiaDtn4_Pbw&random=3089048615&rmt_tld=0&ipr=y

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geoip Show response
cmp.inmobi.com/ 46 B
328 B 60ms
59ms XHR
application/json 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=avocadoposts.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 965fc2dbbf709019c656248e3f818c143b4211b6eb94bd249d778972b7f82145

Request headers

Accept: application/json, text/plain, */*
Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-C1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 46
x-amz-cf-id: EKCi0fHGp0Qr89437cSR0HdFoLagHomQAuyIZh3QM7vEIZ46wt2IfQ==

GET
H2 200 geoip Show response
cmp.inmobi.com/ 46 B
328 B 59ms
59ms XHR
application/json 2600:9000:2191:ac00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=avocadoposts.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:ac00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 965fc2dbbf709019c656248e3f818c143b4211b6eb94bd249d778972b7f82145

Request headers

Accept: application/json, text/plain, */*
Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-C1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 46
x-amz-cf-id: 7apD3I76G9xU6oXtYyksRKIWKsjLJbJibUWJ9rd6MGa70PXSLwlN7A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
356 B 178ms
64ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-172772405-1&cid=87838880.1702476799&jid=675810652&gjid=818414148&_gid=918730814.1702476799&_u=YADAAUAAAAAAACAAI~&z=1097078451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 13 Dec 2023 14:13:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 56 B
409 B 215ms
56ms Fetch
text/plain 23.222.197.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17050&tfpvi=&gdpr_status=0&gdpr_reason=0&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-197-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40f62b2180cccbc14eed1833c408ccb0fef9185cd330d7837560eab7ae9fc7be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 14:13:19 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://d2sx07l0uocghm.cloudfront.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 56
Expires: Wed, 13 Dec 2023 14:13:19 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 54ms
53ms Script
application/javascript 23.48.104.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 18652268
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090732025EA288FD6E557FE1AF12
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014cc1ec493d37136d0a436f0616768bba79854e9860fe069729a1cb6c7647c7743da71a39c06d4414e4605d01319a8eef5510440770bd8c7b417c919c9ba2bd814786d52104b8e7182915a6b3195d40c48267c00a255bc70d32ee630671d4dde4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 36108

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
823 B 217ms
59ms Ping
text/plain 23.222.5.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.5.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-5-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 313c2ae4
date: Wed, 13 Dec 2023 14:13:19 GMT
x-bytefaas-request-id: 20231213141319FB93CA432FA29B961F24
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231213141319FB93CA432FA29B961F24-46E77682417CE6FD-00
x-cache: TCP_MISS from a23-209-100-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231213141319FB93CA432FA29B961F24
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.44
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19ef52e17abc566be02cab4766bcd7ed7640116e954d047792ca5b9562b0e9b1ccf56f9d6332a4f3e17ea970268597c6f243f1d048c8405417f91f4632d5318080bab85438c1f998fffc5167c7cb0e6c7e
x-origin-response-time: 8,23.209.100.91
access-control-allow-headers: *
expires: Wed, 13 Dec 2023 14:13:19 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 97ms
96ms Ping
text/plain 23.48.104.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1865251d
date: Wed, 13 Dec 2023 14:13:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121314131988FB0C8E28DDB6934BC4-7081FEDA93618AEC-00
x-cache: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=5, origin; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121314131988FB0C8E28DDB6934BC4
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.48.100.43
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd198110e6b3b6b7f33910d409c6b692cf40bdd27404c15d4aec5cd5476fbedb384cf815d9b8e57504cae274157fcf1a8e3e3536f8ef96e3b898e5b9d57a57ec2f0fc0b07b90c7d660a7a89d34ea1428f700
access-control-allow-headers: Authorization,*
expires: Wed, 13 Dec 2023 14:13:19 GMT

POST 65196d96edc5181f4fe8a4ba
exchange.cootlogix.com/prebid/multi/ 0
0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 179 B
709 B 315ms
147ms XHR
application/json 52.14.231.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&PageUrl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&PageReferrer=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.231.222 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-231-222.us-east-2.compute.amazonaws.com

Software

Resource Hash

c833adf74daed91aafbdf407581cf1debfe90751bd5fd40d4c0876ba4fcb5388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 87
content-length: 179
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
463 B 183ms
74ms XHR
application/json 54.82.106.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.82.106.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-106-150.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: a68332a055e1b21248de17a88a38d1ae6fa0e3ae300e43c869d8c60554ab4696

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 5f42621c79b5890017a7c966 Show response
prebid.cootlogix.com/prebid/multi/ 0
301 B 266ms
140ms XHR
text/plain 159.65.235.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/5f42621c79b5890017a7c966
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.65.235.129 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:19 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

POST
H2 204 63c9562541df0f228d919180 Show response
exchange.kueezrtb.com/prebid/multi/ 0
1 KB 539ms
401ms XHR
text/plain 157.245.86.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/63c9562541df0f228d919180
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.86.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:20 GMT
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
403 B 173ms
56ms XHR
application/json 34.199.103.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_gdpr_consent=undefined&ntv_ptd=1210530&ntv_pas=eyIxMjEwNTMwIjpbWzcyOCw5MF1dLCJsZW5ndGgiOjF9&ntv_pb_rid=119ed61ae3708f1&ntv_ppc=W3siYWRVbml0Q29kZSI6Ii8yMTYxNzgxNzMyMy9hcC1kZXNrdG9wLWlzMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF1dfX19XQ==&ntv_dbr=eyIvMjE2MTc4MTczMjMvYXAtZGVza3RvcC1pczEiOjB9&ntv_url=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.103.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-103-5.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
712 B 227ms
101ms XHR
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

edacbbec4252362c62c2313df992725e1dbc2d9687eabfff7f30ae9c4b0c36fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
an-x-request-uuid: c649b485-67a9-42fd-9208-a204f3393b0b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
553 B 225ms
78ms XHR
application/json 52.21.82.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.42.0&referrer=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&tmax=2500&gdpr=false&us_privacy=1---

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.21.82.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-82-241.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
accept-ch: sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
463 B 189ms
64ms XHR
application/json 54.87.125.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.87.125.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-125-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: a440e66be01138bb32f0a43577b45eb671129eab2ce7e26c25dea16c59d296ca

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
380 B 230ms
59ms XHR
application/json 35.211.232.87
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.232.87 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 87.232.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1df9c63e117a0bf8018733468e4565f3fda9bf6657807e5a41fc4f8b02b88a72

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 13 Dec 2023 14:13:19 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 374 B
916 B 326ms
60ms XHR
application/json 2602:803:c002:300::97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24508&site_id=420278&zone_id=2382350&size_id=2&gdpr=0&us_privacy=1---&eid_pubcid.org=63977a48-04b9-4356-92c6-88fac93b0f03%5E1&rf=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&tg_i.domain=d2sx07l0uocghm.cloudfront.net&tg_i.page=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=62d85131-e15e-4da6-bd09-c081fcbc4dd1&l_pb_bid_id=22f4c49bf78a762&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7352635913107721
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 09f7c261dc31609e138950e95b51e74e87a83602d07d282133d6f86958bf8e89

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 374
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 66ms
65ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&cc=US&ig=0&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:br&_=1702476799619&bidder=kueezrtb&at=display&v=1
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9dc9197416-MIA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 103ms
102ms Image
text/plain 2606:4700:10::ac43:15e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=27847059b41e6bd2&sid=a35736609ddb9d14&pvi=c7416df26e118468&h=d2sx07l0uocghm.cloudfront.net&wh=1600x1200&b=Chrome&bv=120.0.6099.109&dev=&os=Windows%2010&p=&cc=US&ig=0&uri=%2F&furl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&sr=1600x1200&type=latest:br&_=1702476799619&bidder=kueezrtb&at=display&v=1
Requested by: Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 834ece9dc91d7416-MIA

