Submitted URL: http://zupimages.net/
Effective URL: https://www.zupimages.net/
Submission: On June 24 via manual from CA — Scanned from CA

Summary

This website contacted 90 IPs in 9 countries across 76 domains to perform 302 HTTP transactions. The main IP is 2606:4700:3038::6815:e9c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zupimages.net. The Cisco Umbrella rank of the primary domain is 120322.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.
This is the only time www.zupimages.net was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
12 2a02:6ea0:c40... 60068 (CDN77 ^_^)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:21e... 16509 (AMAZON-02)
6 54.38.64.100 16276 (OVH)
1 23.33.44.85 20940 (AKAMAI-ASN1)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
4 51.222.39.184 16276 (OVH)
2 2620:116:800b... 14618 (AMAZON-AES)
1 54.154.72.131 16509 (AMAZON-02)
1 13.225.66.191 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
1 107.22.248.125 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
2 151.101.129.194 54113 (FASTLY)
3 74.119.119.139 19750 (AS-CRITEO)
3 6 141.95.98.66 16276 (OVH)
1 142.250.64.66 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 212.129.3.112 12876 (Online SAS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 46.137.175.60 16509 (AMAZON-02)
13 2607:f8b0:400... 15169 (GOOGLE)
5 52.210.143.40 16509 (AMAZON-02)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 1 199.187.193.192 47043 (SMARTADSE...)
4 4 54.36.150.187 16276 (OVH)
11 14 142.251.40.130 15169 (GOOGLE)
3 9 68.67.160.137 29990 (ASN-APPNEX)
3 3 100.25.49.196 14618 (AMAZON-AES)
8 35.157.246.167 16509 (AMAZON-02)
4 96.46.183.20 7979 (SERVERS-COM)
1 2602:803:c002... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
4 208.115.232.150 46475 (LIMESTONE...)
1 195.244.31.10 63140 (IGUANA-WO...)
4 34.202.202.48 14618 (AMAZON-AES)
8 145.40.89.200 54825 (PACKET)
1 2 172.98.26.126 399668 (E-PLANNING-)
1 14 104.22.69.131 13335 (CLOUDFLAR...)
1 74.119.119.129 19750 (AS-CRITEO)
2 37.157.4.24 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 107.23.118.220 14618 (AMAZON-AES)
1 2 64.202.112.95 22075 (AS-OUTBRAIN)
1 1 68.67.179.91 29990 (ASN-APPNEX)
4 10 8.28.7.83 62713 (AS-PUBMATIC)
2 3 199.187.193.199 47043 (SMARTADSE...)
6 6 35.71.131.137 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
7 199.187.193.140 47043 (SMARTADSE...)
26 151.101.129.44 54113 (FASTLY)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
4 68.67.181.207 29990 (ASN-APPNEX)
1 151.101.129.108 54113 (FASTLY)
1 151.101.65.108 54113 (FASTLY)
1 54.175.54.201 14618 (AMAZON-AES)
1 199.187.193.200 47043 (SMARTADSE...)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 104.127.172.242 16625 (AKAMAI-AS)
3 11 35.71.139.29 16509 (AMAZON-02)
1 23.54.68.184 16625 (AKAMAI-AS)
1 5 162.55.233.28 24940 (HETZNER-AS)
2 2 184.85.195.135 16625 (AKAMAI-AS)
2 3 70.42.32.255 ()
2 151.101.193.44 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 8 35.211.178.172 15169 (GOOGLE)
3 3 216.200.232.253 30419 (MEDIAMATH...)
1 2 193.232.150.149 48061 (UMA-TECH-AS)
1 195.201.152.104 24940 (HETZNER-AS)
4 4 63.251.86.51 32475 (SINGLEHOP...)
1 151.236.118.210 ()
2 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 2 104.18.101.194 ()
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 204.62.13.72 ()
3 5 52.46.154.242 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 3.230.192.192 14618 (AMAZON-AES)
2 141.226.224.32 200478 (TABOOLA-AS)
7 10 69.173.151.100 26667 (RUBICONPR...)
3 23.54.68.197 16625 (AKAMAI-AS)
4 4 151.101.194.49 ()
2 2 192.35.249.127 ()
2 3 52.95.115.196 ()
1 35.190.60.146 15169 (GOOGLE)
2 2 52.45.33.138 ()
2 37.157.4.25 198622 (ADFORM)
1 1 199.187.193.181 ()
3 3 8.28.7.82 62713 (AS-PUBMATIC)
1 3 8.28.7.84 ()
1 104.36.115.123 ()
1 23.21.165.102 ()
1 104.36.115.113 ()
2 2 54.164.218.146 ()
3 2606:4700:10:... ()
1 6 35.244.159.8 ()
2 2 185.184.8.90 ()
2 2 2620:112:f002... ()
1 2 185.167.164.43 ()
302 90
Apex Domain
Subdomains
Transfer
30 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 982
trc.taboola.com — Cisco Umbrella Rank: 672
images.taboola.com — Cisco Umbrella Rank: 1602
pips.taboola.com — Cisco Umbrella Rank: 1482
cds.taboola.com — Cisco Umbrella Rank: 1377
916 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
364 KB
22 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
77 KB
21 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 865
ads.pubmatic.com — Cisco Umbrella Rank: 488
image8.pubmatic.com — Cisco Umbrella Rank: 590
image4.pubmatic.com
ow.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
35 KB
19 zupimages.net
zupimages.net — Cisco Umbrella Rank: 105669
www.zupimages.net — Cisco Umbrella Rank: 120322
188 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 408
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1250
cdn.adnxs.com — Cisco Umbrella Rank: 1344
acdn.adnxs.com — Cisco Umbrella Rank: 591
66 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5711
csync.smilewanted.com — Cisco Umbrella Rank: 4693
static.smilewanted.com — Cisco Umbrella Rank: 10226
18 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
eus.rubiconproject.com — Cisco Umbrella Rank: 573
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
token.rubiconproject.com
prebid-server.rubiconproject.com
20 KB
14 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 951
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
ups.analytics.yahoo.com
6 KB
13 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653
sync.smartadserver.com — Cisco Umbrella Rank: 1422
ww1097.smartadserver.com — Cisco Umbrella Rank: 28090
tmk.smartadserver.com — Cisco Umbrella Rank: 13465
ssbsync-global.smartadserver.com
10 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 641
eb2.3lift.com — Cisco Umbrella Rank: 410
5 KB
12 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 28133
228 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1220
assets.a-mo.net — Cisco Umbrella Rank: 3633
6 KB
9 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 5453
sync.richaudience.com — Cisco Umbrella Rank: 1905
4 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
bidder.criteo.com — Cisco Umbrella Rank: 744
10 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax-eu.amazon-adsystem.com
5 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
6 openx.net
u.openx.net
us-u.openx.net
2 KB
6 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4190
sync-eu.connectad.io — Cisco Umbrella Rank: 3137
sync.connectad.io
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
3 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 3956
track.adform.net — Cisco Umbrella Rank: 3976
cm.adform.net — Cisco Umbrella Rank: 1594
c1.adform.net
2 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 550
7 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9072
s.cpx.to — Cisco Umbrella Rank: 2286
7 KB
6 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 28008
2 KB
5 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4247
b1sync.zemanta.com
2 KB
5 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2197
cache.betweendigital.com
4 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
105 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
ajax.googleapis.com — Cisco Umbrella Rank: 307
65 KB
4 everesttech.net
sync-tm.everesttech.net
922 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
2 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1299
792 B
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 1859
2 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
3 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
2 KB
3 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 12468
creativecdn.com
909 B
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
3 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 7816
ced-ns.sascdn.com — Cisco Umbrella Rank: 2856
48 KB
2 turn.com
ad.turn.com
959 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1867
644 B
2 adsymptotic.com
p.adsymptotic.com
552 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 10669
477 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
57 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
85 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6853
2 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 11986
914 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1441
80 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1029
pixel.quantserve.com — Cisco Umbrella Rank: 443
10 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1705
183 B
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293
45 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
448 B
1 admixer.net
inv-nets.admixer.net
586 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 14937
69 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1803
345 B
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3514
78 KB
1 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 3646
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4705
816 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 32075
528 B
1 sddan.com
kvt.sddan.com — Cisco Umbrella Rank: 32540
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
700 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 991
1 KB
1 quantcast.com
apis.cmp.quantcast.com
153 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 28409
6 KB
0 simpli.fi Failed
um.simpli.fi Failed
0 pippio.com Failed
pippio.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 agkn.com Failed
aa.agkn.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 casalemedia.com Failed
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576 Failed
ssum.casalemedia.com Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net — Cisco Umbrella Rank: 716 Failed
302 76
Domain Requested by
18 www.zupimages.net www.zupimages.net
14 cm.g.doubleclick.net 11 redirects eb2.3lift.com
u.openx.net
13 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 cdn.taboola.com www.zupimages.net
cdn.taboola.com
12 ads.themoneytizer.com www.zupimages.net
ads.themoneytizer.com
11 eb2.3lift.com 3 redirects ads.themoneytizer.com
eb2.3lift.com
11 pagead2.googlesyndication.com www.zupimages.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
sync-eu.connectad.io
ads.pubmatic.com
9 ib.adnxs.com 3 redirects ads.themoneytizer.com
csync.smilewanted.com
acdn.adnxs.com
prebid.a-mo.net
8 x.bidswitch.net 7 redirects sync.richaudience.com
8 images.taboola.com
8 prebid.a-mo.net ads.themoneytizer.com
prebid.a-mo.net
8 c2shb.pubgw.yahoo.com ads.themoneytizer.com
7 pixel.rubiconproject.com 4 redirects
7 ww1097.smartadserver.com ced.sascdn.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.zupimages.net
googleads.g.doubleclick.net
6 trc.taboola.com cdn.taboola.com
6 match.adsrvr.org 6 redirects
6 image2.pubmatic.com 4 redirects
6 id5-sync.com 3 redirects ads.themoneytizer.com
ced.sascdn.com
6 c.tmyzer.com ads.themoneytizer.com
5 s.amazon-adsystem.com 3 redirects eb2.3lift.com
5 sync.richaudience.com 1 redirects ads.themoneytizer.com
sync.richaudience.com
5 s.cpx.to p.cpx.to
5 gum.criteo.com 2 redirects ads.themoneytizer.com
static.criteo.net
4 simage2.pubmatic.com ads.pubmatic.com
4 us-u.openx.net u.openx.net
4 sync-tm.everesttech.net 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
4 ap.lijit.com 4 redirects
4 nym1-ib.adnxs.com www.zupimages.net
cdn.adnxs.com
4 prebid.smilewanted.com ads.themoneytizer.com
4 btlr.sharethrough.com ads.themoneytizer.com
4 shb.richaudience.com ads.themoneytizer.com
4 ads.betweendigital.com ads.themoneytizer.com
ads.betweendigital.com
4 cookie-matching.mediarithmics.com 4 redirects
4 onetag-sys.com ads.themoneytizer.com
sync-eu.connectad.io
3 sync.connectad.io sync-eu.connectad.io
u.openx.net
3 image4.pubmatic.com 1 redirects
3 image8.pubmatic.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 token.rubiconproject.com 3 redirects
3 ads.pubmatic.com csync.smilewanted.com
sync-eu.connectad.io
3 px.ads.linkedin.com 2 redirects
3 sync.mathtag.com 3 redirects
3 b1sync.zemanta.com 2 redirects
3 www.gstatic.com googleads.g.doubleclick.net
3 sync.smartadserver.com 2 redirects
3 match.prod.bidr.io 3 redirects
3 mug.criteo.com
3 www.google-analytics.com www.zupimages.net
www.google-analytics.com
3 fonts.googleapis.com www.zupimages.net
googleads.g.doubleclick.net
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ad.turn.com 2 redirects
2 creativecdn.com 2 redirects
2 u.openx.net 1 redirects sync-eu.connectad.io
2 ads.creative-serving.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
sync-eu.connectad.io
2 cm.adform.net prebid.a-mo.net
sync-eu.connectad.io
2 ups.analytics.yahoo.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 cds.taboola.com cdn.taboola.com
2 ice.360yield.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.adhigh.net 1 redirects ads.betweendigital.com
2 pips.taboola.com cdn.taboola.com
2 stags.bluekai.com 2 redirects
2 eus.rubiconproject.com ads.themoneytizer.com
eus.rubiconproject.com
2 static.criteo.net ads.themoneytizer.com
static.criteo.net
2 ced-ns.sascdn.com www.zupimages.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 b1h.zemanta.com 1 redirects ads.themoneytizer.com
2 pbjs.e-planning.net 1 redirects
2 www.google.com 1 redirects tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.ca pagead2.googlesyndication.com
2 confiant-integrations.global.ssl.fastly.net ads.themoneytizer.com
confiant-integrations.global.ssl.fastly.net
2 spl.zeotap.com ads.themoneytizer.com
2 quantcast.mgr.consensu.org www.zupimages.net
quantcast.mgr.consensu.org
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com www.zupimages.net
d2zur9cc2gf1tx.cloudfront.net
1 image6.pubmatic.com ads.pubmatic.com
1 prebid-server.rubiconproject.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssbsync-global.smartadserver.com 1 redirects
1 id.rlcdn.com
1 track.adform.net sync.richaudience.com
1 cdn.connectad.io csync.smilewanted.com
1 inv-nets.admixer.net 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 assets.a-mo.net prebid.a-mo.net
1 acdn.adnxs.com ads.themoneytizer.com
1 tmk.smartadserver.com
1 protected-by.clarium.io www.zupimages.net
1 cdn.adnxs.com www.zupimages.net
1 crcdn01.adnxs-simple.com www.zupimages.net
1 secure.adnxs.com 1 redirects
1 tlx.3lift.com ads.themoneytizer.com
1 mp.4dex.io ads.themoneytizer.com
1 adx.adform.net ads.themoneytizer.com
1 bidder.criteo.com ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 prebid-us.creativecdn.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 rtb-csync.smartadserver.com 1 redirects
1 adtrack.adleadevent.com ajax.googleapis.com
1 pixel.quantserve.com
1 stats.g.doubleclick.net www.google-analytics.com
1 kvt.sddan.com ads.themoneytizer.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 apis.cmp.quantcast.com quantcast.mgr.consensu.org
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 zupimages.net 1 redirects
0 um.simpli.fi Failed
0 pippio.com Failed
0 bh.contextweb.com Failed ads.pubmatic.com
0 aa.agkn.com Failed
0 ssum.casalemedia.com Failed prebid.a-mo.net
sync-eu.connectad.io
0 csync.loopme.me Failed csync.smilewanted.com
0 ssum-sec.casalemedia.com Failed csync.smilewanted.com
0 sync.crwdcntrl.net Failed
302 128
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-22 -
2023-05-22
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
1266287590.rsc.cdn77.org
R3
2022-05-24 -
2022-08-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.cmp.quantcast.com
R3
2022-06-24 -
2022-09-22
3 months crt.sh
c.tmyzer.com
R3
2022-05-30 -
2022-08-28
3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA
2021-09-13 -
2022-09-13
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2021-09-12 -
2022-09-12
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-13 -
2023-01-13
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-05-04 -
2023-06-05
a year crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.ca
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
kvt.sddan.com
R3
2022-04-28 -
2022-07-27
3 months crt.sh
adtrack.adleadevent.com
Amazon
2022-06-13 -
2023-07-12
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-17 -
2023-01-17
a year crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.a-mo.net
R3
2022-06-18 -
2022-09-16
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-29 -
2022-08-29
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2
2022-04-10 -
2023-04-26
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-24 -
2023-02-24
a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2022-04-15 -
2023-04-15
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh