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
289 B 416ms
136ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

ccd0ad2bc218614bd9b0dcc00d28b830488dfc57a4aff5eba5b2299fa5a2d675

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
699 B 78ms
78ms Ping
text/plain 23.48.104.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.43 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 18652dd5
date: Wed, 13 Dec 2023 14:13:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231213141319643E8B334D4105F5C994-3C835C01A133AF85-00
x-cache: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=5, origin; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231213141319643E8B334D4105F5C994
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.100.43
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd198110e6b3b6b7f33910d409c6b692cf4090e16d0cff6e5761352aaa611494b4775e9ab60a2eab27b661a3f493682f726b28886d8732c2c4d66f0cf6de39fac2fd1f0e9407249086fae19b7f52c8cbaf0e
access-control-allow-headers: Authorization,*
expires: Wed, 13 Dec 2023 14:13:19 GMT

POST
H2 200 1351.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 414ms
138ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1351.json

Requested by

Host: cont.website
URL: https://cont.website/shared/js/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

ab5571b08c45fa1a9ee1a824e62e0dfd5297b26d6313909641579097d266b303

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
288 B 136ms
136ms Fetch
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a4c0655249e1bd0502d590d22e5f579df160001bcc11296ef1fa5ad750b8f6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 564899cbb1805ef604914c572d8584d96329825d5a9938d572b97f22efd873ba Show response
capig.worldtravelling.com/events/ 0
395 B 172ms
52ms XHR
text/plain 2600:1f18:2881:e202:29d8:6e0f:8d18:5887
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.worldtravelling.com/events/564899cbb1805ef604914c572d8584d96329825d5a9938d572b97f22efd873ba
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2016908341805183?v=2.9.138&r=stable&domain=d2sx07l0uocghm.cloudfront.net
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:2881:e202:29d8:6e0f:8d18:5887 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:20 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 164ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2016908341805183&ev=PageView&dl=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&rl=&if=false&ts=1702476800297&sw=1600&sh=1200&ud[external_id]=faff9aa0d6cfb8ba362cb4c60fb0dea7b0c4ab1a1bd8da985dbc6be1d2e3c4b7&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702476800292.628471943&eid=ob3_plugin-set_072444c943d729c74b5c114798889de8fe57555aa991241321372026cdb7d769&ler=empty&it=1702476799306&coo=false&rqm=GET

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Dec 2023 14:13:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 698 B
1 KB 200ms
139ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

0bc0c5499c9e608a309a36029a564613805dc52e022a1879866784f52f1b0fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
date: Wed, 13 Dec 2023 14:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET

check
pixel.tapad.com/idsync/ex/push/
Redirect Chain

https://id5-sync.com/i/1351/8.gif?id5id=ID5*dSN20nuJ_CwJxazSazx4ZQ1DGPBFwDeR-8gYfgdKHDZ0ubO_euOGwzI0av9I2c74dLpc3dfm6hriWnAiy5h5fQ&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1351/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F2%2F7%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1351/2/7/2.gif?puid=5181760045341968329&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/1351/441/6/3.gif?puid=u_3af42f76-a23a-4c8d-b43f-ae18a810784f&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&ttl=%%TTL%%
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/1351/434/4/5.gif?puid=eee9b6fc-07d6-402e-9f82-19a049039bf8&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=5181760045341968329&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
https://ce.lijit.com/merge?pid=92&3pid=5181760045341968329&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F1246%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
https://id5-sync.com/c/1351/1246/3/6.gif?puid=H0IVaRZHk0GTZjJFRBax-zHl&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b4d9bJ7uxx7Svjl8K2qOGlQKG1LXJXrs3wqVEF0O3Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1351%2F124%2F2%2F7.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b4d9bJ7uxx7Svjl8K2qOGlQKG1LXJXrs3wqVEF0O3Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1351%2F124%2F2%2F7.gif%3F...
https://id5-sync.com/cq/1351/124/2/7.gif?puid=19bfe9c7-02b0-4c21-90af-c490f02bdf93&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1351/203/1/8.gif?puid=b0c5e08e-17b2-4049-a655-46606782b441&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&g...

0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
24 KB 411ms
410ms Fetch
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1341250680568571&correlator=623413011306007&eid=31080079%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=21617817323%2Cap-desktop-is1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702476802128&lmt=1702288149&adxs=245&adys=1718&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fd2sx07l0uocghm.cloudfront.net%2F&vis=1&psz=730x0&msz=730x0&fws=0&ohw=0&ga_vid=87838880.1702476799&ga_sid=1702476802&ga_hid=985291870&ga_fc=true&dlt=1702476798110&idt=1046&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=utm_term%3D%26intent_iq_group%3DA&adks=4188724673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c0d688eb8891a030a09c8defff7927d93a5ff9d23da5340582efde96ece90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24718
x-xss-protection: 0
google-lineitem-id: 6370507416
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444857216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d2sx07l0uocghm.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 189ms
78ms XHR
application/json 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6fcd8bda6e8962fd6d44dc52ba4830e3b2a87ed2eb5119414650b0932fae56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12162
x-xss-protection: 0

GET
H2 200 container.html Show response
16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2745 6 KB
3 KB 186ms
64ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 14:13:22 GMT
expires: Thu, 12 Dec 2024 14:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 167ms
56ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 14:13:22 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1694 13 KB
5 KB 57ms
55ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 11651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 10:59:11 GMT
expires: Thu, 12 Dec 2024 10:59:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8A58 829 B
981 B 73ms
72ms Document
text/html 2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b36f38dd64daab10b2d403cd5bf55ff9a60620f50315fbdf0024828c945170c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2xpDxWXMx_aYWSpUs2IEiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2xpDxWXMx_aYWSpUs2IEiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 14:13:22 GMT
expires: Wed, 13 Dec 2023 14:13:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 846C 0
0 74ms
74ms Fetch
image/gif 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkhIWPbelC9nCAJQNXY04e6eeVfw8Jo9e6UNNggAM8Ulz0h60kTXDVwRv0phHlO1IRIwRtDMky0fUThLwz_sCPVsDSGYXK5eh6jOsUG3nhpQESUSHk4mxPTg0qOlvFOVSQlSgm9vKZdOVzwtQypEdjwGGhfYexHNblOJNKzygLOF4x-GS457Si-n_uhNt1qJfsc2f--DRazSCzIFLzJ7rv9_lkdFg9UvjQUXf8PCdSicoKSUdBzuMNQq7lRw_lv93L7ZByZutLGLi0vYuRAQovzJ7H1rJJHS7J4Fu_uH0FCvQMwYS0Iro5J3-YaHRPZXIbM-iW8U7BAffIonIw9VVK344UTdlD9SOEhVIsUdM5osfAFyjmUdl6liZx-oTMf5fw7oHhdwo&sai=AMfl-YRdV-TQQDA4gLEVlAFZ9gTg0wUlE_2HpnedanApXOmkI6cd7tRsWkOu4SfugjmFu6rAzfZdy4oCyCRjutHTHagpj0Ps--Tlhj0AmCBShAP7Kh5iNvksIT7PG_MV4g&sig=Cg0ArKJSzHruQ6ZDBXsZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: d2sx07l0uocghm.cloudfront.net
URL: https://d2sx07l0uocghm.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 846C 24 KB
9 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:52:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 846C 3 KB
1 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:52:45 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 846C 203 KB
64 KB 1481ms
1479ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 14:13:24 GMT

GET
H2 200 12586280221007045726
tpc.googlesyndication.com/simgad/ Frame 846C 52 KB
52 KB 64ms
64ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12586280221007045726

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf141f4781efde6a197ec2934ad064e6bc5e88be05fa3048822ee0d60eaa03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:41:07 GMT
x-content-type-options: nosniff
age: 106335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53230
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 12:04:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 08:41:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 846C 0
0 67ms
67ms Image
text/html 2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSP4Yk0lHQbQ1X5oLFs0COHgSElXNpIQXCkmwRQ0fEAvd8FARz1i1psK8PfbmzZ6hXP4OHbkejig7S5E1b-LlNGdOCXUQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST /
log.d2sx07l0uocghm.cloudfront.net/ 0
0

GET
DATA 200
OK truncated
/ Frame 846C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 681771976d11d66df7e5a554336e117b6551d82c443924e43340b625278f1667

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A58 0
0 220ms
110ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1341250680568571&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1694 39 KB
15 KB 162ms
54ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 11:25:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1694 0
10 B 54ms
53ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7XPQMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 120ms
119ms Image
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1341250680568571&bg=!t7SltPvNAAY3kmNgF5I7ADQBe5WfOJLftkenLzxDtW-f8X_rnoBmYpjVBbC9nLnWJsfz70hpjZ0iPM21OuUjmH3foiqGAgAAAEtSAAAABGgBB5kDG7fImmBjFBWNyyNl1ebKqlVo2iIkMXB4d9lastZTBfqZhqt41p2qZ5aGJvMemVK9W6jTN09yPei5KE4qH5zgIG59MI_iTe27UiPSrU8ceukR530V8_d1jFXRKhNpf1UKJz5tTZwwp-u0VpxePGIXP9WCl2RfiKw60g6FauqipWpC5IA7N3qAVzmE0ZgwqQ4uAGwWiAT0RFHVqH9KxwQLDZkUfYEJ9HZKzKdpe8GM7p_xKzqT22M1QUzDy_W52kahCi9yeOV_cS3Kx3HEMVl0mOSzay9PINlUNQxSRFML4mHIcHi8hBNSa4KjLw-4VTODkkH9NK0LPLAxRV0UgS3LYBUzn2SeXQbqiTMhN4MYbWURpCI3chYT22PjPXbH45GoOSCSjxsa37ypP1_dlsjo7O_x4ZEPcLz8CU0wTifvRFCJu-aSzZR65ZzXOP1WGf25NTu26iFi6CCE1JEdBfDALhWf9BKVLCysoi2lL-p-i7g_c2J0iQ_InqeaWtITYFFe8H1-QSNdC5kug_5hJZsoe3IkNRySqA3Wcg-zTdOJYctLdIhcNTyrXaJSYtGnMhbK8pnXCdPgaVoDMxT6niA7nbORDxVTFT5-LOoz3fTSlud3UbajAInx-wmfr4mJkYjyDM_mEN0ci0HGSl2HO7ppXVDjZGqwCgWK34YLMjAxXQ_Q8qId738NtebiSa-ZkWrAVJIkAcSjvDnHvFrXKhf95LZXNYvGeqACR_QS6v0XNH_GycYOx_5OiPCnay6pP0YVZcqk180DXCp__by2YrNksUkjUbz5ioXJwYwHzpGZ3FUpQwUsTHHHIv1AxnwFZhb4eTN2YkrXeVfPl4YsX9SnXKAHgkb9nkuV4uWLYmDmBidLV5GviQj__mIoJYM9Jii3FKvYHHzpqKflAYhrCGkMwj6CJPVXPzMDn6x6ZUY8qXPPwVHu0HzIljw5BwQekrb0MuIBCCutLOGRDfBns1WpzBEAGnAK3mT8VdemNABdmP1KRj09fWCsCyZIaW5-yyYWw_XWrp-SSpHyipNs3hiagylyM7FL--nJQNkvMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 846C 0
0 183ms
73ms Fetch
image/gif 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoDiZdK5tiO_gUNxhYY0CygN49XjJ9ESl_kjYQQ2R7xufaHzerrGFOxkMAg9ZBiVGdRp3rjhKX7evghB31lMuFOTnLeUBKxrdjx8bBJjAn-xsTEpTGmRu3KA9N_1N2Keg3nMQHz-G_cVgU0LcW3haL7tH8p8ycSpzr9YG1Py2sKd3db1utM4HqkGbeEMHz1lGl2K1TGnCxhNj1mBkaeIJ4p3uYMzOM4MbXPH-2FkKjDM2XPzWLbHheHvSNOnJJ2pk2oiv4PWEqT-9cVfbzDKnlxrmGg0blsdRLm81fJpZ88BkUJaf-CgOOG2CXlZ8Zx1zmYtNIackGK_ExtiNQaDHF9D-ujIndQV5EPctPTeCAKptxCrmtQIMOa9vSfT26IkCH1SXRal7iBQ&sai=AMfl-YR1klZQsr1ePmL0wLxK2UYut9Dkbc13dYL2ao6OLzh1MDsuDNgL6sBA61-9Le23zPYSFv1wh2hq6SvF-SAL1C0UJjdINe8IuX1usCd6zVgBQF5O8OYGF9sL1KHSeg&sig=Cg0ArKJSzHy-O4xakl2CEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Dec 2023 14:13:24 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 24D7 281 B
555 B 194ms
51ms Document
text/html 23.50.125.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-215.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Dec 2023 14:13:25 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
sync.cootlogix.com/api/sync/iframe/ Frame 60B0 109 B
421 B 495ms
376ms Document
text/html 157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 109
content-type: text/html
date: Wed, 13 Dec 2023 14:13:25 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E87B 52 KB
17 KB 94ms
27ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20095
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 13 Dec 2023 14:13:25 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 459, 47832
X-Served-By: cache-lga13626-LGA, cache-mia-kmia1760070-MIA
X-Timer: S1702476805.203838,VS0,VE0

GET
H2 200 / Show response
sync.kueezrtb.com/api/sync/iframe/ Frame E24D 3 KB
4 KB 185ms
57ms Document
text/html 157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: ede912131345654f89e3a0f87b3784fe0f94c8bf58dcb4001aa9ffc411341610

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 3260
content-type: text/html
date: Wed, 13 Dec 2023 14:13:25 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H2

200

sync Show response
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

1 KB
2 KB

54ms
53ms

Document
text/html

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 25a213c60ee590fbc37ae902c19ca8f921941fe563153cb677a71d69cbf49911

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1347
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 14:13:25 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 13 Dec 2023 14:13:25 GMT
location: /sync?us_privacy=1---&&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
sync.cootlogix.com/api/sync/iframe/ Frame 3D6C 109 B
422 B 173ms
58ms Document
text/html 157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: cont.website
URL: https://cont.website/shared/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer: https://d2sx07l0uocghm.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 109
content-type: text/html
date: Wed, 13 Dec 2023 14:13:25 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&us_privacy=1---
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=cd861ec5-299b-4157-ad96-226d9127fe05
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=76f8e99f-7e7d-4e0e-8b7d-b0c0dd65e4df&ssp=themediagrid&bsw_param=cd861ec5-299b-4157-ad96-226d9127fe05

43 B
235 B

59ms
58ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=76f8e99f-7e7d-4e0e-8b7d-b0c0dd65e4df&ssp=themediagrid&bsw_param=cd861ec5-299b-4157-ad96-226d9127fe05
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2sx07l0uocghm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 14:13:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=76f8e99f-7e7d-4e0e-8b7d-b0c0dd65e4df&ssp=themediagrid&bsw_param=cd861ec5-299b-4157-ad96-226d9127fe05
Date: Wed, 13 Dec 2023 14:13:25 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E87B 0
595 B 98ms
98ms Script
text/html 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
an-x-request-uuid: 107c7570-5219-4183-a4ba-7cbf2300af0f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sonobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%5BUID%5D
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=eee9b6fc-07d6-402e-9f82-19a049039bf8