This page contains 53 frames:

Primary Page: https://www.zupimages.net/
Frame ID: 349B98D8A320C8FA82841BF401BD0E85
Requests: 124 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1656109787280
Frame ID: CFA36CDDC27AE5C088D361BBCD48C16F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Frame ID: ACC9D9704879E4C37E7B4F6700829525
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1581144506541376&output=html&adk=1812271804&adf=3025194257&lmt=1656109787&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zupimages.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656109787322&bpp=3&bdt=304&idt=209&shv=r20220622&mjsv=m202206210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2676040817377&frm=20&pv=2&ga_vid=183789403.1656109787&ga_sid=1656109788&ga_hid=2132274584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2641867921659648&tmod=282790&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: E2F2482AB4595C3F50F1C46C71841F18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDED38D44CB015ACF06E6B20981A5955
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C81306331BEBE93C4074D87F544B3BD3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9437B7FDC639AB0282546F8F24886E1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Frame ID: BC06E5D2619875B90D68B9C7AF107A06
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E7A5652FA44E2E5FDA391A2B6F24F8E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F04ED0C77B480170FE1EBDE726A3569F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: 075A17A961402F75FDE910BB29C0D310
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: 8C52626931584B731EF81F5821115C67
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: C0661909875C609DEA9F27BAB9A3C20D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: D3EE31F13EEAB1C7A842380B293F0E06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 3D000DD9D16FE3BDBDD41FF8EC0B98F2
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 2868B3D031797FF47F247A8E670A31E6
Requests: 14 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.zupimages.net%2F&e=wqT_3QKkDOgkBgAAAwDWAAUBCNv12JUGEL7p3bTs_qKERhgAKjYJ8WjjiLX49D4ROZ90AbNr8D4ZAAAAoJmZqT8hOQ0SACkRJNgxAAAAQOF6hD8wqMDiCjjDRkCmBkgCUKblwZMBWPyclwFgAGj7jKkBeLjgAoABAYoBA1VTRJIBAQbwUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjU2MTA5Nzg3KTt1ZignaScsIDU2NjQxMiwgPhwAMHInLCAzMDkzNTkyNzA2OwDwkJIC-QMhYWxqd0hnaV9scFVSRUtibHdaTUJHQUFnX0p5WEFUQUVPQUJBQUVpbUJsQ293T0lLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVJLb0FRT3dBUUM1QWEtdlNqVzItUFEtd1FHdnIwbzF0dmowUHNrQkFBQUFBQUFBOERfWkFRQUEFD3BQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEiBEM5CQjwTERBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalEyTURIZ0E5RXVnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BHGlBWDVJNmtGDQ8YQThELXhCUREOEEFBd1FVGQ0ATRkoDEFBRFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBFXEAQh27BEJrFRcEQUMdGEBMZ0dDZy4umgKZASFWQlhZbD79AWRQeWNsd0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMFM1ShFiDDhEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJay5kAfA8LtgCueED4ALWl1zqAhpodHRwczovL3d3dy56dXBpbWFnZXMubmV0L_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgCAY1NmGIAPIBIARJTxUgOBMKD0NVU1RPTV9NT0RFTAEqFADyAhoKFjIWABxMRUFGX05BTQVwCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3whgEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDkKs44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQOCAAQARgAIAAoADAAOAK4BADABADIBADSBA04MDYjTllNMjo0NjAx2gQCCAHgBAHwBIX0IIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi0BEAAyAe44ALSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=f783c27eda121ddcd7685e54634b02dd4a71500f&bdref=https%3A%2F%2Fwww.zupimages.net%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.zupimages.net%2F,https%3A%2F%2Fwww.zupimages.net%2F&
Frame ID: 46E0F2E0E3FCE4E771357B229077BE87
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 4EFFFD0A61E9F8D57F04EB008E42AF2F
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 9B4789423B29B3ACAE085DE9CFB67F23
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 280512A2E6064516BB6C431AE248D992
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE311998902B5CA49DC193394123C808
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1656109787927&gdpr=0
Frame ID: 4D387EE65F9E3C155FC86F771AF741A4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 75B939174AE43C7986F52AA22ACF2923
Requests: 2 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Frame ID: 4EA2952AAEC0194272ADC031E2A3D9CF
Requests: 6 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 165195D1FE9F826AD2A2B8C5AA17B1B2
Requests: 5 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 81F93AC6FE0A594E0451D99E349B1881
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=309500ee-31e9-53b0-a9e7-e33bcb51d9e0&CACHEBUSTER=120765
Frame ID: C06AB35331C361F8B7B401106812A45B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D9DE5513D9C80707B361BA13BB572BDB
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=de98069c61d00eef011d9d7d6e81133f
Frame ID: EFF2E1B1260DEA80788C9D47E3D8F972
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: B3F061F24FE7F04E06844F3FA382C3A4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/5339958381621273884
Frame ID: 2DC1669BB62DF7876C7953385195FA28
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
Frame ID: AFA3FFDD31CD3DF19EBFAEEE6623B5BE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L4T10ASF-1X-IPY4?gdpr=0
Frame ID: 80C847F2998F0BDB3CA7443CDA12A8E8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: DFBE9F3A43BBB52AFD5D3707E110DAFA
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zupimages.net&gdpr=0&gdpr_consent=
Frame ID: 02A40E203D8580B847942FE5CDEF76AE
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
Frame ID: 7A368EB85058028C95F69F681FF08FB2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/2b6a7239-f40d-11ec-b449-1f45e0b00103
Frame ID: BF256417148A46F962DED3CCE4ECC402
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Frame ID: 5BD86F9ECA2258B02F8022AC8F374A49
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: C9BA6F710236581DCEB5132FE4BCFD42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Frame ID: 66C58F3FFF81402A123AA28CD30B2BB8
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=1a045212-f21f-4db9-80ac-fbf41042a812
Frame ID: 76463E41DC924884B6741FDC73EAA0F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Frame ID: A85C80A99889F5F6E18A14097997B4CE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Frame ID: 958B0F38C2F109335FCA7955E2F73D66
Requests: 8 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=NJyIuKsAUVKYk387T5rb&pi=connectad&tc=1
Frame ID: 5F9B267CF6B88F6BA8EA2CCE073DF14F
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=E3dljLZHfhi6tyNGRjWvXsMN
Frame ID: CA6C2AAFF92D40E3DE4783FBC693C68E
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Frame ID: 73043B0C7638CCCD358B77135E9D0A9D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Frame ID: 6270540AC02E8A5C7F649BEA1CD182C7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/connectad/hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc
Frame ID: 7E7318A7E2DCC41195C27A86E2F480BC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
Frame ID: C7CA79815B1EBE64B9869DBB0548A60E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrY64QALSsZtpgAj&gdpr=0&gdpr_consent=
Frame ID: 45482CF95650D5C241435413A85972C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
Frame ID: 5CF1AA341A5E3FC298C0D5BE84D663C4
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFUU7FbHYAABAxSk2UIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: C803A228845F85ECB9A5D6477395E51D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/B0AA79AA-76E1-4A3E-9485-C5327152C92D
Frame ID: B2D83855A2A693DF6730C874D0A1B72E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Hébergeur d'image - Hébergement d'image et upload de photo

Page URL History Show full URLs

  1. http://zupimages.net/ HTTP 301
    https://www.zupimages.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

302
Requests

81 %
HTTPS

26 %
IPv6

76
Domains

128
Subdomains

90
IPs

9
Countries

2595 kB
Transfer

8221 kB
Size

105
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zupimages.net/ HTTP 301
    https://www.zupimages.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=3185939832957658367&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOX_nzkPdZizNYz7SdDN2eKBvdFBY03EU03Dz0Jw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/3/7/3.gif?puid=927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/5/5.gif?puid=ddc2d496-f108-4206-8ad7-35746168dba9&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDzncWVNnhn_ynDWsRCtC7I&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2798025318759613024&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A27713934984&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Request Chain 54
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zupimages.net%2F&domain=www.zupimages.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HmDBKHxabkdUdEtiUnF6MzZMZGJObmJUaFhxcmtyUDEvblovN1E4aWpmdHU2RU82VkU1TDhFWDFXSkh1andZSkc4c3Y1Z0N6NFNMdDZJYXcxZFg5VkdnZGpzUng5dTAzYmZjOHh0ellia0o3QmJWNGtBQTJpdEpneDRUZEpOWUI1bGc0NUtQQVF4RkpaOTlHVHlMVFlTV1VuS0tUVFRrVDJqdmpPWlVUc1lBR1Z6bjJTOFpuTDhaalgxckRlOUcxaDMwTWpIQmxlazd0UUprNmgwWXd3Um5iQ1NBQlVsYUYwbEt1REx2QnVVQmR6MFBVPXw&cppv=2
Request Chain 73
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*wrfPKhgwmNkAOQil2pttQVmziI3Ug7xoeQn24Zq24YkXkJsfp_mDxw5csGxdVGJK&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOgM8avJjGisBCZO8kwUwK6Ex8Pg3h9nSEAklj7A&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=5339958381621273884&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDzncWVNnhn_ynDWsRCtC7I&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2798025318759613024&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A27713934984&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADFUU7FbHYAABAxSk2UIQ
Request Chain 102
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.zupimages.net/ROS?rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fwww.zupimages.net%2F&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.zupimages.net%2F&gdpr=0&e_criteoId=f5jL4l92JTJCUjFJSEFZZk5BUlN5QiUyRkY4TE9halJ5UE4wdGRzQkthOFJhMXIyVzRHSFREcWtuT0hhYldmVUIyc25SeGxQUnh3OGY0VEswQWpUandEcERpN3RoZkElM0QlM0Q&e_id5id=%257B%2522uid%2522%253A%2522ID5*ibWdmSbUNQpTflwpjmfdDOg4vvHaH6Kcd0mTv9PwMQQXkC1Lgw1eAIAVlO9VDNba%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=38474c2f-79c4-4eec-94a3-7f8cbbb721e3 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.zupimages.net/ROS?ct=1&r=pbjs&rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fwww.zupimages.net%2F&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.zupimages.net%2F&gdpr=0&e_criteoId=f5jL4l92JTJCUjFJSEFZZk5BUlN5QiUyRkY4TE9halJ5UE4wdGRzQkthOFJhMXIyVzRHSFREcWtuT0hhYldmVUIyc25SeGxQUnh3OGY0VEswQWpUandEcERpN3RoZkElM0QlM0Q&e_id5id=%257B%2522uid%2522%253A%2522ID5*ibWdmSbUNQpTflwpjmfdDOg4vvHaH6Kcd0mTv9PwMQQXkC1Lgw1eAIAVlO9VDNba%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=38474c2f-79c4-4eec-94a3-7f8cbbb721e3
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9&google_gid=CAESEFBdshPoB_yWeUesq6_xx1s&google_cver=1
Request Chain 117
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.zupimages.net%252F%26hn_ver%3D40%26fid%3Decaf1293-a818-418b-a419-98c98c153da9%26dsp%3Dpub_common%26dsp_uid%3Db3aa3816-a657-4eb8-8a7a-e55ad350851f HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=2798025318759613024&pid=12773&ref=&url=https%3A%2F%2Fwww.zupimages.net%2F&hn_ver=40&fid=ecaf1293-a818-418b-a419-98c98c153da9&dsp=pub_common&dsp_uid=b3aa3816-a657-4eb8-8a7a-e55ad350851f
Request Chain 118
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Decaf1293-a818-418b-a419-98c98c153da9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Decaf1293-a818-418b-a419-98c98c153da9 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&fid=ecaf1293-a818-418b-a419-98c98c153da9
Request Chain 119
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Decaf1293-a818-418b-a419-98c98c153da9&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ecaf1293-a818-418b-a419-98c98c153da9&gdpr=0&cklb=1
Request Chain 120
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dsp=TTD
Request Chain 137
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 197
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 204
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=aQgegR-9GmyIYygZSdye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Request Chain 210
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D1a045212-f21f-4db9-80ac-fbf41042a812&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=927d62b6-3adc-4900-b1ae-1b13c2591c10&expires=30&ssp=between&bsw_param=1a045212-f21f-4db9-80ac-fbf41042a812&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1a045212-f21f-4db9-80ac-fbf41042a812
Request Chain 211
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1
Request Chain 213
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=E3dljLZHfhi6tyNGRjWvXsMN
Request Chain 218
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=de98069c61d00eef011d9d7d6e81133f
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dongle=0cfd
Request Chain 220
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEN6Y4xgMJSGFJ3eGJE0uVnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 222
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D
Request Chain 223
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4478434973641580528205&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4478434973641580528205&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1&_expected_cookie=d064761f7e4382775087e20e2cd7c3ff
Request Chain 224
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4478434973641580528205?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.IP3xvpE2oRDdx4T5z09xGlLiIiu6QMcKdQwPkRWxg--~A&dongle=0883
Request Chain 225
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4478434973641580528205&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D322267bc-f5e6-348a-cae2-4d35a902d706%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ba371a18aef94069b1915b8565caf842&ssp=triplelift&bsw_param=322267bc-f5e6-348a-cae2-4d35a902d706&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1a045212-f21f-4db9-80ac-fbf41042a812&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 226
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4478434973641580528205 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4478434973641580528205&dcc=t
Request Chain 227
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=aQgegR-9GmyIYygZSdye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFIWOZLHKIWTSR3NPFEVS6LHLJJWI6LF&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFIWOZLHKIWTSR3NPFEVS6LHLJJWI6LF HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aQgegR-9GmyIYygZSdye
Request Chain 228
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AADFUU7FbHYAABAxSk2UIQ&dongle=bzwx
Request Chain 231
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/5339958381621273884
Request Chain 232
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
Request Chain 234
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L4T10ASF-1X-IPY4?gdpr=0
Request Chain 239
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D&_test=YrY64QALSsZtpgAj HTTP 302
  • https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj HTTP 301
  • https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj
Request Chain 240
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2798025318759613024
Request Chain 242
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
Request Chain 244
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=2b6a72a0-f40d-11ec-b449-1f45e0b00103 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/2b6a7239-f40d-11ec-b449-1f45e0b00103
Request Chain 246
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zupimages.net&sn=ChromeSyncframe&so=3&topUrl=www.zupimages.net&bundle=VwYQFF96VEtsanROVGlXYURmdW90TWh3dFZIYTg4SUFRYUd4S3dHRHMxTU51QyUyRnN1WU04aHhKQjJxJTJGTXVSQml0czRYdCUyRmJOdFlybk9rRmR1djlUUkkzQ1FqaHlvNDZIWDl3RGNmMjk3ZERYbnZKNGU3N2xxbjAlMkJ2VGNMaXZPb0RZaVZY&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7OmwjHxaaTJoVlRyMjhyTDlTQUxnM3dpTzFxNmp1bmQyTXFqQjhZYTMvc0k0aExTbitMRSt4R041dVFLRTBPWnF3V2VEV3BMTStCTUliSm5NcmhVWjRwaG9pYUN5eU9ldGJaMU1SRkVkbnJYZkN1dW5DZ0svMHhSblc5Vjk3L1U3ZGE5N1k2MzIxRFZkSEFHNFI2ZkUyeUpXSkZCajVIZUsxNlFTckpXRTArRklHQ1dlR1QwKzdmcUcwOFphTFVSRGtUcnVYaFRLZkVEQTBwakFzcDVicHlaS3NzaUhUL3k5bkp3NnJRRXlvdGVtcGNHc0xZeVZGOUlIZ1dXRFJVV0FqTnM2bFhZeVBPUTg0ZGdMaVpqbDlhbWJtRHRPRVZQcjA1QytsV2JIUnpPR3EzYz18&cppv=2
Request Chain 247
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U7c-XMMkN4YJCuPFpBHDHcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5515320833668442085
Request Chain 248
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b74ec138-a50e-4d90-bfcd-2cfbc928158b&gdpr=0&gdpr_consent=&expires=30
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELJJ_ugxtDyqqwXCfPFlzbQ&google_cver=1
Request Chain 250
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4T10ASF-1X-IPY4&gdpr=0
Request Chain 251
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRUMTBBU0YtMVgtSVBZNA==&gdpr=0
Request Chain 252
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IFk2oSWfRyqw83BMoWl52A&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IFk2oSWfRyqw83BMoWl52A&gdpr=0
Request Chain 253
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s5svjJPuQhe0v-6hct7zMw&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s5svjJPuQhe0v-6hct7zMw&gdpr=0
Request Chain 255
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a58b4f94-7a95-411b-b149-5fd879049f05 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gWgwycpE2uFwY3vkkF9MxHI8jEYgZWIJdN.6Va4-~A&gdpr=0&gdpr_consent=
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L4T10ASF-1X-IPY4&gdpr=0
Request Chain 258
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=smartadserver&uid=5339958381621273884
Request Chain 259
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Da58b4f94-7a95-411b-b149-5fd879049f05%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBQTc5QUEtNzZFMS00QTNFLTk0ODUtQzUzMjcxNTJDOTJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dpubmatic%26uid%3DB0AA79AA-76E1-4A3E-9485-C5327152C92D HTTP 302
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=pubmatic&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
Request Chain 260
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1
Request Chain 261
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=sovrn&uid=E3dljLZHfhi6tyNGRjWvXsMN
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=appnexus&uid=2798025318759613024
Request Chain 271
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc&gdpr=0 HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=rtaplus&bsw_custom_parameter=1a045212-f21f-4db9-80ac-fbf41042a812 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=rtaplus&bsw_custom_parameter=1a045212-f21f-4db9-80ac-fbf41042a812 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5e5aac34-92f4-4737-bc48-45f4a9d9322e&ssp=rtaplus&expires=30&user_group=5&bsw_param=1a045212-f21f-4db9-80ac-fbf41042a812 HTTP 302
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=1a045212-f21f-4db9-80ac-fbf41042a812
Request Chain 273
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Request Chain 274
  • https://creativecdn.com/cm-notify?pi=connectad HTTP 302
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1 HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=NJyIuKsAUVKYk387T5rb&pi=connectad&tc=1
Request Chain 275
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID HTTP 307
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=E3dljLZHfhi6tyNGRjWvXsMN
Request Chain 276
  • https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Request Chain 280
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrY64QALSsZtpgAj
Request Chain 283
  • https://match.adsrvr.org/track/cmf/openx?oxid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttd_puid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0&gdpr_consent=
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIowZWJRYkk5CWe64imorio&google_cver=1
Request Chain 286
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1a045212-f21f-4db9-80ac-fbf41042a812&ssp=between&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10821094373694048936&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ddc2d496-f108-4206-8ad7-35746168dba9&ssp=between&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10821094373694048936&ssp=between&gdpr=&gdpr_consent=
Request Chain 287
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
Request Chain 288
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrY64QALSsZtpgAj&gdpr=0&gdpr_consent=
Request Chain 289
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
Request Chain 290
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERlVVN0ZiSFlBQUJBeFNrMlVJUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFUU7FbHYAABAxSk2UIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKp5qnbhSj6UhcUycVLJLQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 293
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c626369d36c55fd3ac0c233acfe1e30773077bbe77f02ca26fc0be07ac9cfd11791426b5417dce21&_=2
Request Chain 294
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=927d62b6-3adc-4900-b1ae-1b13c2591c10
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBQTc5QUEtNzZFMS00QTNFLTk0ODUtQzUzMjcxNTJDOTJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1
Request Chain 298
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b74ec138-a50e-4d90-bfcd-2cfbc928158b
Request Chain 301
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KDkdiGpE2uW2pB5yTpJu7kz3QgayTlw-~A&gdpr=0&gdpr_consent=