43 B
905 B

59ms
58ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=eee9b6fc-07d6-402e-9f82-19a049039bf8
Requested by: Host: sync.kueezrtb.com
URL: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:25 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-167
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sonobi&gdpr=0&gdpr_consent=&us_privacy=1---&userId=eee9b6fc-07d6-402e-9f82-19a049039bf8
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 24D7 46 KB
13 KB 54ms
53ms Script
text/html 23.50.125.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-215.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45b8a6ea0139c2c91344e702dcbb9fa939916d1c6d60ad1fd583d0253683bb68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 14:13:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Dec 2023 16:41:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=8913
Connection: keep-alive
Content-Length: 13231
Expires: Wed, 13 Dec 2023 16:41:58 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

55ms
55ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&dongle=0cfd&gdpr=0&gdpr_consent=
date: Wed, 13 Dec 2023 14:13:25 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

53ms
53ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK4Fsl_JpCNZ6AW-3VlgmoU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

55ms
55ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK4Fsl_JpCNZ6AW-3VlgmoU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK4Fsl_JpCNZ6AW-3VlgmoU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DEB7
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D

170 B
243 B

123ms
66ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQxMzEwMzg3ODg4MDA3NTQxNzAyMQ%3D%3D
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame DEB7 0
630 B 183ms
124ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1413103878880075417021&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5F5E6E7466FE4A36877DE578D356F7F6 Ref B: MIAEDGE2520 Ref C: 2023-12-13T14:13:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMZMU5ulXdUrNMHUr+Ow==

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1413103878880075417021?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OK2MpzZE2oTPyGhI8XkPwsiz_WEO97kf0qt3QZZdcw--~A&dongle=0883

37 B
354 B

55ms
54ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-OK2MpzZE2oTPyGhI8XkPwsiz_WEO97kf0qt3QZZdcw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 13 Dec 2023 14:13:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-OK2MpzZE2oTPyGhI8XkPwsiz_WEO97kf0qt3QZZdcw--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1413103878880075417021&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eaabc97b-c1a3-4bb8-9a0b-5a32c62afbac&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=cd861ec5-299b-4157-ad96-226d9127fe05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

54ms
54ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=cd861ec5-299b-4157-ad96-226d9127fe05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=cd861ec5-299b-4157-ad96-226d9127fe05&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 13 Dec 2023 14:13:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
https://eb2.3lift.com/xuid?mid=2711&xuid=b0c5e08e-17b2-4049-a655-46606782b441&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---

37 B
354 B

54ms
54ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=b0c5e08e-17b2-4049-a655-46606782b441&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=b0c5e08e-17b2-4049-a655-46606782b441&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1200397
content-length: 0
expires: Wed, 13 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DEB7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=5181760045341968329&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

55ms
54ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=5181760045341968329&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
an-x-request-uuid: 8b56bcd2-7505-40b7-99c5-fd488f1e9bf8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=5181760045341968329&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame DEB7 43 B
1 KB 69ms
69ms Image
image/gif 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1413103878880075417021

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
an-x-request-uuid: bc86a036-3efd-44e7-a84f-251d5c884282
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 24D7 7 B
809 B 219ms
55ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/nB4o-5lhhzvaa26D3Hykpg?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RTFA18BE2oIvM.IED2EAyZkF6Evd5MkLQo48eQ--~A

42 B
875 B

160ms
55ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RTFA18BE2oIvM.IED2EAyZkF6Evd5MkLQo48eQ--~A
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9a0c641c0479142b55591fdf2031b15f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 13 Dec 2023 14:13:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RTFA18BE2oIvM.IED2EAyZkF6Evd5MkLQo48eQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 24D7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AA22BLMoRuuz7tmkvIjfzA&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AA22BLMoRuuz7tmkvIjfzA&gdpr=0

43 B
479 B

142ms
142ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AA22BLMoRuuz7tmkvIjfzA&gdpr=0

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 14:13:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SRXC6SG46Z0RKEZM0DXK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AA22BLMoRuuz7tmkvIjfzA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f72efbd84733ea5ba734e4e8fe0395a3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

0
142 B

83ms
82ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6E0A71926A714F3793AAE46D774A0E83 Ref B: MIAEDGE2520 Ref C: 2023-12-13T14:13:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMZMVASb/Pp+NvG6EqiQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU5MjFhM2Y3NGMzYzk4YzliYzMwZTk0NjlhMjVjMWRkMDRkYmVmMQ&gdpr=0&us_privacy=1---

170 B
188 B

68ms
68ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU5MjFhM2Y3NGMzYzk4YzliYzMwZTk0NjlhMjVjMWRkMDRkYmVmMQ&gdpr=0&us_privacy=1---

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU5MjFhM2Y3NGMzYzk4YzliYzMwZTk0NjlhMjVjMWRkMDRkYmVmMQ&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 24D7
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&gdpr=0&gdpr_consent=&expires=30

42 B
875 B

216ms
55ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c8689d00-7f52-4c40-8ea0-6d1d0b659f54&gdpr=0&gdpr_consent=&expires=30
date: Wed, 13 Dec 2023 14:13:25 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24D7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4Y2fUFWxTq-7bS3XBwBVDA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4Y2fUFWxTq-7bS3XBwBVDA&gdpr=0

43 B
479 B

65ms
61ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4Y2fUFWxTq-7bS3XBwBVDA&gdpr=0

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 14:13:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JVMFW6VG012V178XXD93
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4Y2fUFWxTq-7bS3XBwBVDA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e07703167439847c6c49a939083c0fd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 24D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIGxqXBfTEp2eP7fuSsrz9M&google_cver=1

42 B
875 B

206ms
55ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIGxqXBfTEp2eP7fuSsrz9M&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEIGxqXBfTEp2eP7fuSsrz9M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24D7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/ecm3?id=LQ3UQA4A-6-JF4X&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

43 B
720 B

84ms
60ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LQ3UQA4A-6-JF4X&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 14:13:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HA7RVTF0Y19RQEFMFVJH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LQ3UQA4A-6-JF4X&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEzVVFBNEEtNi1KRjRY&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESENZmWR4LegrD5P_OenyuO58&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEzVVFBNEEtNi1KRjRY&google_push=&gdpr=0

170 B
188 B

65ms
65ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEzVVFBNEEtNi1KRjRY&google_push=&gdpr=0

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEzVVFBNEEtNi1KRjRY&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 24D7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACzSU7K83gAABNWPrBQDQ&expires=30&gdpr=0

42 B
875 B

54ms
54ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACzSU7K83gAABNWPrBQDQ&expires=30&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACzSU7K83gAABNWPrBQDQ&expires=30&gdpr=0
Date: Wed, 13 Dec 2023 14:13:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 24D7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
https://ce.lijit.com/merge?pid=80&3pid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

43 B
952 B

71ms
71ms

Image
image/gif

23.92.190.68
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 23.92.190.68 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 14:13:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 24D7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

68 B
280 B

71ms
53ms

Image
image/png

54.225.45.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Protocol: H2
Server: 54.225.45.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-45-175.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cdd55fb02049ca8b9389527f6c1a1194
Expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

95 B
124 B

56ms
55ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cksync
hb.yahoo.net/ Frame 24D7
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ3UQA4A-6-JF4X&redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ3UQA4A-6-JF4X&gdpr=0&redir=true&us_privacy=1---
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12XzlnX3NoRTJ1R1lqOXI0bWNvOWlsSDBNc0Zocl92Q35B&gdpr=0&ovsid=LQ3UQA4A-6-JF4X&us_privacy=1---&dpid=58160

57 B
649 B

159ms
53ms

Image
image/gif

23.221.214.17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS12XzlnX3NoRTJ1R1lqOXI0bWNvOWlsSDBNc0Zocl92Q35B&gdpr=0&ovsid=LQ3UQA4A-6-JF4X&us_privacy=1---&dpid=58160

Protocol

Server

23.221.214.17 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 13 Dec 2023 14:13:26 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 14:13:26 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS12XzlnX3NoRTJ1R1lqOXI0bWNvOWlsSDBNc0Zocl92Q35B&gdpr=0&ovsid=LQ3UQA4A-6-JF4X&us_privacy=1---&dpid=58160
date: Wed, 13 Dec 2023 14:13:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 24D7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
https://prebid.a-mo.net/setuid/magnite?uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