302 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.zupimages.net/
Redirect Chain
  • http://zupimages.net/
  • https://www.zupimages.net/
16 KB
6 KB
Document
General
Full URL
https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512adadf0b067094c0abe674c78c1f9637e6d1ab45d35b119135db6d49cafd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7208e776b9847150-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZARU1fKN9DLnYOzr4z9aheA9f%2FcrqC77c9NmtOxPF%2FfbC4s1pcBsB%2BmI2M5gJGNZWB47JMy%2BkOq78%2BMeciJy935EgX8mbRb10IZ508Be%2BdbmtxpXtNwTl7yF%2FtzreFRzGCUHQPvIv1Bc%2BB4E93xF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7208e7765a7dece2-YUL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 24 Jun 2022 22:29:46 GMT
Expires
Fri, 24 Jun 2022 23:29:46 GMT
Location
https://www.zupimages.net/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5Lblp7j8e3pVt3fRXb05ID17BQKc5K3qPDKQuLAoxbiLvOrrnLIpO4Da5x9slRtaLzw7Jm49cFog9zwnRwVvNeyr9t2LnSTHk1flJWXMLs95TlvnCefbsejunrXe9vPZNb6vbIAk6pvlBpn"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
2 KB
1011 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 21:13:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Jun 2022 22:29:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Jun 2022 22:29:47 GMT
normalize.min.css
www.zupimages.net/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.zupimages.net/css/normalize.min.css
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371985
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:27 GMT
server
cloudflare
etag
W/"5289102f-742"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7t%2FCk0qQtr6aw4ETalVwYhHIzDqVdZcJzeSGc1BoeVCrl37FPkgfJn3gopmsucEnjhdkkPGIouGAWgCu47BWqHUHcVxksuBElQczhDvqsTxHJOPArVH366KO3VKGI5ACX%2FX9DKmnwyeI51Yt%2B%2FaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
7208e778ec5c7150-YUL
expires
Wed, 20 Jul 2022 15:10:02 GMT
style.min.css
www.zupimages.net/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.zupimages.net/css/style.min.css
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55e898b0b8daf1940d47028ca18c094f13ae0175ef361df9edf260fe16c37d7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1333681
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 20 Nov 2013 15:23:38 GMT
server
cloudflare
etag
W/"528cd3fa-18c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QOYzUaEKKcNN3K17%2BarG5lWEBKuzoXi2gREJd6ThcQnOzRszwhD%2BONiOOpSlVWbH4OxEscfmAhkcjEpttE%2FWexL8ATQoKH4ZnOAp96RfX%2BKiN%2F3xmNeJTB8wbz3RCEBv4Vvgw4G1vPF64Lkjyot1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
7208e778ec5d7150-YUL
expires
Sat, 09 Jul 2022 12:01:46 GMT
plus.png
www.zupimages.net/images/
369 B
974 B
Image
General
Full URL
https://www.zupimages.net/images/plus.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab20ac6ee276f1f2bfbcea1215c83360d284d3e3f39f4724da18a6daf76416e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6639320
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
369
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-171"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhkQgp8zT%2B5gWCP%2B9VJnLNTHt8gDfWJvWszbXYQDK9ZD238Vsy2cOW%2BP0ZRUZOzkH7PtQ0h4Xue8vAVYi2SRV%2BXzkzed0OuzsTjWLX0M6COM6lb5GosKrErs0BL8KXqIQ04kSDWTyUhQwDv54PLqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791ee8713c-YUL
expires
Fri, 08 Jul 2022 02:14:27 GMT
loading.gif
www.zupimages.net/images/
6 KB
6 KB
Image
General
Full URL
https://www.zupimages.net/images/loading.gif
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90814a9491f08fac560e76e26508b60e6920a5e61ba9b435d3d4b3b8dcba7d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1375786
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5907
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-1713"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEYrByDrSe%2FnhqFs2Hz97dN%2Bn1IEHOIu7k3%2FYPntEG1hnZD8ZDZUK6dg7UmO2AjEE1xmNVLYBVPwR1RxntngYHadrUV9gRk9VIU7PFaJvYK2aEu8Tf8eojBPKKCNTI6UNdkEpe0r6d2aO3%2BdBCRz5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791eea713c-YUL
expires
Wed, 07 Sep 2022 00:20:01 GMT
arrow.png
www.zupimages.net/images/
328 B
931 B
Image
General
Full URL
https://www.zupimages.net/images/arrow.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0bd439de4416ea0c6aa82eb5622e9061eaa9694a319747808dfe4ea2d151cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
328
x-xss-protection
1; mode=block
last-modified
Tue, 13 Mar 2018 20:20:59 GMT
server
cloudflare
etag
"5aa832ab-148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcXZ1BUNvYtSrLXmu%2B81gHQ1rPVWfcRI1e%2F0PF%2Fiiwh8Sr0Rp6SZbGtk8PM1gohZKcLtRmzVn6QUNK2Gfw0md2ZwWb1s%2FRfo95zoQL1HoRJkeS6h9jlWg2Sa526HN%2Fzh6oSUsugKjBy6dbtiJouS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791eec713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
camera.png
www.zupimages.net/images/
2 KB
2 KB
Image
General
Full URL
https://www.zupimages.net/images/camera.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee3294d4b5ca24380c162583a68f6fcddef49716fdda31bc90ca4cc950a4fb5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975604
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1723
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-6bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DZSe%2BtQmD2Wq2K7usrwAS66XuB6CvpUjuXEuzDDkNhhr3s5xeUXG6ROrY63ArWvrV9aoRThcDQ1hJWdreVn9anZxiDxMhhsm40JVM1QHcQIeEt%2BAZsUQLDHZjGut%2FD7OiJYi%2BR%2FD7xeLcDylgu1mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791eee713c-YUL
expires
Fri, 19 Aug 2022 11:56:23 GMT
lock.png
www.zupimages.net/images/
687 B
1 KB
Image
General
Full URL
https://www.zupimages.net/images/lock.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2064a9bf596e317cb309441cb39ac15a8196bd6b55c679e5c68817a2c22e6846
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
687
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-2af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdRpVcVXtrT39XDLll2RoA6ytu6BpQUwvfuNUB7%2B9xRhmtuA6nwRQYvF6E%2FqXz%2FVruWCeAUaiV73xelQOwSOwDNvImU1epHUR28J%2BedMbLYHdCssEy0nqH3wyONU8XSfjQdrGXEnMssvKpIdh2a0hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791eef713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
check.png
www.zupimages.net/images/
1 KB
2 KB
Image
General
Full URL
https://www.zupimages.net/images/check.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50add6c21b4f6948aafffcb35e64cc01300860e9691ab117790f6a51c50db720
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1110
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-456"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxDUIoJrNNdBqxS2Y5ZC5jwQwZF2ELyu7gJ5ts2q785lVLk7ytltyHJqkxscQkwqUz11SGKqDtuQ3daT7HQ1KUAbv%2BCRlNIKwjC01JQiHgp13e%2FsblLlAAXcv6esEop2%2BjkxAQPXwS%2Bu%2Bv86QucRyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7791ef0713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
rocket-loader.min.js
www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrBJ6qq6UBKgTMryxLjCzfECRQ3BAdzVNnWAnCN%2FXOlL1UVlqaxh%2BhPjvjtpSpodUwR0kiIPiSsWQgnLGlz4cI3qPnq%2BU%2FL%2BUQN%2FD4e4Jqeo1tZiuU3alnbptNDWcCjj2Rn3eFeKXIXGwZ%2BQmo7P1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7208e7791ef1713c-YUL
vary
Accept-Encoding
expires
Sun, 26 Jun 2022 22:29:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1581144506541376
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21f090de2ce4483842ec7b9a44e3858a614af4139b0d6e5d2391e57a5941a645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Origin
https://www.zupimages.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56580
x-xss-protection
0
server
cafe
etag
1565213550427950134
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Jun 2022 22:29:47 GMT
requestform.js
ads.themoneytizer.com/s/
107 KB
14 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=6
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c0ba9b8e6a9bdfe5da98879966af1f52e68a3e54a917082d092d841928de74cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ8SWp3/gQIBAA
x-accel-expires
@1656130010
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
v6TuOk0mKg4
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
66177
x-77-pop
newyorkUSNY
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ9NXD7/WQMBAA
x-accel-expires
@1656129794
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
Hb/5FB7i5O8
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
66393
x-77-pop
newyorkUSNY
requestform.js
ads.themoneytizer.com/s/
113 KB
15 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=28
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
54123bdc7abf20ca23f6f980c96255124a63d90dfd86444058fd96f27e997938

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ/p99//gQIBAA
x-accel-expires
@1656130010
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
HrUkqc6lkv0
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
66177
x-77-pop
newyorkUSNY
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ+1A77/XQMBAA
x-accel-expires
@1656129790
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
orhw5SMiBi4
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
66397
x-77-pop
newyorkUSNY
requestform.js
ads.themoneytizer.com/s/
113 KB
15 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5191996e88bb4f451ca68b058e7a83057c03399885a762177d22717b327dfb87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ/6X93/gQIBAA
x-accel-expires
@1656130010
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
qZcIWT0zzu0
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
66177
x-77-pop
newyorkUSNY
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ9s05D/XQMBAA
x-accel-expires
@1656129790
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
/AQeghZSN8Y
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
66397
x-77-pop
newyorkUSNY
script.min.js
www.zupimages.net/js/
3 KB
2 KB
Script
General
Full URL
https://www.zupimages.net/js/script.min.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca3cb0bf66c47aa380608c5433c83ffee5f9dbebe8d4241d3bc9f8b1278838a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374703
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Mar 2021 22:27:28 GMT
server
cloudflare
etag
W/"6063a5d0-a8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g79UvlVq1TsjtTUYtQGloH57IgqRndjFD%2BWUDSJXhYTWkrI5IcSTKdXsDtUAeAlT8CHiq7RKqk4DI4gCEkrMnWyucHGPsWMACfBWcwIv17GKGjb9iXS%2FFCKybUawaXebgiU3ZD0T4um6%2BagCkK63w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7208e7794f19713c-YUL
expires
Wed, 20 Jul 2022 14:24:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 01:04:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 01:04:45 GMT
background.jpg
www.zupimages.net/images/
73 KB
74 KB
Image
General
Full URL
https://www.zupimages.net/images/background.jpg
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12faeacfa3a0a048ac31777f9d7f8c415582ebfc3ab4f774de87c8e9217d672
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75185
x-xss-protection
1; mode=block
last-modified
Wed, 20 Nov 2013 15:29:35 GMT
server
cloudflare
etag
"528cd55f-125b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2B5MXOSWm8RCobifiNFIGmnQsleeY%2Bh3wAoXSMUePNHGUhADU70r7UVbTPL%2BAJ%2B8JCMVgl6GOwtm4yWWO%2FKWFni7aEiMWpcgQJoN2SJSGqJPODhyA%2FxEdYPOuZUDh4RFDM%2FXZ2iKoTtuCDG7Fn3LHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f4e713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
logo.png
www.zupimages.net/images/
51 KB
52 KB
Image
General
Full URL
https://www.zupimages.net/images/logo.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81706b1582c94df5c7db76d7a08ac02e464b09ace060035b57a8e2b2bd0efe1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1375785
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52651
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:32 GMT
server
cloudflare
etag
"52891034-cdab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft7VYEBnDABDNWhoMgsXQva7U25k5XVRGiMo0%2F3UWmRyki6WhzeWn%2BpiYX%2BU0n98XAUQ1DupotJ6J1qRKZATGFzIM7kkl250FL30P4FeEcgosxIFFH4eSf9%2Ff5nTygQaNLlb%2FQvITmE4aGQ0K7bFFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f50713c-YUL
expires
Wed, 07 Sep 2022 00:20:02 GMT
goto_form_opacity.png
www.zupimages.net/images/
622 B
1 KB
Image
General
Full URL
https://www.zupimages.net/images/goto_form_opacity.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e97d7ee8067446c23db1c99619b20755ea1d17c64971b5f16426aa41111e19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-26e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XKrzrRmmmXt9BtxsemfN4abg5hsupn%2BjLbdwnpe%2FZk9NwhehbHpdCR%2Bc%2BQQ32fB9NQF40DDqNIeZ4aAyjO1l4jcbl55gUH4e10aVzWUyV%2BKW289PI2UeWD%2FELctIM%2BS8T8tEngWoLoA%2FYz9IcUxyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f51713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
goto_form.png
www.zupimages.net/images/
16 KB
16 KB
Image
General
Full URL
https://www.zupimages.net/images/goto_form.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b35b5c9587da3f6f397d6ae1b8c58054be54948acf999f0e3458ede22ff7e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15883
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:29 GMT
server
cloudflare
etag
"52891031-3e0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyNzozlFF9YaRZe3SL9xOPdZ0kZPryytOOmewbX34zzWiqr3G5xYx6CwsLwUSmiZKshw8NCZ1833C7jo5ilqxJZceaI5GM6guoISSQ2WHOEoXIwFwRl%2FomRo1%2FWXytK%2FVsFT%2BDlqOvdCYkdpoxnz%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f54713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
counter_opacity.png
www.zupimages.net/images/
498 B
1 KB
Image
General
Full URL
https://www.zupimages.net/images/counter_opacity.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3d312d38ed11b4eb51b27441c5d211edfa1dfd6ebeda861bca1420b7e4198b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
498
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:28 GMT
server
cloudflare
etag
"52891030-1f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLyIRXmbYRlvbCh5Qv7x3Ld6A24XznrWTE7CpftWr%2BiiaWAZbfnityeS4GupxnBXggNzWxJ7kEmPiS3IwqWZbB1L7eXEq8pw%2FKAiUW9zok30DSu3Ec0QybT4DdAXe%2BM0CHcpoPlf5A8ZTm9eQXNOyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f56713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
browse.png
www.zupimages.net/images/
4 KB
5 KB
Image
General
Full URL
https://www.zupimages.net/images/browse.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af35fcabf994e4505580c738fde38b59278d44aa5738aa9a726b41fec90073f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4007
x-xss-protection
1; mode=block
last-modified
Tue, 13 Mar 2018 20:38:47 GMT
server
cloudflare
etag
"5aa836d7-fa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdwwkX77XNG1G0tVbQkzQZgiQxSyP%2FWEfSIxKe1yJHWHIjudZyWJv2eGrKiObJIS6Tz1YmIhA6k6S6ukr1I6qPKWA5MMezAuNvnzYObsClQXeFlqc8hn3W2eX0CKK1pusZ2AY0%2B5h0nXWqcL%2B8vFBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f57713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
validate.png
www.zupimages.net/images/
10 KB
10 KB
Image
General
Full URL
https://www.zupimages.net/images/validate.png
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce5fc696c84c677f9c906e3c298446ae54d4ed5d3de7c1ae6eb3c43d916e9ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/css/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9806
x-xss-protection
1; mode=block
last-modified
Sun, 17 Nov 2013 18:51:29 GMT
server
cloudflare
etag
"52891031-264e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvkb2%2F%2BVjwBpIlOVfBXPVGs0gwIKGn3TjHef6EP%2F2h88oLS1p9CEoHAfzChvuBLRKhWRA4pc3Yy2vIYleWKMwAf8osZBpoIkjujsBA%2BBAGLE%2FqFIeDz%2BY%2BBEEcu9mN%2BL8D6baC0yK2Ob5Qytq%2FzvsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
cf-ray
7208e7797f58713c-YUL
expires
Fri, 19 Aug 2022 11:56:24 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/
44 KB
45 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zupimages.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:20:50 GMT
x-content-type-options
nosniff
age
302937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 10:20:50 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zupimages.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:44:20 GMT
x-content-type-options
nosniff
age
308727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 08:44:20 GMT
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 14:18:10 GMT
server
AmazonS3
age
18
etag
W/"a7fa5501113779849b63118ade529910"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
69NZ8RHGlwTlWOE5TAZuTkVxqgqgxcGAJNGW0SlTMrjtFx3YXXgCew==
moneybile.js
ads.themoneytizer.com/
38 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ/j+hL/XQMBAA
pragma
public
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
KY9K8v29Wok
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
66397
x-77-pop
newyorkUSNY
x-accel-expires
@1657080190
/
c.tmyzer.com/c/
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:00 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9FA_36264064:01BB_62B63ADB_ADB2E41:2999A
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/
93 KB
31 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.33.44.85 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-44-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
31943
Expires
Fri, 24 Jun 2022 22:44:47 GMT
sync
gum.criteo.com/
49 B
373 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2363
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/
0
183 B
Script
General
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7208e77ac872713c-YUL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
libJsLP.js
tag.leadplace.fr/
5 KB
6 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:47 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
953899B8:E532_91EFC0A6:01BB_62B63ADB_99B8C2F:4505
ETag
"6167dbf8-15ab"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame CFA3
2 KB
815 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1656109787280
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 01 Jul 2022 22:29:47 GMT
px.js
p.cpx.to/p/12773/
2 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.72.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-72-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:46 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.66.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-191.ewr53.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 13:17:27 GMT
Via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
33143
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
ab97t0J4L1_5nDx9mtrheYZJlC0_Hbaxze2miE912arpSdMiCauLtQ==
prebid.js
ads.themoneytizer.com/moneybid7_1/build/dist/
629 KB
159 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ9f7WP/XQMBAA
pragma
public
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
etag
W/"62a8971d-9d355"
last-modified
Tue, 14 Jun 2022 14:11:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
xiXt5/mgFfs
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
66397
x-77-pop
newyorkUSNY
x-accel-expires
@1657080190
cmp2.js
quantcast.mgr.consensu.org/tcfv2/
177 KB
43 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41946b764af8ba045a081358aeeed48fdc42aa8240969a23732a4e41efcc917

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:00 GMT
content-encoding
br
age
52
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 19:56:20 GMT
server
AmazonS3
etag
W/"3d8feb48608ba54f1d22be65b4f802be"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
ghsFFVMaxHwnpjkZCdddkI8WoBDOFi4bQWMUpRDfbY2YhqR0RVgL1g==
/
c.tmyzer.com/c/
0
270 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:47 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9F4_36264064:01BB_62B63ADB_AD8978A:7A0C
X-IPLB-Instance
38436
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/
0
270 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:47 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9FE_36264064:01BB_62B63ADB_AD8C7D1:D9DD
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/
663 B
604 B
Script
General
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5906e88fb1c8b087fca2c1b1f751e831c19165952ea0e2b2ee066505ff1f41f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AVm7sQ/zkt3/WAMBAA
pragma
public
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
etag
W/"62a87d42-297"
last-modified
Tue, 14 Jun 2022 12:21:22 GMT
server
CDN77-Turbo
x-77-nzt-ray
J7unIF0btlY
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
66392
x-77-pop
newyorkUSNY
x-accel-expires
@1657080195
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5600
date
Fri, 24 Jun 2022 20:56:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 24 Jun 2022 22:56:27 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/
339 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1581144506541376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8facf7ae16122632df54d9ab2727fe669adf5c2a7142364cf428eb80b0620fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122375
x-xss-protection
0
server
cafe
etag
9094431645763915721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Jun 2022 22:29:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/ Frame ACC9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1581144506541376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
7600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 20:23:07 GMT
etag
10429905676100781186
expires
Fri, 08 Jul 2022 20:23:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=3185939832957658367&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOX_nzkPdZizNYz7SdDN2eKBvdFBY03EU03Dz0Jw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
  • https://id5-sync.com/c/12/3/7/3.gif?puid=927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdp...
  • https://id5-sync.com/c/12/108/5/5.gif?puid=ddc2d496-f108-4206-8ad7-35746168dba9&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr_consent=&gdpr=0&action=GET_ID&opid...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2798025318759613024&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A27713934984&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
0
0

linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 24 Jun 2022 23:18:12 GMT
geoip
apis.cmp.quantcast.com/
49 B
153 B
XHR
General
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.248.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-248-125.compute-1.amazonaws.com
Software
/
Resource Hash
2d4b586c986d6fd93586557470ca8c664dc385397e6f43fb6e0d44497ecd80b7

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 22:29:47 GMT
content-length
49
content-type
application/json; charset=utf-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 00:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 00:05:58 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 21:55:15 GMT
content-encoding
gzip
age
2073
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
TM5gZl5nBhUjOqq2F7FZoKo9Shblwqf0GTdaDLSdqe8k7W3FK9IVhQ==
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zupimages.net%2F&domain=www.zupimages.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 24 Jun 2022 22:29:47 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1148
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
config.js
confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/
59 KB
15 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f235d195451b13294c9fdb41898a4d518c5a4f59310a00e2eaf688703c6dfb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:47 GMT
Content-Encoding
gzip
Age
2156
X-Cache
HIT
Connection
keep-alive
Content-Length
14568
x-amz-id-2
ccJZa5lOpxSrp55XvmCBJtXcPczzomaikg6pfY/chqpF+Ggcp5M6cDMHTdKWrUkmulZvBsY8PbU=
X-Served-By
cache-yul12827-YUL
Last-Modified
Fri, 24 Jun 2022 21:09:36 GMT
Server
AmazonS3
X-Timer
S1656109788.524962,VS0,VE0
ETag
"8d6212f4530a83571bd1f0a8ff5c02bb"
x-amz-request-id
Y57D2R2V8YHC3624
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
114
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zupimages.net%2F&domain=www.zupimages.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HmDBKHxabkdUdEtiUnF6MzZMZGJObmJUaFhxcmtyUDEvblovN1E4aWpmdHU2RU82VkU1TDhFWDFXSkh1andZSkc4c3Y1Z0N6NFNMdDZJYXcxZFg5VkdnZGpzUng5dTAzYmZjOHh0ellia0o3QmJWNGtBQTJpdEpneDRUZE...
347 B
618 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=HmDBKHxabkdUdEtiUnF6MzZMZGJObmJUaFhxcmtyUDEvblovN1E4aWpmdHU2RU82VkU1TDhFWDFXSkh1andZSkc4c3Y1Z0N6NFNMdDZJYXcxZFg5VkdnZGpzUng5dTAzYmZjOHh0ellia0o3QmJWNGtBQTJpdEpneDRUZEpOWUI1bGc0NUtQQVF4RkpaOTlHVHlMVFlTV1VuS0tUVFRrVDJqdmpPWlVUc1lBR1Z6bjJTOFpuTDhaalgxckRlOUcxaDMwTWpIQmxlazd0UUprNmgwWXd3Um5iQ1NBQlVsYUYwbEt1REx2QnVVQmR6MFBVPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
15a3ef2e03a12e2d33b83daebf12cc066f4bb819fcd52a14f1aaae663540431f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3086
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:47 GMT
location
https://mug.criteo.com/sid?cpp=HmDBKHxabkdUdEtiUnF6MzZMZGJObmJUaFhxcmtyUDEvblovN1E4aWpmdHU2RU82VkU1TDhFWDFXSkh1andZSkc4c3Y1Z0N6NFNMdDZJYXcxZFg5VkdnZGpzUng5dTAzYmZjOHh0ellia0o3QmJWNGtBQTJpdEpneDRUZEpOWUI1bGc0NUtQQVF4RkpaOTlHVHlMVFlTV1VuS0tUVFRrVDJqdmpPWlVUc1lBR1Z6bjJTOFpuTDhaalgxckRlOUcxaDMwTWpIQmxlazd0UUprNmgwWXd3Um5iQ1NBQlVsYUYwbEt1REx2QnVVQmR6MFBVPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1820
content-length
482
expires
0
12.json
id5-sync.com/g/v2/
453 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
1b4cede075182023770da5277bdc3605cb3beb3286c89f6074d24b1dd770fca0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
102.json
id5-sync.com/g/v2/
453 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
c65eee8d25c4e24bd064c181cbc6de011da18b51ef54ad08e33757ef44181e6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
cookie.js
partner.googleadservices.com/gampad/
393 B
700 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.zupimages.net&callback=_gfp_s_&client=ca-pub-1581144506541376&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
62180a6cc1135d7bb568c121566a6a21ec9e041aa5f102cf239fb9a98073a396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.zupimages.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zupimages.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E2F2
229 KB
61 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1581144506541376&output=html&adk=1812271804&adf=3025194257&lmt=1656109787&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zupimages.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656109787322&bpp=3&bdt=304&idt=209&shv=r20220622&mjsv=m202206210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2676040817377&frm=20&pv=2&ga_vid=183789403.1656109787&ga_sid=1656109788&ga_hid=2132274584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2641867921659648&tmod=282790&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9241fb453df5bcc7a5896039ce3abd7280bbb94a961a581433a990bd7a789d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
62437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 22:29:48 GMT
expires
Fri, 24 Jun 2022 22:29:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220622&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
446dccf495439073ea1a877a7d27729a40991f0fb6f25900876b75725d9b67f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10677
x-xss-protection
0
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
1 KB
1 KB
XHR
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.zupimages.net%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
aaf0a3935aa4ffd5280aea30aeb34f7cd779bf6abd48278609d06338031f4790
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Jun 2022 22:29:47 GMT
Content-Encoding
gzip
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
private, max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
collect
stats.g.doubleclick.net/j/
1 B
441 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-47954219-1&cid=183789403.1656109787&jid=1914117950&gjid=1377774092&_gid=963792114.1656109787&_u=KGBAgEAjAAAAAE~&z=832495651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 24 Jun 2022 22:29:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2132274584&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zupimages.net%2F&ul=en-us&de=UTF-8&dt=H%C3%A9bergeur%20d%27image%20-%20H%C3%A9bergement%20d%27image%20et%20upload%20de%20photo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAj~&jid=1914117950&gjid=1377774092&cid=183789403.1656109787&tid=UA-47954219-1&_gid=963792114.1656109787&z=1164049848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 18:11:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15475
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=1034238818;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.zupimages.net%2F;uht=2;fpan=1;fpa=P0-1846196188-1656109787576;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1034238818;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.zupimages.net%2F;uht=2;fpan=1;fpa=P0-1846196188-1656109787576;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=zupimages.net;je=0;sr=1600x1200x24;dst=0;et=1656109787576;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202206201825/
204 KB
66 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202206201825/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ea4e6420a06884ea2613cad4c76e860fd3bc2880a226d838d854c7d5bbbe80c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:47 GMT
Content-Encoding
gzip
Age
879
X-Cache
HIT
Connection
keep-alive
Content-Length
66657
x-amz-id-2
rJeCtg8UromsYt1ZDDEvWDgbr3G0yK7DSEzuTnEaVgBlzlmAfLaXzHa+rw+68Pq5x5jxl8iuXao=
X-Served-By
cache-yul12827-YUL
Last-Modified
Mon, 20 Jun 2022 22:28:52 GMT
Server
AmazonS3
X-Timer
S1656109788.595299,VS0,VE0
ETag
"15d576dd2669f83213a04eb7353e87d2"
x-amz-request-id
GQDR581DEFNJA8M6
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
2737
notifyme.php
adtrack.adleadevent.com/
0
528 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.175.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-175-60.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 22:29:47 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=HmDBKHxabkdUdEtiUnF6MzZMZGJObmJUaFhxcmtyUDEvblovN1E4aWpmdHU2RU82VkU1TDhFWDFXSkh1andZSkc4c3Y1Z0N6NFNMdDZJYXcxZFg5VkdnZGpzUng5dTAzYmZjOHh0ellia0o3QmJWNGtBQTJpdEpneDRUZEpOWUI1bGc0NUtQQVF4RkpaOTlHVHlMVFlTV1VuS0tUVFRrVDJqdmpPWlVUc1lBR1Z6bjJTOFpuTDhaalgxckRlOUcxaDMwTWpIQmxlazd0UUprNmgwWXd3Um5iQ1NBQlVsYUYwbEt1REx2QnVVQmR6MFBVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 24 Jun 2022 22:29:46 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1081
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 22:29:47 GMT
fire.js
s.cpx.to/
913 B
2 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Fwww.zupimages.net%2F&hn_ver=40&fid=ecaf1293-a818-418b-a419-98c98c153da9&dsp=pub_common&dsp_uid=b3aa3816-a657-4eb8-8a7a-e55ad350851f
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3f449517071372cfe0364f386adb23c38b0c20b99450ce636fde4e1abb4f672e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
913
Expires
Mon, 20 Jun 2022 11:14:12 UTC
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDED
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
249901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 01:04:46 GMT
expires
Thu, 22 Jun 2023 01:04:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C813
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a8d2e6d62758035e2930dbafcf25f0c4b751cd326a3a73237a5a880b7f62ec5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZCefRvm63AF47sazMXYJ0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ZCefRvm63AF47sazMXYJ0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 22:29:47 GMT
expires
Fri, 24 Jun 2022 22:29:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*wrfPKhgwmNkAOQil2pttQVmziI3Ug7xoeQn24Zq24YkXkJsfp_mDxw5csGxdVGJK&o=api&gdpr_consent=undefined&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOgM8avJjGisBCZO8kwUwK6Ex8Pg3h9nSEAklj7A&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=5339958381621273884&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2798025318759613024&opid=apx&ops=&utidl=tech:goo:CAESEDzncWVNnhn_ynDWsRCtC7I&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A27713934984&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMDImZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADFUU7FbHYAABAxSk2UIQ
43 B
43 B
Image
General
Full URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADFUU7FbHYAABAxSk2UIQ
Protocol
HTTP/1.1
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:49 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADFUU7FbHYAABAxSk2UIQ
Date
Fri, 24 Jun 2022 22:29:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
pagead2.googlesyndication.com/bg/ Frame EDED
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
508791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13719
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 01:09:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C813
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220622&jk=2641867921659648&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
600
age
0
content-length
0
date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
600
age
0
content-length
0
date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
600
age
0
content-length
0
date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
600
age
0
content-length
0
date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
moneybid.js
ads.themoneytizer.com/bidder1/
624 B
642 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=14857&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a8d8e2d6947111361b7e4ab01e7d5b28c8a41bb0ce373694f937930678b74781