0
451 B

169ms
53ms

Image
text/plain

147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Protocol: H2
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:26 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
Expires: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 24D7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

43 B
1 KB

63ms
62ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---

Protocol

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:26 GMT
an-x-request-uuid: 60144b4a-f17a-4641-9155-e90501237c1b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ3UQA4A-6-JF4X&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: eea754ae2ea80a3b4eb2fcf35349058a
Expires: 0

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=SzhEXqCN&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=84706356-5dae-4950-b02f-60828096552d&gdpr=0

43 B
903 B

58ms
58ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=84706356-5dae-4950-b02f-60828096552d&gdpr=0
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:26 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=84706356-5dae-4950-b02f-60828096552d&gdpr=0
date: Wed, 13 Dec 2023 14:13:25 GMT
content-length: 0

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://ads.yieldmo.com/pbsync?is=kueez&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-yieldmo%26gdpr%3D0%26gdpr_consent%3D%26us...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=3zZLWmpjjLpnqOmcKzF2&gdpr=0&gdpr_consent=&us_privacy=1---

43 B
885 B

57ms
57ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=3zZLWmpjjLpnqOmcKzF2&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:26 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:26 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=3zZLWmpjjLpnqOmcKzF2&gdpr=0&gdpr_consent=&us_privacy=1---
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-grid1%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---?gdpr=0&gdpr...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=cd861ec5-299b-4157-ad96-226d9127fe05&gdpr=0&gdpr_consent=&us_privacy=1---

43 B
896 B

58ms
57ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=cd861ec5-299b-4157-ad96-226d9127fe05&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:26 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

Location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=cd861ec5-299b-4157-ad96-226d9127fe05&gdpr=0&gdpr_consent=&us_privacy=1---
Date: Wed, 13 Dec 2023 14:13:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-xandr%26userId%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---&gdpr=0&gdpr_consent=
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=5181760045341968329&gdpr=0&gdpr_consent=&us_privacy=1---&gdpr=0&gdpr_consent=

43 B
882 B

59ms
59ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=5181760045341968329&gdpr=0&gdpr_consent=&us_privacy=1---&gdpr=0&gdpr_consent=
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:27 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 14:13:27 GMT
an-x-request-uuid: 3819584c-996d-4835-8902-fc85f950c213
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=5181760045341968329&gdpr=0&gdpr_consent=&us_privacy=1---&gdpr=0&gdpr_consent=
x-proxy-origin: 38.132.118.76; 38.132.118.76; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://u.openx.net/w/1.0/cm?id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%26gdp...
https://u.openx.net/w/1.0/cm?cc=1&id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=1---&userId=c8f7011d-34a5-49cd-9d07-001024172d49

43 B
892 B

57ms
57ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=1---&userId=c8f7011d-34a5-49cd-9d07-001024172d49
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:28 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

date: Wed, 13 Dec 2023 14:13:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=1---&userId=c8f7011d-34a5-49cd-9d07-001024172d49
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cookie
sync.kueezrtb.com/api/ Frame E24D
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26userId%3D%24UID
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=1---&userId=H0IVaRZHk0GTZjJFRBax-zHl

43 B
883 B

60ms
59ms

Image
image/avif

157.230.190.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=1---&userId=H0IVaRZHk0GTZjJFRBax-zHl
Protocol: H2
Server: 157.230.190.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.kueezrtb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 14:13:28 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

Date: Wed, 13 Dec 2023 14:13:28 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=1---&userId=H0IVaRZHk0GTZjJFRBax-zHl
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: log.d2sx07l0uocghm.cloudfront.net
URL: https://log.d2sx07l0uocghm.cloudfront.net/

Domain: log.d2sx07l0uocghm.cloudfront.net
URL: https://log.d2sx07l0uocghm.cloudfront.net/

Domain: exchange.cootlogix.com
URL: https://exchange.cootlogix.com/prebid/multi/65196d96edc5181f4fe8a4ba

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

Domain: log.d2sx07l0uocghm.cloudfront.net
URL: https://log.d2sx07l0uocghm.cloudfront.net/