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7sQ83GWj/tfgAAA
x-accel-expires
@1656132518
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
cYqilF3RkLY
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
cache-control
max-age=86400
x-cache
HIT
x-age
63669
x-77-pop
newyorkUSNY
moneybid.js
ads.themoneytizer.com/bidder1/
631 B
652 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=14857&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1b6d777b7ff20b6c3d0d042c16988ea141e238c7351f582027357689338861a5

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7sQ/YgQf/tfgAAA
x-accel-expires
@1656132518
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
sstKxTeLHJk
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
cache-control
public, max-age=86400
x-cache
HIT
x-age
63669
x-77-pop
newyorkUSNY
moneybid.js
ads.themoneytizer.com/bidder1/
626 B
646 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=14857&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b4a39a62d25ee48d7db7807feb47ac8882273261da0ff569e4961f64b3a4c353

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7sQ/8zSz/P/sAAA
x-accel-expires
@1656131868
date
Fri, 24 Jun 2022 22:29:47 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
zyBtwzwL/4g
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
cache-control
public, max-age=86400
x-cache
HIT
x-age
64319
x-77-pop
newyorkUSNY
adjson
ads.betweendigital.com/
2 B
913 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/
688 B
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310%3B1078226&size_id=15%3B2%3B2%3B15&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,9592,1,,,&eid_pubcid.org=38474c2f-79c4-4eec-94a3-7f8cbbb721e3%5E1&rf=https%3A%2F%2Fwww.zupimages.net&kw=14857&tg_i.name=zupimages.net&tg_i.siteid=14857&tg_i.pbadslot=%2F14857%2Fzupimages.net%2Fdesktop%2F26328%3B%2F14857%2Fzupimages.net%2Fdesktop%2F26322%3B%2F14857%2Fzupimages.net%2Fdesktop%2F30012%3B%2F14857%2Fzupimages.net%2Fdesktop%2F26300&tk_flint=pbjs_lite_v7.1.0&x_source.tid=24548b15-59ee-462d-b9a1-24a7aa1bc97c%3B2b9fc0f8-2205-4dbd-ad5c-18088980ce7d%3B6afd8b46-dd2e-4356-ac9b-92489251b1a6%3B38817758-72e2-4fa6-8f6a-5fde645a0f6c&l_pb_bid_id=10bfcf55f30ada6%3B110a7e303b11f8f%3B12d880ecda63a79%3B1311c3ad867a305&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F14857%2Fzupimages.net%2Fdesktop%2F26328%3B%2F14857%2Fzupimages.net%2Fdesktop%2F26322%3B%2F14857%2Fzupimages.net%2Fdesktop%2F30012%3B%2F14857%2Fzupimages.net%2Fdesktop%2F26300&slots=4&rand=0.9070646083407561
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6084d63cdb56423eb1e424577286ddb988758f0ce47109a4ea5793dcfaa221ca

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:48 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
688
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/
0
179 B
XHR
General
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zupimages.net
date
Fri, 24 Jun 2022 22:29:47 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
shb.richaudience.com/hb/
0
364 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
364 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
366 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
364 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.zupimages.net
access-control-max-age
86400
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
470 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5536966979688e97a4b8ed333e56d318f1e38d7ed7a6a6d2c19021ce894dffe1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
713f69f3-0b7c-4048-a6fe-eebc43ff2758
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
470
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
23 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1fc22a74cbe99e91548c82b011349db4937c8c693dfa3bafe75dade9856baba4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Jun 2022 22:29:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6e77b677-bf15-4a44-9f18-3c9f47607612
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
358 B
816 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.zupimages.net%2F&PublisherDomain=www.zupimages.net
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
46c998e4578d9a0011b253b8dafaec1f8733527c788a5ff2f6898e5387caefe1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
119
vary
Accept-Encoding
content-length
358
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v1
btlr.sharethrough.com/universal/
0
198 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.202.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-202-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.zupimages.net
Date
Fri, 24 Jun 2022 22:29:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
198 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.202.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-202-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.zupimages.net
Date
Fri, 24 Jun 2022 22:29:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
198 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.202.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-202-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.zupimages.net
Date
Fri, 24 Jun 2022 22:29:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/
0
198 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.202.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-202-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.zupimages.net
Date
Fri, 24 Jun 2022 22:29:48 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
c
prebid.a-mo.net/a/
361 B
808 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e7989a4b246360e62b8489e8f772c9debac586cf53f21e77edbba23e31bde9c7

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zupimages.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
236
content-length
232
bidRequest
c2shb.pubgw.yahoo.com/
66 B
264 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
522ca1fbeccb1955e29bfb0995d8fa69b4386197c7195823027e8679fa15a6d6

Request headers

Referer
https://www.zupimages.net/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
73bbc484b3d43584fa285453ff2fbafe05cd7c1328d317ffd7239492dd348348

Request headers

Referer
https://www.zupimages.net/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
263 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
7f4133f79cbda66554970a558c459336fa784ebde8621553aaa97c34ab9c205b

Request headers

Referer
https://www.zupimages.net/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
466 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
a56aef362a374f2300d4004413bb3cf95e7c456a8a590ec3d20abfe8ef50f221

Request headers

Referer
https://www.zupimages.net/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
content-length
66
ROS
pbjs.e-planning.net/hb/1/2a156/1/www.zupimages.net/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.zupimages.net/ROS?rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2...
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.zupimages.net/ROS?ct=1&r=pbjs&rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2...
423 B
840 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/www.zupimages.net/ROS?ct=1&r=pbjs&rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fwww.zupimages.net%2F&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.zupimages.net%2F&gdpr=0&e_criteoId=f5jL4l92JTJCUjFJSEFZZk5BUlN5QiUyRkY4TE9halJ5UE4wdGRzQkthOFJhMXIyVzRHSFREcWtuT0hhYldmVUIyc25SeGxQUnh3OGY0VEswQWpUandEcERpN3RoZkElM0QlM0Q&e_id5id=%257B%2522uid%2522%253A%2522ID5*ibWdmSbUNQpTflwpjmfdDOg4vvHaH6Kcd0mTv9PwMQQXkC1Lgw1eAIAVlO9VDNba%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=38474c2f-79c4-4eec-94a3-7f8cbbb721e3
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
1910fa08f4ea69e1c561b007eb70930c5e1122750327c4fd36f5a343989612cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.zupimages.net
expires
Fri, 24 Jun 2022 22:29:48 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
423
x-sid
IAD-1220

Redirect headers

date
Fri, 24 Jun 2022 22:29:47 GMT
server
openresty
location
/hb/1/2a156/1/www.zupimages.net/ROS?ct=1&r=pbjs&rnd=0.8523130355910289&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fwww.zupimages.net%2F&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.zupimages.net%2F&gdpr=0&e_criteoId=f5jL4l92JTJCUjFJSEFZZk5BUlN5QiUyRkY4TE9halJ5UE4wdGRzQkthOFJhMXIyVzRHSFREcWtuT0hhYldmVUIyc25SeGxQUnh3OGY0VEswQWpUandEcERpN3RoZkElM0QlM0Q&e_id5id=%257B%2522uid%2522%253A%2522ID5*ibWdmSbUNQpTflwpjmfdDOg4vvHaH6Kcd0mTv9PwMQQXkC1Lgw1eAIAVlO9VDNba%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=38474c2f-79c4-4eec-94a3-7f8cbbb721e3
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1220
/
prebid.smilewanted.com/
0
439 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
cf-ray
7208e77ecbec8c23-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
cf-ray
7208e77ecbf08c23-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
cf-ray
7208e77ecbf58c23-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
76 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
cf-ray
7208e77ecbf68c23-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/
0
219 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.1.0&cb=89663674996
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/
15 B
364 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.zupimages.net
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/
0
411 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
mp.4dex.io/
3 KB
1 KB
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec08be17e4c62a6f369d67030a8da4ff8b6ff12892039bf78e5917ea0fc4340e

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
access-control-allow-origin
https://www.zupimages.net
content-length
890
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7208e77eac8d713e-YUL
expires
0
prebid
ib.adnxs.com/ut/v3/
50 B
744 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:47 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0a21853-a19c-4ae0-82ee-7b4e30b0f936
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
509 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.1.0&referrer=https%3A%2F%2Fwww.zupimages.net%2F&tmax=3000&gdpr=false
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.118.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-118-220.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
123 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.zupimages.net
Access-Control-Allow-Credentials
true
generate_204
tpc.googlesyndication.com/ Frame EDED
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?my9FdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1934484c6e3de585a10ee635a01b793a2ca123f451c4b983719480bbdfe67460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54404
x-xss-protection
0
server
cafe
etag
4632608630600401060
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Jun 2022 22:29:48 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9
  • https://s.cpx.to/ca.png?dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9&google_gid=CAESEFBdshPoB_yWeUesq6_xx1s&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9&google_gid=CAESEFBdshPoB_yWeUesq6_xx1s&google_cver=1
Protocol
HTTP/1.1
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=ecaf1293-a818-418b-a419-98c98c153da9&google_gid=CAESEFBdshPoB_yWeUesq6_xx1s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.zupimages.net%252F%26hn_ver%3D40%26fid%3Decaf1293-a8...
  • https://s.cpx.to/an_fire?app_nexus_uid=2798025318759613024&pid=12773&ref=&url=https%3A%2F%2Fwww.zupimages.net%2F&hn_ver=40&fid=ecaf1293-a818-418b-a419-98c98c153da9&dsp=pub_common&dsp_uid=b3aa3816-a...
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=2798025318759613024&pid=12773&ref=&url=https%3A%2F%2Fwww.zupimages.net%2F&hn_ver=40&fid=ecaf1293-a818-418b-a419-98c98c153da9&dsp=pub_common&dsp_uid=b3aa3816-a657-4eb8-8a7a-e55ad350851f
Protocol
HTTP/1.1
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 24 Jun 2022 22:29:48 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c997e37-db00-4eda-a61e-1aed05fc0e50
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=2798025318759613024&pid=12773&ref=&url=https%3A%2F%2Fwww.zupimages.net%2F&hn_ver=40&fid=ecaf1293-a818-418b-a419-98c98c153da9&dsp=pub_common&dsp_uid=b3aa3816-a657-4eb8-8a7a-e55ad350851f
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Decaf1293-a818-418b-a419-98c98c153da9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Decaf1293-a818-418b-a419-98c98c153da9
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&fid=ecaf1293-a818-418b-a419-98c98c153da9
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&fid=ecaf1293-a818-418b-a419-98c98c153da9
Protocol
HTTP/1.1
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 24 Jun 2022 22:29:48 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&fid=ecaf1293-a818-418b-a419-98c98c153da9
date
Fri, 24 Jun 2022 22:29:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Decaf1293-a818-418b-a419-98c98c153da9&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ecaf1293-a818-418b-a419-98c98c153da9&gdpr=0&cklb=1
0
316 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ecaf1293-a818-418b-a419-98c98c153da9&gdpr=0&cklb=1
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=ecaf1293-a818-418b-a419-98c98c153da9&gdpr=0&cklb=1
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dsp=TTD
95 B
876 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dsp=TTD
Protocol
HTTP/1.1
Server
52.210.143.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-143-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 24 Jun 2022 22:29:48 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 24 Jun 2022 22:29:48 UTC

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
integrator.js
adservice.google.ca/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.zupimages.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zupimages.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/ Frame E943
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
7554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 20:23:54 GMT
etag
10429905676100781186
expires
Fri, 08 Jul 2022 20:23:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/ Frame BC06
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
7554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 20:23:54 GMT
etag
10429905676100781186
expires
Fri, 08 Jul 2022 20:23:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E943
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 22:03:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Jun 2022 22:29:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Jun 2022 22:29:48 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E943
205 B
744 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 22:40:56 GMT
x-content-type-options
nosniff
age
344932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 20 Jun 2023 22:40:56 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E943
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 00:11:42 GMT
x-content-type-options
nosniff
age
512286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Jun 2023 00:11:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/ Frame E943
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 20:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 20:16:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BC06
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEwFb2zq2Yp34JY7K_gSd77u4DuuYmY9p8ru3qoUPwI23ARABIIm43iRg_eiigfADoAGRtaWfA8gBAqkCw_wrOVGysT6oAwHIA8kEqgTdAU_Q2_AKaAWXpqdoQ4Au8_wlVzpuDHWJLwCvfTWny0TsUVZFGRd_HxDZAAbZPM7SEDepog-c4eUd9sVTqCZjYN8poMASeS2HllSnB7EytPCo2lH9NbZ47xvVWQpKULFa6ODrlnl9v5tFpg-lAIF4prV9eP27mvLQRjuwLux1bF-9-TQrywbo1MlEJ0JwEepbQ85jvY_zkb4QzQZuW4QFJVnIRIvwNjf-9Ey9z3HkXHJVcoiXxYQ31NjlRDAy7K_yl0xo-y8EHP-pNbAAi2cmnZW0CFb-fK-mcnxT4VJ1wAS-_ebP8AOSBQQIBBgBkgUECAUYBKAGAoAH18raYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM7uA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNTgxMTQ0NTA2NTQxMzc2GAA&sigh=3GIvaAbS2Sc&uach_m=[UACH]
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 24 Jun 2022 22:29:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 24 Jun 2022 22:29:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame BC06
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:28:47 GMT
4745584241445094338
tpc.googlesyndication.com/simgad/ Frame BC06
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4745584241445094338?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlC0qgdLZB3kkNOva6bariwkTFz1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13de31994b659fe46dafca8dbceb7083780c45aed2e605265647897fa0aca999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 02:33:16 GMT
x-content-type-options
nosniff
age
71792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17680
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:48:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 24 Jun 2023 02:33:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame BC06
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:21:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC06
137 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 22:29:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame BC06
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:27:29 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame BC06
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b87ba9f38a8905c569f57b2e7f262a904383984fb76af355216f2cd31e856a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 19:15:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12977
x-xss-protection
0
server
cafe
etag
4929431275013645188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 19:15:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1E7A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 21:37:57 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E7A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:48 GMT
expires
Fri, 24 Jun 2022 22:29:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame F04E
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 21:06:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Jun 2022 22:29:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Jun 2022 22:29:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame F04E
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:29:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame F04E
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:28:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame F04E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:21:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F04E
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 22:29:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame F04E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Jul 2022 22:27:29 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame F04E
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 00:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Sep 2022 00:25:25 GMT
truncated
/ Frame BC06
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd43b2a4263f001d674632eb445eca35bea1cfc448958b333bd46c1160c0c79a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame F04E
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220622&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
pagead2.googlesyndication.com/bg/ Frame 075A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
508792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13719
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 01:09:56 GMT
VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
pagead2.googlesyndication.com/bg/ Frame 8C52
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
508792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13719
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 01:09:56 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220622&jk=2641867921659648&bg=!0dKl0pbNAAZlcKWdRXA7ACkAdvg8WkV30M7fwb129sRK2gPIxwMkDbD38RsOEbDseEy6P8Y447oQvgIAAACBUgAAAAJoAQcKAEPQVw1RTxiC7ck0iS4Av3f9-xDI3_CG8WWMufGdMKkbZgyItVfgi4zswrCkYMm_e2KIEQSbtWiYM_BW6AgI3ThUSCS_mQKevtZp6K_QZbx6j5-uMBPp6RR5z4lfmFsVhrocKIhrqbfN8SEIt9ABcIlZrX0FPULMpiLf7fxMzi_x8eTzYX50mu5jHTWan82yhrrFL27OIkTd8cqyfrMXndPLpCAiGFIzF9_aJvjMBYbQiLanNh5aCFd6bPhPP-ZOb8gtiThWupQTjoglUWMlXlHKmoLOtu33nCISpV76XaWOTGXSV_6gsIqEx-xhkGQ70torKDcNH29PYaXG1jMOV6qbz4Xz875QGlxW6E-LtucgUjvbduCdkrf_R2RR0dzStyxwr4Of6pL_kSqwJ-WeYGKYs3NPDESPT6uB1DxnN99jeaU9mh13KUC1Q14hwRtKe5EssRfIRTtJ9LP64YFwtedNAcynxeG2oJCakzIthxXv5ENRLafeTALn2ops_T1SZ-kMY-gnUlqvg5x8qE9mlu9b6lg3fDStOwa_wiO8vbEkjyHWuBHLUViseaxE_u1x9Pby7LCtCdcEQ9Vb_93V-P6NazbCKLGlmUR00_16CvVHP2x6d9wMY4NPv8VPI8Lr0yf2yX6ZcHQTMPEoS8NFUVa63m5I_2AJvq74guNCwhRVvVjwbwG3303OfAEOGrX8EDdErBGkA4cje6Last0fXoTS4_oQGrjMMm9tg2YybNNRxiok_I_0lml-MctPXxSPR9LwgrRe_fH0gLdTqaFf3A54t3ER2L6RyYMH14JD0qSbvehTxbVcjfnoIgk1dPBi5jQH3dKdg4yPWTKe6QLxL05Qe88TyyTVxRztlko61tPi4bJ55HKV0R2UFJs0KxtLpRIAA2nAkc_LzUUz2UgW21V_XDTJDxcepkuhSelpGuxL8kscOXCcsEeVMk1rQIQBCrjOSD8UO8G77VIBA7D8z2lT5WVevg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.zupimages.net
date
Fri, 24 Jun 2022 22:29:48 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.zupimages.net
date
Fri, 24 Jun 2022 22:29:48 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.zupimages.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.zupimages.net
date
Fri, 24 Jun 2022 22:29:47 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/
595 B
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
fa3c38c644dbb0d4c6b4ba7970b7d3e7de25f70a1efe9f4b4b6ce25b6e14f38e

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
270 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=1&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:01 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9FE_36264064:01BB_62B63ADB_AD8C7DB:D9DD
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/
15 KB
5 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
8b1a4e9bb3c8d9d340b7027c28bc36620da4cd48e7aae69d8a3458d0fde2fa49

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.zupimages.net
x-smrt-i
9251369
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:48 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9FA_36264064:01BB_62B63ADB_ADB2E4D:2999A
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/
595 B
1 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
ad5599052de9a6aea385e3260e775aaab44c4dda37b004176294b1edb036d1c9

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:48 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
270 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=14857&f=28&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=14857&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:01 GMT
Server
nginx
X-IPLB-Request-ID
953899B8:B9F4_36264064:01BB_62B63ADB_AD8979A:7A0C
X-IPLB-Instance
38436
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tbframe.js
cdn.taboola.com/shared/ Frame C066
14 KB
4 KB
Script
General
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
25954
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
eRb+UumoGy5MXaE4jJtmx5e9asmDaMAgQhYLv4mklDAGjkNoqCSwMwsr/NMo1PXRnt2KwsmlCkM=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1656109789.103587,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
4YBS3KQW0RM009M6
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
71
x-cache-hits
4176
tbframe.js
cdn.taboola.com/shared/ Frame D3EE
14 KB
4 KB
Script
General
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
25954
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
eRb+UumoGy5MXaE4jJtmx5e9asmDaMAgQhYLv4mklDAGjkNoqCSwMwsr/NMo1PXRnt2KwsmlCkM=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1656109789.103655,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
4YBS3KQW0RM009M6
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
71
x-cache-hits
4177
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 3D00
1 MB
270 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d67998d946b452ad4f9d2d56b25d525d64b48fcfd7f463e4145141ce112396f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
83xJhrogYvt8Iu6YZ46kDRWZpbh9sLnW
content-encoding
gzip
etag
"c485673f01245fd8f1cb35ecd765e785"
age
27
x-cache
HIT
content-length
275926
x-amz-id-2
bvSTIC3nibyEEoBpXFNkH8PgRkz41fqp1C5HfYduvSS0qqDz8fVfk9ZvUvkYjZlfo66MOq18ZHk=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 20:09:28 GMT
server
AmazonS3
x-timer
S1656109789.142127,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
J1M9QSE84S1MRNAC
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
2
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 2868
1 MB
270 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d67998d946b452ad4f9d2d56b25d525d64b48fcfd7f463e4145141ce112396f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
83xJhrogYvt8Iu6YZ46kDRWZpbh9sLnW
content-encoding
gzip
etag
"c485673f01245fd8f1cb35ecd765e785"
age
27
x-cache
HIT
content-length
275926
x-amz-id-2
bvSTIC3nibyEEoBpXFNkH8PgRkz41fqp1C5HfYduvSS0qqDz8fVfk9ZvUvkYjZlfo66MOq18ZHk=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 20:09:28 GMT
server
AmazonS3
x-timer
S1656109789.146424,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
J1M9QSE84S1MRNAC
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
3
impl.20220623-3-RELEASE.js
cdn.taboola.com/libtrc/ Frame 3D00
668 KB
138 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a4fe930bedb0e3d98f2503da5eab788268c8d643caa9bee196e2bbfbc22f3cb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
9sBPTnzAQbZkbYMI4LyXJLf4JmOVjTj3
content-encoding
br
etag
"3646cb395f6a3ba852cd69e58e1c3757"
age
21074
x-cache
HIT
content-length
141197
x-amz-id-2
wiwuPrUhYLQcGFb+soyE76wNM0egWNHpHL0oBLY5YGOLwLldavaDXl0/qTT1AY1DviUEdOm46to=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 08:01:34 GMT
server
AmazonS3-br
x-timer
S1656109789.224771,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
5S67VY37AGKA01ZC
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
35856
impl.20220623-3-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2868
668 KB
138 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a4fe930bedb0e3d98f2503da5eab788268c8d643caa9bee196e2bbfbc22f3cb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
9sBPTnzAQbZkbYMI4LyXJLf4JmOVjTj3
content-encoding
br
etag
"3646cb395f6a3ba852cd69e58e1c3757"
age
21074
x-cache
HIT
content-length
141197
x-amz-id-2
wiwuPrUhYLQcGFb+soyE76wNM0egWNHpHL0oBLY5YGOLwLldavaDXl0/qTT1AY1DviUEdOm46to=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 08:01:34 GMT
server
AmazonS3-br
x-timer
S1656109789.259794,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
5S67VY37AGKA01ZC
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
35857
json
trc.taboola.com/themonetizer-zupimages/trc/3/ Frame 3D00
6 KB
3 KB
XHR
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/trc/3/json?tim=22%3A29%3A49.475&lti=deflated&data=%7B%22id%22%3A819%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1656014965666%2C%22vi%22%3A1656109789473%2C%22cv%22%3A%2220220623-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zupimages.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.zupimages.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A728%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22201923-MEGABANNER%22%2C%22orig_uip%22%3A%22201923-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C201923-MEGABANNER%3Dthumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a8690ff7476862a1112202db60a78e0c1f65fab37f699caca36cb80ca6abb04

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
79
date
Fri, 24 Jun 2022 22:29:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1656109789.491672,VS0,VE79
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
sas-interstitial-3.0.js
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/
53 KB
15 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:822b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5ea2ee0f208493177bc197d3a7b29d9a57c393225174d4568f808e79a4a4e7bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jun 2022 07:48:22 GMT
Server
AkamaiNetStorage
ETag
"e2201214b1ec02ff83f8b75008ab7a78:1655284088.28685"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14709
json
trc.taboola.com/themonetizer-zupimages/trc/3/ Frame 2868
6 KB
3 KB
XHR
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/trc/3/json?tim=22%3A29%3A49.803&lti=deflated&data=%7B%22id%22%3A527%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1656014965666%2C%22vi%22%3A1656109789473%2C%22cv%22%3A%2220220623-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zupimages.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.zupimages.net%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.zupimages.net%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A728%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22201923-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22201923-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C201923-MEGABANNER%20BAS%3Dthumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
994187aed7ba871b0960ca4c96283fa328b45fb194e600e3907c461122e26ce2