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.worldtravelling.com/events/564899cbb1805ef604914c572d8584d96329825d5a9938d572b97f22efd873ba	1970-01-20 19:04:12	Name: cee Value: DjgkydQ2tXTzEZnxdbSDbH5wPkMqmnVdTusmdVSzoAo%3D.%7B%22external_id%22%3A%22309576101398608%22%2C%22cee_id%22%3A%22cee.1702476800449.99013%22%7D
.3lift.com/sync	1970-01-20 19:04:12	Name: sync Value: CgoIoQEQqOmZnMYxCgoIkQIQqOmZnMYxCgoItAIQqOmZnMYxCgoI5gEQqOmZnMYxCgoIhwIQqOmZnMYxCgoItwIQqOmZnMYxCgkIOhCo6ZmcxjEKCgiMAhCo6ZmcxjEKCQhfEKjpmZzGMQoJCB8QqOmZnMYx
.kueezrtb.com/	1970-01-20 19:04:12	Name: kuid Value: c6254e046a2d6c72
.d2sx07l0uocghm.cloudfront.net/	1970-01-20 19:04:12	Name: _gcl_au Value: 1.1.1315032748.1702476799
.d2sx07l0uocghm.cloudfront.net/	1970-01-21 02:30:36	Name: _ga_WMBPYK833K Value: GS1.1.1702476798.1.0.1702476798.0.0.0
.tiktok.com/	1970-01-21 02:16:12	Name: _ttp Value: 2ZUVlzC219atGgaTXNbeXrOg9BO
d2sx07l0uocghm.cloudfront.net/	1970-01-20 17:37:48	Name: _pbjs_userid_consent_data Value: 6683316680106290
.d2sx07l0uocghm.cloudfront.net/	1970-01-21 01:40:12	Name: _sharedid Value: 63977a48-04b9-4356-92c6-88fac93b0f03
.d2sx07l0uocghm.cloudfront.net/	1970-01-21 02:30:36	Name: _ga Value: GA1.3.87838880.1702476799
.d2sx07l0uocghm.cloudfront.net/	1970-01-20 16:56:03	Name: _gid Value: GA1.3.918730814.1702476799
.d2sx07l0uocghm.cloudfront.net/	1970-01-20 16:54:36	Name: _gat_gtag_UA_172772405_1 Value: 1
.twitter.com/	1970-01-21 02:30:36	Name: personalization_id Value: "v1_3AOmjltb/yTkOVxmS/i81Q=="
.t.co/	1970-01-21 02:30:36	Name: muc_ads Value: a50d03e5-a795-40c6-9ab4-cb209aed71db
.d2sx07l0uocghm.cloudfront.net/	1970-01-21 02:16:12	Name: _tt_enable_cookie Value: 1
.d2sx07l0uocghm.cloudfront.net/	1970-01-21 02:16:12	Name: _ttp Value: O4XxomBY2CuasZhdL1Pp7zjL86d
d2sx07l0uocghm.cloudfront.net/	1970-01-21 01:40:12	Name: _tfpvi Value: ZDFmZjIxN2EtOTNhOC00YzgxLTk4ZjYtN2RkOWM5YmE4MGRjIy03LTY%3D
.omnitagjs.com/	1970-01-20 17:37:48	Name: ayl_visitor Value: 6b2ad187e9b7f7dc011307a8cb13f584
.rubiconproject.com/	1970-01-21 01:40:12	Name: khaos Value: LQ3UQA4A-6-JF4X
.d2sx07l0uocghm.cloudfront.net/	1970-01-20 19:04:12	Name: _fbp Value: fb.2.1702476800292.628471943
.id5-sync.com/	1970-01-20 19:04:12	Name: id5 Value: ab79893b-1d24-766b-a2cd-1290e32068d9#1702476800440#2
.adnxs.com/	1970-01-20 19:04:12	Name: uuid2 Value: 5181760045341968329
.gumgum.com/	1970-01-21 01:40:12	Name: vst Value: u_3af42f76-a23a-4c8d-b43f-ae18a810784f
.adsrvr.org/	1970-01-21 01:41:39	Name: TDID Value: c8689d00-7f52-4c40-8ea0-6d1d0b659f54
.go.sonobi.com/	1970-01-20 17:37:48	Name: __uis Value: eee9b6fc-07d6-402e-9f82-19a049039bf8
.lijit.com/	1970-01-21 01:40:12	Name: ljt_reader Value: H0IVaRZHk0GTZjJFRBax-zHl
.lijit.com/	1970-01-21 01:40:12	Name: _ljtrtb_92 Value: 5181760045341968329
.doubleclick.net/	1970-01-21 02:30:36	Name: IDE Value: AHWqTUm1yGtQELwpp1PHQ6b1ucvwNrKEsr7tda4uewOr4ELDOyUj92EevYQkj5LsAbY
.360yield.com/	1970-01-20 19:04:12	Name: tuuid Value: 19bfe9c7-02b0-4c21-90af-c490f02bdf93
.360yield.com/	1970-01-20 19:04:12	Name: tuuid_lu Value: 1702476802
.360yield.com/	1970-01-20 19:04:12	Name: um Value: !79,c.4x0HbSvxlvgb-H46NXKFXJJCB623gn32KYSmc6rkEJpLydlz79-AYELmtV2.rqdLdqRNzPzO833u7m,1710252802
.360yield.com/	1970-01-20 19:04:12	Name: umeh Value: !79,0,1764684802,-1
.criteo.com/	1970-01-21 02:16:12	Name: uid Value: b0c5e08e-17b2-4049-a655-46606782b441
.id5-sync.com/	1970-01-20 19:04:12	Name: 3pi Value: 2#1702476800874#478403066#5181760045341968329\|434#1702476801839#114941806\|264#1702476801531#569120835#c8689d00-7f52-4c40-8ea0-6d1d0b659f54\|441#1702476801178#1182602852#u_3af42f76-a23a-4c8d-b43f-ae18a810784f\|203#1702476803365#-1641958476#b0c5e08e-17b2-4049-a655-46606782b441\|124#1702476802823#858788884\|1246#1702476802452#-224524886
.tapad.com/	1970-01-20 18:21:00	Name: TapAd_TS Value: 1702476803656
.tapad.com/	1970-01-20 18:21:00	Name: TapAd_DID Value: 4647bb7e-170f-4d30-8bb3-16eb28298e13
.tapad.com/	1970-01-20 18:21:00	Name: TapAd_3WAY_SYNCS Value:
.3lift.com/	1970-01-20 19:04:12	Name: tluid Value: 1413103878880075417021
.bidswitch.net/	1970-01-21 01:40:12	Name: tuuid Value: cd861ec5-299b-4157-ad96-226d9127fe05
.bidswitch.net/	1970-01-21 01:40:12	Name: c Value: 1702476805
.bidswitch.net/	1970-01-21 01:40:12	Name: tuuid_lu Value: 1702476805
.kueezrtb.com/	1970-01-20 16:54:37	Name: vdzj1_3398b79f Value: aCi153kXWxdcOlwoxBlnSEkoNgoQDSoeBE1CGU5YAFw5YUoGU34NFFlMcFtaB1NuMUFUV3hOW01OcApbBFM5b0ABACpeQVxNIFpXUltrYU1GT21aRFgccl1aBFI7ZE5WUX5bFA4bI1ReUlx6e1pSUHgNQgobJl9dA1xvYkBWUHxdElcdJFhMH0luZE8FVX5fT1xLcltZBlNqZEtVBnZaFllabk5YAFw5YkBVW34NFFlMcFtaB1NuMUsBBXxOW01OcVsPBVo5ZUwHVyleFl4adVoNBF46YR5GT21aRF8edl5cV1lvYRwGASlbT1tNIQ5XCwl6e1pSUHgNQV4edl0PUF1sZU9QV3daEVcdIA5MH0luZEsHVHkJQVhMdFlfBFw5NEACBy1VEl5abk5YAA8%2BM0pRUXpYFVgZIA5eAQ1pYktSVnlOKkNaIQMbXR96bUhIQSgIBx1aeBdMWhgdAlpeBS4ABApUYAsKQxl6bVpUQWNOEAsIMC8BXRg9OQxGWW1OW00NMTwcWh05NAFGWW1dWkJVYBFCERg9JAsNDCFOTU1KJg1ZAwo5Z1VUAHdaWgxOcw5DCghub1UAAndbRFhMcglXUFl6e1oHDCECEgwMKwMAeg96bVpSUCxVQllKd1hfVw1oMUpWWytVRlZJelxMH0kxJDECES4BEk1CNh4bVhY%3D
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86167\|ZXm8C
.yahoo.com/	1970-01-21 01:40:34	Name: A3 Value: d=AQABBAW8eWUCEIUB821neu63Ty_KEoUTDGMFEgEBAQENe2WDZQAAAAAA_eMAAA&S=AQAAAkKC74Vu90Q875or0yS7KSM
.linkedin.com/	1970-01-20 19:04:12	Name: li_sugr Value: 854f6713-9c24-4067-9b75-cbe4c12fdf67
.linkedin.com/	1970-01-21 01:40:12	Name: bcookie Value: "v=2&d7535944-0a39-4d7d-8717-bcf06d04ff87"
.linkedin.com/	1970-01-20 16:56:03	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3148:u=1:x=1:i=1702476805:t=1702563205:v=2:sig=AQG6P0w7wfe9Ow01zfQo9pszbtYuV3QM"
.kueezrtb.com/	1970-01-20 17:37:48	Name: vdzh5_92400b22 Value: usx132uI43zu6nScuQSVciQVYfDxsdPA0aM1tXcxZWHxAPDGUFFnwCQi0CHk5FBAt%2BWhNpAFh4DVJKQQ9eYFoXNwpXNA%3D%3D
.kueezrtb.com/	1970-01-20 17:37:48	Name: vdz_sync Value: 5bf657e6-734a-f90e-c68a-ce9eafe254de
beacon.lynx.cognitivlabs.com/	1970-01-21 01:41:39	Name: UID Value: 76f8e99f-7e7d-4e0e-8b7d-b0c0dd65e4df
beacon.lynx.cognitivlabs.com/	1970-01-21 01:41:39	Name: ss Value: AI67Y879mg52UbXTEx2E2ONMniqNl0nanYh3OYMPIboWaXLtk68hbb4yLPLGilhVzw1NKd5dalK3EhuKk6UHGA%3D%3D
.sportradarserving.com/	1970-01-21 01:40:12	Name: zuuid Value: eaabc97b-c1a3-4bb8-9a0b-5a32c62afbac
.sportradarserving.com/	1970-01-21 01:40:12	Name: c Value: 1702476805
.sportradarserving.com/	1970-01-21 01:40:12	Name: zuuid_lu Value: 1702476805
.sportradarserving.com/	1970-01-21 01:40:12	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 01:40:12	Name: zuuid_k_lu Value: 1702476805
.adsrvr.org/	1970-01-21 01:41:39	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCJLpr8P2-708EAUSFgoHcnViaWNvbhILCM7ThMf2-708EAUYASACKAIyCwjO37LwjPy9PBAFOAFaB3N2eDl0NTBgAg..
pixel.rubiconproject.com/	1970-01-20 19:04:12	Name: receive-cookie-deprecation Value: 1
.amazon-adsystem.com/	1970-01-21 02:30:36	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 02:23:06	Name: bito Value: AACzSU7K83gAABNWPrBQDQ
.bidr.io/	1970-01-21 02:23:06	Name: bitoIsSecure Value: ok
.lijit.com/	1970-01-21 01:40:12	Name: ljtrtb Value: eJyrVrI0UrJSMjW0MDQ3MzAwMTU2MbQ0szA2slSqBQBWOQYI
.lijit.com/	1970-01-21 01:40:12	Name: _ljtrtb_80 Value: LQ3UQA4A-6-JF4X
.sharethrough.com/	1970-01-20 17:37:48	Name: stx_user_id Value: 84706356-5dae-4950-b02f-60828096552d
.rubiconproject.com/	1970-01-21 01:40:12	Name: audit Value: 1\|i7WLabMcVxKVDM83Uj6T/KS5Bv7H1ouoxdnNVF8ci15UQAK1SlKbTD9yRbH28srhsxyhgU1fgNzjuEk9oe4HqfjYrMuT3tnG73TO6CNSde0mGweUluV0NwYUPYSt7uJtDyDchUWxCqQ=
.kueezrtb.com/	1970-01-20 17:37:48	Name: vdzh5_6c784a9b Value: LXL13oQ0khsQtzbreqFHNbHg0WK1kJChMXBQcjXx4PG3NOWFpGUkFZYgVdRUY1FR9PRlxEX3xSW1oVfEJKWkBdQVZnBV5aF3MJ
.kueezrtb.com/	1970-01-20 17:37:48	Name: vdzh5_11f967df Value: iwP11QHJsi1My5XVKmo%2FAAxDBB0XYnRheH1EDwcpHBhsY2B4ZxZQVyxUBGhlYWUvQ11VfUFTYGMwfHxRFA%3D%3D
.adnxs.com/	1970-01-20 19:04:12	Name: anj Value: dTM7k!M4/0EVNsVF']wIg2Hc$nXya1!A#F'(3<Syd5yN3S^-FI0#cm#FTdCnGlm6nD>@TSHNI[tHMD!)i2+jYG/UFU/_yZ#.aA?<X3ZKe8]zN]Bw/gB5o7Qz5QhKj9RrTq1H9[o
.adnxs.com/	1970-01-20 19:04:12	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxNDEzMTAzODc4ODgwMDc1NDE3MDIxIiwiZXhwaXJlcyI6IjIwMjQtMDMtMTJUMTQ6MTM6MjVaIn0sInJ1Ymljb24iOnsidWlkIjoiTFEzVVFBNEEtNi1KRjRYIiwiZXhwaXJlcyI6IjIwMjQtMDMtMTJUMTQ6MTM6MjZaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMTNUMTQ6MTM6MjVaIn0=
.amazon-adsystem.com/	1970-01-20 21:44:03	Name: ad-id Value: A-Klrx4jSEeNjHsgkKmkcrw\|t
.prebid.a-mo.net/	1970-01-20 16:56:03	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 01:40:12	Name: amuid2 Value: b58ebceb-5a52-4f5c-b57f-5067882a8bca
.prebid.a-mo.net/	1970-01-21 01:40:12	Name: sd_amuid2 Value: b58ebceb-5a52-4f5c-b57f-5067882a8bca
.analytics.yahoo.com/	1970-01-21 01:40:12	Name: IDSYNC Value: "18vk~2fl2:19e0~2fl2"
.hb.yahoo.net/	1970-01-20 21:13:48	Name: visitor-id Value: 3454784061524484000V10
.hb.yahoo.net/	1970-01-21 01:40:12	Name: data-mag Value: LQ3UQA4A-6-JF4X~~63