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
97
date
Fri, 24 Jun 2022 22:29:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1656109790.810533,VS0,VE97
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.zupimages.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
userx.20220623-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3D00
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220623-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0cda494673a8d8a62789f5840482f4209d64fce1a52643b8efadc9ed0845a03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
4uPaf5y8LpyGm.Ao8pw2PlekFSsWRr4I
content-encoding
gzip
etag
"2456e6c2f6abcd619a747c5f610abcd7"
age
91
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
dXulug7ouNePHSPLG+DMTFwF6PFnqM/X0OkhFJydwEWmZTRzbaIHYs5O6N2WrGvJm7+n4wXqVxk=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 14:03:05 GMT
server
AmazonS3
x-timer
S1656109790.854025,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
K1T7YXAR4KV4C9PS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
36
activeview
pagead2.googlesyndication.com/pcs/ Frame BC06
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7bwtJmk7QgGOsOpJvvBkn3Sgcw0SMztJ_csantxjMRHwyo8z9uhfVN4yBYZ-rcaiD-cfVDB6zmt1qIBBu5ZjYcg8N8bqnLzvEBRPgu2jNZskIWdn_mmTq-0_wf8mYHdtgeME&sai=AMfl-YQFATC2XrPuJ9vUn9bvUXtz_5q-9TALLMMMebDZvkEOmZ8Yooav3Gn0UjYGWd2tPGZW94gEsM5kfLmp&sig=Cg0ArKJSzP322u9ABHWcEAE&id=lidar2&mcvt=1250&p=0,0,124,1005&mtos=341,1061,1250,1400,1466&tos=341,720,189,150,66&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656109788179&rpt=205&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1280294961__OmemY3sx.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 3D00
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1280294961__OmemY3sx.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
494f0f54e4a6b99a35d5e58d659c378d008114f2beb3cbe73a2a62e69ae8fdd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1400954
edge-cache-tag
402842802836378130178524901896589942131,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
402842802836378130178524901896589942131,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
expiration
expiry-date="Sun, 19 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1280294961__OmemY3sx.jpg
content-length
14020
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 19 May 2022 16:38:37 GMT
server
nginx
x-timer
S1656109790.877746,VS0,VE0
etag
"0e5ad356ed8e5f50f40b7c167e03af78"
x-served-by
cache-iad-kiad7000024-IAD, cache-iad-kiad7000053-IAD, cache-bur-kbur8200168-BUR, cache-iad-kjyo7100045-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 3
6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 3D00
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e084db01b5234b4a24b89064f84e52597e212dec07d0efdbf11ca91ee108fd8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1455594
edge-cache-tag
315500181127694824085322168453808924749,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
315500181127694824085322168453808924749,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
8
expiration
expiry-date="Sat, 25 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
content-length
5290
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 25 May 2022 10:32:12 GMT
server
nginx
x-timer
S1656109790.877711,VS0,VE1
etag
"dd013c22ef07ef6c108f8a66268dad6e"
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kcgs7200031-IAD, cache-bur-kbur8200173-BUR, cache-iad-kcgs7200124-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0, 1
rd_log
nym1-ib.adnxs.com/ Frame 46E0
0
817 B
Script
General
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.zupimages.net%2F&e=wqT_3QKkDOgkBgAAAwDWAAUBCNv12JUGEL7p3bTs_qKERhgAKjYJ8WjjiLX49D4ROZ90AbNr8D4ZAAAAoJmZqT8hOQ0SACkRJNgxAAAAQOF6hD8wqMDiCjjDRkCmBkgCUKblwZMBWPyclwFgAGj7jKkBeLjgAoABAYoBA1VTRJIBAQbwUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjU2MTA5Nzg3KTt1ZignaScsIDU2NjQxMiwgPhwAMHInLCAzMDkzNTkyNzA2OwDwkJIC-QMhYWxqd0hnaV9scFVSRUtibHdaTUJHQUFnX0p5WEFUQUVPQUJBQUVpbUJsQ293T0lLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVJLb0FRT3dBUUM1QWEtdlNqVzItUFEtd1FHdnIwbzF0dmowUHNrQkFBQUFBQUFBOERfWkFRQUEFD3BQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEiBEM5CQjwTERBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalEyTURIZ0E5RXVnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BHGlBWDVJNmtGDQ8YQThELXhCUREOEEFBd1FVGQ0ATRkoDEFBRFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBFXEAQh27BEJrFRcEQUMdGEBMZ0dDZy4umgKZASFWQlhZbD79AWRQeWNsd0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMFM1ShFiDDhEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJay5kAfA8LtgCueED4ALWl1zqAhpodHRwczovL3d3dy56dXBpbWFnZXMubmV0L_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgCAY1NmGIAPIBIARJTxUgOBMKD0NVU1RPTV9NT0RFTAEqFADyAhoKFjIWABxMRUFGX05BTQVwCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3whgEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDkKs44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg0qAQAsgQOCAAQARgAIAAoADAAOAK4BADABADIBADSBA04MDYjTllNMjo0NjAx2gQCCAHgBAHwBIX0IIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi0BEAAyAe44ALSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=f783c27eda121ddcd7685e54634b02dd4a71500f&bdref=https%3A%2F%2Fwww.zupimages.net%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.zupimages.net%2F,https%3A%2F%2Fwww.zupimages.net%2F&
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:49 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
68b4b02a-d887-4af2-949e-12d7c3fa8ed2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 46E0
77 KB
78 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:49 GMT
Via
1.1 varnish, 1.1 varnish
Age
2479093
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
78761
X-Served-By
cache-lga21974-LGA, cache-yul12831-YUL
Last-Modified
Wed, 01 Sep 2021 11:27:28 GMT
Server
nginx/1.19.0
Cache-Control
max-age=3888000
X-Timer
S1656109790.951971,VS0,VE0
ETag
"928624e32629ee4f24af477311d500be"
x-amz-request-id
78da7387-c006-4f0e-8e3b-3c3e208c958f
Access-Control-Allow-Origin
*
Expires
Sun, 28 Nov 2021 06:20:18 GMT
X-Clv-Request-Id
78da7387-c006-4f0e-8e3b-3c3e208c958f
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Clv-S3-Version
2.5
X-Cache-Hits
2, 944
trk.js
cdn.adnxs.com/v/s/224/ Frame 46E0
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:49 GMT
Content-Encoding
gzip
Age
10416681
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12833-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1656109790.946002,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1646122
it
nym1-ib.adnxs.com/ Frame 46E0
0
817 B
Image
General
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.zupimages.net%252F&e=wqT_3QKYCugYBQAAAwDWAAUBCNv12JUGEL7p3bTs_qKERhgAKjYJ8WjjiLX49D4ROZ90AbNr8D4ZAAAAoJmZqT8hOQ0SACkRJNgxAAAAQOF6hD8wqMDiCjjDRkCmBkgCUKblwZMBWPyclwFgAGj7jKkBeLjgAoABAYoBA1VTRJIBAQbwUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjU2MTA5Nzg3KTt1ZignaScsIDU2NjQxMiwgPhwAMHInLCAzMDkzNTkyNzA2OwDwkJIC-QMhYWxqd0hnaV9scFVSRUtibHdaTUJHQUFnX0p5WEFUQUVPQUJBQUVpbUJsQ293T0lLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVJLb0FRT3dBUUM1QWEtdlNqVzItUFEtd1FHdnIwbzF0dmowUHNrQkFBQUFBQUFBOERfWkFRQUEFD3BQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEiBEM5CQjwTERBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalEyTURIZ0E5RXVnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BHGlBWDVJNmtGDQ8YQThELXhCUREOEEFBd1FVGQ0ATRkoDEFBRFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBFXEAQh27BEJrFRcEQUMdGEBMZ0dDZy4umgKZASFWQlhZbD79AWRQeWNsd0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMFM1ShFiDDhEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJay5kAfDXLtgCueED4ALWl1zqAhpodHRwczovL3d3dy56dXBpbWFnZXMubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA5CrOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDggAEAEYACAAKAAwADgCuAQAwAQAyAQA0gQNODA2I05ZTTI6NDYwMdoEAggB4AQB8ASm5cGTAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYFIiwA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi0BEAAyAe44ALSBw0JEToBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=31a2895d67764cfd8988035fb26efdbfb0c1dfbd
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:49 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9b759308-baab-4b64-b573-e56c20e29ff5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame 46E0
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NkphelRHSUpoLWhva1ozSHpxOS0yOVB4Q3lZL2JsdWVyb29zdGVybWVkaWE6MzAweDI1MA==&v=5&s=v31g6btbsma&id=eyJwcmViaWQiOnsiYWRJZCI6IjEwMjU5NzhjNjc5MTcxZTIiLCJjcG0iOjAuMDAwMDExMiwicyI6IjI2MzI4Iiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjpibHVlcm9vc3Rlcm1lZGlhOzMwOTM1OTI3MCJ9&sb=undefined&cb=5596003&h=www.zupimages.net&d=eyJ3aCI6Ik5rcGhlbFJIU1Vwb0xXaHZhMW96U0hweE9TMHlPVkI0UTNsWkwySnNkV1Z5YjI5emRHVnliV1ZrYVdFNk16QXdlREkxTUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImJsdWVyb29zdGVybWVkaWEiXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: www.zupimages.net
URL: https://www.zupimages.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.54.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-54-201.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:50 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
aip
tmk.smartadserver.com/h/
43 B
440 B
Image
General
Full URL
https://tmk.smartadserver.com/h/aip?uii=360959454954239660&tmstp=8056372813&ckid=5339958381621273884&systgt=%24qc%3d1308948106%3b%24ql%3dHigh%3b%24qpc%3d28700%3b%24qt%3d124_1509_77271t%3b%24dma%3d0%3b%24b%3d16100%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d165%3b%24wpc%3d3964%3b%24wpc%3d3954%3b%24wpc%3d5455%3b%24wpc%3d6399%3b%24wpc%3d6425%3b%24wpc%3d1263%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5801%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5757%3b%24wpc%3d5771%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6205%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5962%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5137%3b%24wpc%3d5142%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d5150%3b%24wpc%3d7540%3b%24wpc%3d8535%3b%24wpc%3d8546&acd=1656109788967&envtype=0&opid=df646e2b-b0a7-4d65-9fd6-76156e4c2be1&opdt=1656109788967&siteid=201923&tgt=%3bhb_adid%3d1025978c679171e2%3bhb_pb%3d0.00%3bhb_bidder%3dblueroostermedia%3bhb_format%3d26328-1%3b%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fwww.zupimages.net%2f&cappid=5339958381621273884&capp=1&mcrdbt=1&insid=9251369&imgid=24965671&pgid=886920&fmtid=26328&isLazy=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.200 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:49 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
close-retina.png
ced-ns.sascdn.com/diff/templates/images/
2 KB
2 KB
Image
General
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:822b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:49 GMT
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1802
1280294961__OmemY3sx.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 3D00
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1280294961__OmemY3sx.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
494f0f54e4a6b99a35d5e58d659c378d008114f2beb3cbe73a2a62e69ae8fdd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1400954
edge-cache-tag
402842802836378130178524901896589942131,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
402842802836378130178524901896589942131,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
expiration
expiry-date="Sun, 19 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1280294961__OmemY3sx.jpg
content-length
14020
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 19 May 2022 16:38:37 GMT
server
nginx
x-timer
S1656109790.918664,VS0,VE0
etag
"0e5ad356ed8e5f50f40b7c167e03af78"
x-served-by
cache-iad-kiad7000024-IAD, cache-iad-kiad7000053-IAD, cache-bur-kbur8200168-BUR, cache-iad-kjyo7100045-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 4
6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 3D00
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e084db01b5234b4a24b89064f84e52597e212dec07d0efdbf11ca91ee108fd8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1455594
edge-cache-tag
315500181127694824085322168453808924749,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
315500181127694824085322168453808924749,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
8
expiration
expiry-date="Sat, 25 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/6cee3216-85aa-425f-adc8-3207946b0dca_1000x600_db9d3262005a0291b926002191bbdcb9.png
content-length
5290
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 25 May 2022 10:32:12 GMT
server
nginx
x-timer
S1656109790.918770,VS0,VE0
etag
"dd013c22ef07ef6c108f8a66268dad6e"
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kcgs7200031-IAD, cache-bur-kbur8200173-BUR, cache-iad-kcgs7200124-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 0, 2
userx.20220623-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2868
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20220623-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0cda494673a8d8a62789f5840482f4209d64fce1a52643b8efadc9ed0845a03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
4uPaf5y8LpyGm.Ao8pw2PlekFSsWRr4I
content-encoding
gzip
etag
"2456e6c2f6abcd619a747c5f610abcd7"
age
91
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
dXulug7ouNePHSPLG+DMTFwF6PFnqM/X0OkhFJydwEWmZTRzbaIHYs5O6N2WrGvJm7+n4wXqVxk=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 23 Jun 2022 14:03:05 GMT
server
AmazonS3
x-timer
S1656109790.930657,VS0,VE0
date
Fri, 24 Jun 2022 22:29:49 GMT
vary
Accept-Encoding
x-amz-request-id
K1T7YXAR4KV4C9PS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
37
fix-user-id
trc.taboola.com/themonetizer-zupimages/log/3/ Frame 2868
0
263 B
Image
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/log/3/fix-user-id?lti=deflated&ri=22c9ba624bccd7a377a1dcba4a771be4&sd=v2_ced802aa5a77bb67245e9a908adf3116_aaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d_1656109789_1656109789_CIi3jgYQyItLGKHi176ZMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAA&ui=aaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d&pi=/&wi=7185124872934780841&pt=text&vi=1656109789473&time=1656109789915&fromUser=6de88ec3-403d-4941-92f8-26b87e9ce8e0-tuct9afc05d&toUser=aaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d&fromSD=v2_e1c00ba8560115da1fde3694b6af2ff9_6de88ec3-403d-4941-92f8-26b87e9ce8e0-tuct9afc05d_1656109789_1656109789_CNawjgYQyItLGKHi176ZMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAA&toSD=v2_ced802aa5a77bb67245e9a908adf3116_aaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d_1656109789_1656109789_CIi3jgYQyItLGKHi176ZMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAA&tim=22%3A29%3A49.915&id=3478&llvl=2&cv=20220623-3-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
19
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1656109790.930986,VS0,VE19
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
1156650467__pHz2eKm0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2868
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1156650467__pHz2eKm0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1eb55e777e45316fed7c686f03d29ab9b1def4bef451dfc9970206aec046b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
2445918
edge-cache-tag
543332190406823824896111000974089956175,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
543332190406823824896111000974089956175,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1156650467__pHz2eKm0.jpg
content-length
9292
x-request-id
a9b3b78458c48dd953dccf909400595d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 08 May 2022 17:05:43 GMT
server
nginx
x-timer
S1656109790.936941,VS0,VE1
etag
"e0a84918e40900ead6384c3d5b66f857"
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kjyo7100116-IAD, cache-sna10730-LGB, cache-iad-kjyo7100073-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 1
9775f14e33a5461f8a65e2ab2b5ca712.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2868
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9775f14e33a5461f8a65e2ab2b5ca712.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf2fe1af73e59e0cc944abf2e8f4a94e1f592cbe97a3fbb9788811e7d45e8196

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1566381
edge-cache-tag
292578618365856648684015597379097447710,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
292578618365856648684015597379097447710,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
29
x-envoy-upstream-service-time
3368
expiration
expiry-date="Mon, 06 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9775f14e33a5461f8a65e2ab2b5ca712.jpg
content-length
4058
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 06 May 2022 13:03:47 GMT
server
nginx
x-timer
S1656109790.937428,VS0,VE1
etag
"d721f29aea7445b42e19f57629605d37"
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kcgs7200161-IAD, cache-chi-kigq8000103-CHI, cache-iad-kcgs7200065-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
4
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1, 1
1156650467__pHz2eKm0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2868
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1156650467__pHz2eKm0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1eb55e777e45316fed7c686f03d29ab9b1def4bef451dfc9970206aec046b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
2445918
edge-cache-tag
543332190406823824896111000974089956175,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
543332190406823824896111000974089956175,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1156650467__pHz2eKm0.jpg
content-length
9292
x-request-id
a9b3b78458c48dd953dccf909400595d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 08 May 2022 17:05:43 GMT
server
nginx
x-timer
S1656109790.966550,VS0,VE0
etag
"e0a84918e40900ead6384c3d5b66f857"
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kjyo7100116-IAD, cache-sna10730-LGB, cache-iad-kjyo7100073-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 2
9775f14e33a5461f8a65e2ab2b5ca712.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2868
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9775f14e33a5461f8a65e2ab2b5ca712.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf2fe1af73e59e0cc944abf2e8f4a94e1f592cbe97a3fbb9788811e7d45e8196

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 24 Jun 2022 22:29:49 GMT
via
1.1 varnish, 1.1 varnish
age
1566381
edge-cache-tag
292578618365856648684015597379097447710,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
cache-tag
292578618365856648684015597379097447710,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
29
x-envoy-upstream-service-time
3368
expiration
expiry-date="Mon, 06 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9775f14e33a5461f8a65e2ab2b5ca712.jpg
content-length
4058
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 06 May 2022 13:03:47 GMT
server
nginx
x-timer
S1656109790.966546,VS0,VE0
etag
"d721f29aea7445b42e19f57629605d37"
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kcgs7200161-IAD, cache-chi-kigq8000103-CHI, cache-iad-kcgs7200065-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
4
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1, 2
vevent
nym1-ib.adnxs.com/ Frame 46E0
0
841 B
Ping
General
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.zupimages.net%2F&e=wqT_3QKYCugYBQAAAwDWAAUBCNv12JUGEL7p3bTs_qKERhgAKjYJ8WjjiLX49D4ROZ90AbNr8D4ZAAAAoJmZqT8hOQ0SACkRJNgxAAAAQOF6hD8wqMDiCjjDRkCmBkgCUKblwZMBWPyclwFgAGj7jKkBeLjgAoABAYoBA1VTRJIBAQbwUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjU2MTA5Nzg3KTt1ZignaScsIDU2NjQxMiwgPhwAMHInLCAzMDkzNTkyNzA2OwDwkJIC-QMhYWxqd0hnaV9scFVSRUtibHdaTUJHQUFnX0p5WEFUQUVPQUJBQUVpbUJsQ293T0lLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVJLb0FRT3dBUUM1QWEtdlNqVzItUFEtd1FHdnIwbzF0dmowUHNrQkFBQUFBQUFBOERfWkFRQUEFD3BQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEiBEM5CQjwTERBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalEyTURIZ0E5RXVnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BHGlBWDVJNmtGDQ8YQThELXhCUREOEEFBd1FVGQ0ATRkoDEFBRFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBFXEAQh27BEJrFRcEQUMdGEBMZ0dDZy4umgKZASFWQlhZbD79AWRQeWNsd0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMFM1ShFiDDhEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJay5kAfDXLtgCueED4ALWl1zqAhpodHRwczovL3d3dy56dXBpbWFnZXMubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA5CrOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDggAEAEYACAAKAAwADgCuAQAwAQAyAQA0gQNODA2I05ZTTI6NDYwMdoEAggB4AQB8ASm5cGTAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYFIiwA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi0BEAAyAe44ALSBw0JEToBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=31a2895d67764cfd8988035fb26efdbfb0c1dfbd&type=nv&nvt=5&jm=1003&px=2820&py=475&bw=300&bh=250&sid=5375116721108867777&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22585384&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1746&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:50 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d190de5b-db23-454b-95e6-ba30331f3a9a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk
trc.taboola.com/themonetizer-zupimages/log/3/ Frame 3D00
0
304 B
XHR
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/log/3/bulk?tvi2=7830&route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
22
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1656109791.980526,VS0,VE22
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/themonetizer-zupimages/log/3/ Frame 3D00
0
61 B
XHR
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/log/3/visible?tvi2=7830&route=US%3AUS%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1656109791.984582,VS0,VE18
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
publishertag.prebid.123.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:51 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 22:29:51 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3D00
254 B
703 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
25869
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1656109791.029690,VS0,VE0
date
Fri, 24 Jun 2022 22:29:51 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
71
x-cache-hits
9376
bulk
trc.taboola.com/themonetizer-zupimages/log/3/ Frame 2868
0
318 B
XHR
General
Full URL
https://trc.taboola.com/themonetizer-zupimages/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zupimages.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
19
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1656109791.118708,VS0,VE19
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.zupimages.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2868
254 B
325 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
25869
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1656109791.118715,VS0,VE0
date
Fri, 24 Jun 2022 22:29:51 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
71
x-cache-hits
9377
action
ww1097.smartadserver.com/track/
43 B
163 B
Image
General
Full URL
https://ww1097.smartadserver.com/track/action?sid=1656109789480&pid=886920&iid=9251369&fmtid=26328&cid=24965671&key=viewcount&ts=1656109789480
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:50 GMT
transfer-encoding
chunked
content-type
image/gif
isyn
prebid.a-mo.net/ Frame 4EFF
2 KB
716 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
22f0de3e0286092962d93ca3d7cc363b5945d5cd5e32b93863bec0e8a53de80b