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://d2sx07l0uocghm.cloudfront.net/ Message: A preload for 'https://static.kueezrtb.com/latest.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://log.d2sx07l0uocghm.cloudfront.net/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://log.d2sx07l0uocghm.cloudfront.net/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://connect.facebook.net/signals/config/2016908341805183?v=2.9.138&r=stable&domain=d2sx07l0uocghm.cloudfront.net(Line 145) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://log.d2sx07l0uocghm.cloudfront.net/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://d2sx07l0uocghm.cloudfront.net/ Message: The resource https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://d2sx07l0uocghm.cloudfront.net/ Message: The resource https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://d2sx07l0uocghm.cloudfront.net/ Message: The resource https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://d2sx07l0uocghm.cloudfront.net/ Message: The resource https://static.kueezrtb.com/latest.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1351%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16ff6cc6a846caf75ec19a3773a0c400.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.yieldmo.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
at.teads.tv
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
capig.worldtravelling.com
cdn.id5-sync.com
cdnjs.cloudflare.com
ce.lijit.com
cflcdn1.avocadoposts.com
cm.g.doubleclick.net
cmp.inmobi.com
config.aps.amazon-adsystem.com
connect.facebook.net
cont.website
d2sx07l0uocghm.cloudfront.net
dev01.avocadoposts.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
exchange.cootlogix.com
exchange.kueezrtb.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
gtrack.kueezrtb.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hb.yahoo.net
hb.yellowblue.io
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
log.d2sx07l0uocghm.cloudfront.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.cootlogix.com
px.ads.linkedin.com
s.amazon-adsystem.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.kueezrtb.com
stats.g.doubleclick.net
sttcdn.comicstadium.com
sync.cootlogix.com
sync.go.sonobi.com
sync.kueezrtb.com
t.co
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.kueezrtb.com
u.kueezrtb.com
u.openx.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
exchange.cootlogix.com
log.d2sx07l0uocghm.cloudfront.net
pixel.tapad.com
104.244.42.195
104.244.42.69
104.67.206.143
146.75.36.157
147.28.146.89
15.197.193.217
151.101.65.108
157.230.190.220
157.245.86.108
159.65.235.129
162.19.138.118
162.19.138.83
172.253.62.154
18.160.10.80
18.165.97.179
18.67.67.228
209.54.182.161
23.221.214.17
23.222.197.151
23.222.5.91
23.48.104.43
23.50.125.215
23.55.205.47
23.92.190.68
2600:1f18:2881:e202:29d8:6e0f:8d18:5887
2600:1f18:4e9:5a05:2bce:771f:29bf:5cba
2600:9000:2191:ac00:1b:cadc:ef40:93a1
2600:9000:26c1:a00:11:685b:9e80:93a1
2600:9000:26c1:cc00:11:685b:9e80:93a1
2602:803:c002:300::97
2606:4700:10::6816:3456
2606:4700:10::ac43:15e8
2606:4700:20::681a:686
2606:4700:3032::ac43:940c
2606:4700:3037::ac43:b33a
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::68
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::9b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::65
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::5f
2620:1ec:21::14
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.213.9.240
3.225.218.10
34.111.113.62
34.199.103.5
34.98.64.218
35.211.178.172
35.211.232.87
35.211.233.246
44.196.16.148
52.14.231.222
52.21.82.241
52.223.22.214
52.94.223.167
54.160.91.143
54.225.45.175
54.82.106.150
54.87.125.83
63.251.114.136
68.67.160.184
69.166.1.34
69.173.151.100
74.119.119.150
00eec85ca0e6d07829dbdd832abff70c27f09b038560e410f21dc965490e951b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047513b5bce891d38c689082da877dc63e9fcddc824f39559f05bc66ad1ec39e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c5bed9af36cefd588c1640cf942b9ded86836525e0e11163cfdbee6bab59d0
09f7c261dc31609e138950e95b51e74e87a83602d07d282133d6f86958bf8e89
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b18386a7104ba7ae236635558372cea83d1f5b942abf6a04a9c3c45ee49fb3b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc0c5499c9e608a309a36029a564613805dc52e022a1879866784f52f1b0fe4
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fbee40d848d6df79b375ca87bdb53f4e97bfb3c6dc2a1d03cb8fd74a395eca4
1051b4d5f202c8f90196d540a7d92a071968ad3ee7aab5dc9c0aab3df7521ae3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
131e38326752be4e60fc8a32e883d2b5cfbcd20480fd3ad2c1962021d11bd9ac
179562f9c1df605f39de74775dbec37dc7f0e55220d47164b2ff014291bdaea8
1d3e107cb6c3358c61b571249a74f46b48d1d93b274dced809b8c62d20d08644
1d7eb40854013f0d3294033bb3dab4e6190721699e33e9271eeaa4e938a2b77e
1df9c63e117a0bf8018733468e4565f3fda9bf6657807e5a41fc4f8b02b88a72
25a213c60ee590fbc37ae902c19ca8f921941fe563153cb677a71d69cbf49911
264f0d876a5af0d787607f502c97e1c3b234b57e88eaf59d262a26543e5f4aa4
2f231b35132c504d81c100a026b3bf499aa8c962d9319cd95d46110f18d18847
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d25922379728b588b07b8037516f9b9b31cb4af4efc5172ababb4929d2b45a
36526291bbfbcb97b25359110b3c2845c24172e729da131f0efb6a70291d8e94
36939913e84226334e47de3b7d3da5a2425bfd34f2b1145de8d69b5846308d46
3c539c2a7013af46795a85a1f97da41c6b4df0536bd366a6ff978c7fa29664d9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed0a0c9d5799dc647d9bb72061ae1d907d7291cba31de205e3352fd209aa303
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f62b2180cccbc14eed1833c408ccb0fef9185cd330d7837560eab7ae9fc7be
420a5c6d75dc17a70b71148b9e81fd4fdc65dd026feac37b48c42fe46a3c4549
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45b8a6ea0139c2c91344e702dcbb9fa939916d1c6d60ad1fd583d0253683bb68
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
487e0ee33ae531d230b8da02fc3321efcd374bd02b79a9e3ee9ac046db1cbd54
496af91206cfb87abe1ca17b477d3271afc9d27febaf24fa6dc3c36e90cc5777
4a8b484fca8f10f7576888d534a77e7faeb0b345fb31e6857815d2fb21b241e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
616b4146dcb634286ecbe85e29fbca86b84e21303846a25e6c0e89c816bb1ba1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
681771976d11d66df7e5a554336e117b6551d82c443924e43340b625278f1667
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbd1c79f9b7638d0cfb01f8183e33b3524c95d29286fd7bc6d784cf443691dc
71b391fe7d515c22eb76b1e57a79f1fb1db4963b2a753b741500a5e62fc4221d
71fd982e959aee42826d49240536c72ae019e1a2dc38e53db372e69b2fb84aac
72e9fea2341d71bf28fce036f47eba710f10fe67cbf78879399ab9acb0329827
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74659aaeb9d9d62f07b4ff0a04587531bba24a85d951dad505546c4dbefc386b
74ea4bb7c852bf87b6d93619623afcf107530ee8fdca83c07546991cb1a2d757
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8bf141f4781efde6a197ec2934ad064e6bc5e88be05fa3048822ee0d60eaa03d
8d8da3b7862220785a8d7dec3d2facc0e3ddddcace7d817ee45bba5d699ea577
910373329dfc23d328182c30d4a9885d5b372f029f62d4f57ec25b82f396ff6c
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
9160e2ce7cda07749b7cc66ac588c6c1b6b15a24f6e3d78dbf88c10ae4270ce9
934cde0e1ed74d28e9fca8e96382a930d4293a3e5d45298393df35a8547a9784
965fc2dbbf709019c656248e3f818c143b4211b6eb94bd249d778972b7f82145
98ee68dcf40cc845c86c14dc1dc0779fae2adba4ec5c72cbb0796fa3408df918
9986b00250a74a0f42e7f49754012a5555b85f95b9938131ef68b7587dc775f2
9abdc15a542e768089fb710b4a62a7afe41b6a7b025429c8fc5fc0f8d5010d57
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c2154cde60af5e05154b8f610d056971cd084de9353b45e82b12f4a3123f047
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a440e66be01138bb32f0a43577b45eb671129eab2ce7e26c25dea16c59d296ca
a4c0655249e1bd0502d590d22e5f579df160001bcc11296ef1fa5ad750b8f6b5
a68332a055e1b21248de17a88a38d1ae6fa0e3ae300e43c869d8c60554ab4696
a6fcd8bda6e8962fd6d44dc52ba4830e3b2a87ed2eb5119414650b0932fae56f
ab5571b08c45fa1a9ee1a824e62e0dfd5297b26d6313909641579097d266b303
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d59495d0a19e2d2299a5a8b8a8ea2578dd2998ac1c0240ed863945b6eb3c44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36f38dd64daab10b2d403cd5bf55ff9a60620f50315fbdf0024828c945170c2
b3b1e9ffc8ad1e5ca3582fbb15dfaecb0a9e029f26313e8f6ff1adbbb7347833
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2ecf77df70d48d0691742492d12edeb88bd4350fd0bff52a98972bb2dcdb85
bd811189abacdcd608a87b3f578599d1a8f2129aefea5a33efbabc0e1f825550
bdc5bec18687a47f3769e3dc92b21dbe8f6aa80886b47d09b9d4cbd75bcb5b33
c157f9055d5957f5da641a8f2966d53a3e758f232c280b4bf86c9b46f5f1272b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28c332632d3b08443b90f6e39a2795db0b26cbd3053110d5df690f8b825c8f3
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c40f894d6fdd262dfa4dc8353b357feba7801a210e334bdb69a4086d0ed315e0
c6b8c27886a37e49b6992abe9d3ec91dc31e4ccc62c28ac007522862a5084921
c833adf74daed91aafbdf407581cf1debfe90751bd5fd40d4c0876ba4fcb5388
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccd0ad2bc218614bd9b0dcc00d28b830488dfc57a4aff5eba5b2299fa5a2d675
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d00c34effe9cc4102167fa037cc52ea13f99f8b396d8eff6983b47479dfe6ed5
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d8cebbe7864ec628edb742f1661bb19900fc3d2dd3c8726755d26342af58f498
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2a969106acb1cda4e7a7e2639c9aacff706b363491115aedd674f64b647257b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b83d6a4689fc5fefd0c883a83d82d9052e69d3f5e39666c428ac90123f0280
e5c0d688eb8891a030a09c8defff7927d93a5ff9d23da5340582efde96ece90f
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
edacbbec4252362c62c2313df992725e1dbc2d9687eabfff7f30ae9c4b0c36fb
ede912131345654f89e3a0f87b3784fe0f94c8bf58dcb4001aa9ffc411341610
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f179e3b77e2b2110718aeb36d20da1a87d2461a3e62b9d20a48f64d6477cf49d
f4e7befdc4a47ae49a000917d13906bbd3657378f5d9d4c7a637cbdbe9a3de5a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5bef25e833d895a8cadd7487d593c8b2658b2515bb472dfe6483b185582b879
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa845ef45c0d895fad4650192918fe39cdbe164d257d48548938c1c7bd2dfe60
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fbb5411c1c9e2f24042e2aca3e25c80906775115f65b11f70aa49414321f7144
fc5f8ba73efd86260d3cb602b05630acf4141265fc07f23aa4541960072bd8b0

d2sx07l0uocghm.cloudfront.net Open in urlscan Pro 2600:9000:26c1:a00:11:685b:9e80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

192 Requests

80 %HTTPS

37 %IPv6

53 Domains

82 Subdomains

63 IPs

4 Countries

6931 kBTransfer

10552 kBSize

75 Cookies

31 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d2sx07l0uocghm.cloudfront.net Open in urlscan Pro
2600:9000:26c1:a00:11:685b:9e80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

80 %
HTTPS

37 %
IPv6

53
Domains

82
Subdomains

63
IPs

4
Countries

6931 kB
Transfer

10552 kB
Size

75
Cookies

192 HTTP transactions
1 data transactions