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
618
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 22:29:50 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 9B47
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 22:29:52 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1018 B
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d93fd0b87ba2f26ca429bc869f5546a9af95302d7c62a0c5cbc6ad264484a65e

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
447
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 22:29:52 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 24 Jun 2022 22:29:52 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE31
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.184 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-184.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 24 Jun 2022 22:29:52 GMT
ETag
"623de86a-cf34"
Expires
Sat, 25 Jun 2022 22:29:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4D38
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1656109787927&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 75B9
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82009546877bd0e33897de19d48b10a89c32182f68eeaecd8461d0e94dc80873

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e7968c488c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 4EA2
2 KB
1 KB
Document
General
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
07a174ab8a296f70c811dfca6bbcf042f1eea52478d6b6dfb5137a0281b72704

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 1651
661 B
840 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
0727988881bef77bba2dc1553b2d17f15deb67f0c6595a28273a9f56b57a6d40

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
661
content-type
text/html
/
spl.zeotap.com/ Frame 81F9
0
0
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7208e79668c2713c-YUL
date
Fri, 24 Jun 2022 22:29:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
/
b1sync.zemanta.com/usersync/bluekai/callback/
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=aQgegR-9GmyIYygZSdye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
26 B
315 B
Image
General
Full URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Protocol
HTTP/1.1
Server
70.42.32.255 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:53 GMT
P3p
CP="We do not support P3P header."
Content-Length
26
Content-Type
image/gif

Redirect headers

Location
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Date
Fri, 24 Jun 2022 22:29:52 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cds-pips.js
cdn.taboola.com/scripts/ Frame 3D00
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
3242
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
0dUPbOT4lmNX0r66NY/L6ym5NDP7CE1NUEJXfo/BuwuncSXz8dn62BwSsxT8ueb70dwAAESnj0U=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1656109792.948126,VS0,VE0
date
Fri, 24 Jun 2022 22:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
XWBGF6WMZZ7MSSXH
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
10269
vevent
nym1-ib.adnxs.com/ Frame 46E0
0
841 B
Ping
General
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.zupimages.net%2F&e=wqT_3QKYCugYBQAAAwDWAAUBCNv12JUGEL7p3bTs_qKERhgAKjYJ8WjjiLX49D4ROZ90AbNr8D4ZAAAAoJmZqT8hOQ0SACkRJNgxAAAAQOF6hD8wqMDiCjjDRkCmBkgCUKblwZMBWPyclwFgAGj7jKkBeLjgAoABAYoBA1VTRJIBAQbwUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjU2MTA5Nzg3KTt1ZignaScsIDU2NjQxMiwgPhwAMHInLCAzMDkzNTkyNzA2OwDwkJIC-QMhYWxqd0hnaV9scFVSRUtibHdaTUJHQUFnX0p5WEFUQUVPQUJBQUVpbUJsQ293T0lLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVJLb0FRT3dBUUM1QWEtdlNqVzItUFEtd1FHdnIwbzF0dmowUHNrQkFBQUFBQUFBOERfWkFRQUEFD3BQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEiBEM5CQjwTERBQWdISUFnSFFBZ0hZQWdIZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsT1dVMHlPalEyTURIZ0E5RXVnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BHGlBWDVJNmtGDQ8YQThELXhCUREOEEFBd1FVGQ0ATRkoDEFBRFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBFXEAQh27BEJrFRcEQUMdGEBMZ0dDZy4umgKZASFWQlhZbD79AWRQeWNsd0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMFM1ShFiDDhEOVIRDAxBQUJaHQwAaB0MAHAdDAB4HQwMNEFJay5kAfDXLtgCueED4ALWl1zqAhpodHRwczovL3d3dy56dXBpbWFnZXMubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA5CrOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDggAEAEYACAAKAAwADgCuAQAwAQAyAQA0gQNODA2I05ZTTI6NDYwMdoEAggB4AQB8ASm5cGTAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYFIiwA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi0BEAAyAe44ALSBw0JEToBOAjaBwYJJ2jgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=31a2895d67764cfd8988035fb26efdbfb0c1dfbd&type=pv&jm=1003|1030&px=2820&py=475&bw=300&bh=250&sf=1&sid=5375116721108867777&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22585384&cid=3&cr=pv&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.207 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:52 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
286e5f97-35cd-4ef2-a5e0-7b2934898927
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zupimages.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame 2868
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220623-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
3242
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
0dUPbOT4lmNX0r66NY/L6ym5NDP7CE1NUEJXfo/BuwuncSXz8dn62BwSsxT8ueb70dwAAESnj0U=
x-served-by
cache-yul12824-YUL
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1656109792.025924,VS0,VE0
date
Fri, 24 Jun 2022 22:29:52 GMT
vary
Accept-Encoding
x-amz-request-id
XWBGF6WMZZ7MSSXH
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
71
x-cache-hits
10270
/
pips.taboola.com/ Frame 3D00
4 B
182 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12830-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.zupimages.net
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
cframe.js
assets.a-mo.net/js/ Frame 4EFF
7 KB
4 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f542632e79e4d1520577bced9891083909ab387e03d0a1855cee498993e7566

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
via
1.1 2e8406c72a912812119ae9f6e5b386a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
242
x-cache
Miss from cloudfront
content-encoding
br
last-modified
Tue, 21 Jun 2022 17:56:05 GMT
server
cloudflare
etag
W/"e0fe31f0c51644e093624e11705fc67b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
YTO50-C1
cf-ray
7208e79a4a5b7136-YUL
x-amz-cf-id
Bm9Syru9mpjGWuQg0jPEKin8aiwN9gc3WLQmRRjdqsHtFwtqMH4V9Q==
expires
Fri, 24 Jun 2022 23:29:52 GMT
match
ads.betweendigital.com/ Frame 1651
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D1a045212-f21f-4db9-80ac-fbf41042a81...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=927d62b6-3adc-4900-b1ae-1b13c2591c10&expires=30&ssp=between&bsw_param=1a045212-f21f-4db9-80ac-fbf41042a812&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1a045212-f21f-4db9-80ac-fbf41042a812
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1a045212-f21f-4db9-80ac-fbf41042a812
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=1a045212-f21f-4db9-80ac-fbf41042a812
Date
Fri, 24 Jun 2022 22:29:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
btw
px.adhigh.net/p/cm/ Frame 1651
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
0
77 B
Image
General
Full URL
https://px.adhigh.net/p/cm/btw?bounced=1
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
193.232.150.149 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp4.senders.ntvplus.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
x-kick-from-dns
true
server
nginx
content-type
text/plain

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f16-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/btw?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
btw
sync.dmp.otm-r.com/match/ Frame 1651
0
69 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/btw?id=309500ee-31e9-53b0-a9e7-e33bcb51d9e0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.104 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.104.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx/1.17.6
match
ads.betweendigital.com/ Frame 1651
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=E3dljLZHfhi6tyNGRjWvXsMN
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=E3dljLZHfhi6tyNGRjWvXsMN
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 24 Jun 2022 22:29:53 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=E3dljLZHfhi6tyNGRjWvXsMN
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bidder_18.html
cache.betweendigital.com/code/ Frame C06A
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=309500ee-31e9-53b0-a9e7-e33bcb51d9e0&CACHEBUSTER=120765
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 24 Jun 2022 22:29:54 GMT
etag
W/"60bf907f-ee9"
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
7b6ea68bab67e2dd85fb859c27067df6
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 75B9
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
197995
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7208e798ea3a8c23-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 9B47
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0a409798a02d81f07b3ae09a9b6a86f0c7f9fc2841ba6e874b0d55f6ce4b22cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77727
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9456
Expires
Sat, 25 Jun 2022 20:05:19 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame D9DE
0
317 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e79b3f5e8c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame EFF2
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=de98069c61d00eef011d9d7d6e81133f
43 B
1 KB
Document
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=de98069c61d00eef011d9d7d6e81133f
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

AN-X-Request-Uuid
4d519494-20ac-4765-a40b-2f4cee841c34
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 24 Jun 2022 22:29:52 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e79b3f638c23-EWR
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=de98069c61d00eef011d9d7d6e81133f
server
cloudflare
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dongle=0cfd
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=b74ec138-a50e-4d90-bfcd-2cfbc928158b&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEN6Y4xgMJSGFJ3eGJE0uVnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEN6Y4xgMJSGFJ3eGJE0uVnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEN6Y4xgMJSGFJ3eGJE0uVnE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQ3ODQzNDk3MzY0MTU4MDUyODIwNQ%3D%3D
date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 2805
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4478434973641580528205&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4478434973641580528205&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1&_expected_cookie=d064761...
43 B
142 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1&_expected_cookie=d064761f7e4382775087e20e2cd7c3ff
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7208e7a2d87fcab0-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8226bd1a-b08d-4a44-bdbb-47f94dad9ee5&_noobservation=1&_expected_cookie=d064761f7e4382775087e20e2cd7c3ff
date
Fri, 24 Jun 2022 22:29:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7208e7a1ffb2cab0-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4478434973641580528205?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.IP3xvpE2oRDdx4T5z09xGlLiIiu6QMcKdQwPkRWxg--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.IP3xvpE2oRDdx4T5z09xGlLiIiu6QMcKdQwPkRWxg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 24 Jun 2022 22:29:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.IP3xvpE2oRDdx4T5z09xGlLiIiu6QMcKdQwPkRWxg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4478434973641580528205&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ba371a18aef94069b1915b8565caf842&ssp=triplelift&bsw_param=322267bc-f5e6-348a-cae2-4d35a902d706&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1a045212-f21f-4db9-80ac-fbf41042a812&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1a045212-f21f-4db9-80ac-fbf41042a812&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1a045212-f21f-4db9-80ac-fbf41042a812&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 24 Jun 2022 22:29:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
iu3
s.amazon-adsystem.com/ Frame 2805
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4478434973641580528205
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4478434973641580528205&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4478434973641580528205&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N0BCJA5AWDBFPAGXA8KX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4478434973641580528205&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=aQgegR-9GmyIYygZSdye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFIWOZLHKIWTS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aQgegR-9GmyIYygZSdye
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aQgegR-9GmyIYygZSdye
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:53 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aQgegR-9GmyIYygZSdye
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 2805
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AADFUU7FbHYAABAxSk2UIQ&dongle=bzwx
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AADFUU7FbHYAABAxSk2UIQ&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AADFUU7FbHYAABAxSk2UIQ&dongle=bzwx
Date
Fri, 24 Jun 2022 22:29:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
connectmyusers.php
cdn.connectad.io/ Frame B3F0
1 KB
897 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7208e79cffc14bca-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
pips.taboola.com/ Frame 2868
4 B
38 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12830-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.zupimages.net
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
5339958381621273884
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 2DC1
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/5339958381621273884
0
81 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/5339958381621273884
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e79cbac38c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 24 Jun 2022 22:29:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/5339958381621273884
5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame AFA3
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
0
419 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e79f89a28c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 24 Jun 2022 22:29:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/5cfca5b3-af93-4982-bac3-49b1c0a42c71&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cds.taboola.com/ Frame 3D00
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=6de88ec3-403d-4941-92f8-26b87e9ce8e0-tuct9afc05d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:52 GMT
Cache-Control
no-store
Server
nginx
Connection
close
L4T10ASF-1X-IPY4
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 80C8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L4T10ASF-1X-IPY4?gdpr=0
0
376 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L4T10ASF-1X-IPY4?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e7a0fc8c8c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L4T10ASF-1X-IPY4?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
382e2818ca015d35b02cd449aa60881d
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFBE
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105109
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 26 Jun 2022 03:41:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 02A4
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zupimages.net&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zupimages.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 22:29:52 GMT
server-processing-duration-in-ticks
2220
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 22:29:53 GMT
/
track.adform.net/Serving/Cookie/ Frame 4EA2
73 B
494 B
Script
General
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
180
expires
-1
/
sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/ Frame 4EA2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.richaudience.com%2Ff79aa10af28935c0f42d7bcb6a649769%3Fuid%3D%24%7BUSER_ID%7D&_test=YrY64QALSsZtpgAj
  • https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj
  • https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj
95 B
346 B
Image
General
Full URL
https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Protocol
H2
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/f79aa10af28935c0f42d7bcb6a649769/?uid=YrY64QALSsZtpgAj&_test=YrY64QALSsZtpgAj
date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx/1.14.2
content-length
185
content-type
text/html
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 4EA2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2798025318759613024
95 B
346 B
Image
General
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2798025318759613024
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Protocol
H2
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:52 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ff556352-f3c7-400a-aecf-2c9dc34843e7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2798025318759613024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4EA2
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=171c780f-d20c-47f0-8a2c-0zz1656109788
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 22:29:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 Frame 7A36
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
0
0

async_usersync
ib.adnxs.com/ Frame DE31
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:52 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
21f17cd2-14ce-40c5-b98a-8b624232eefd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2b6a7239-f40d-11ec-b449-1f45e0b00103
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame BF25
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=2b6a72a0-f40d-11ec-b449-1f45e0b00103
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/2b6a7239-f40d-11ec-b449-1f45e0b00103
0
496 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/2b6a7239-f40d-11ec-b449-1f45e0b00103
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e7a6187d8c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 24 Jun 2022 22:29:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/2b6a7239-f40d-11ec-b449-1f45e0b00103
Server
nginx
X-fe
361
/
csync.loopme.me/ Frame 5BD8
0
0

sid
mug.criteo.com/ Frame 02A4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zupimages.net&sn=ChromeSyncframe&so=3&topUrl=www.zupimages.net&bundle=VwYQFF96VEtsanROVGlXYURmdW90TWh3dFZIYTg4SUFRYUd4S3dHRHMxTU51QyUyRnN1...
  • https://mug.criteo.com/sid?cpp=7OmwjHxaaTJoVlRyMjhyTDlTQUxnM3dpTzFxNmp1bmQyTXFqQjhZYTMvc0k0aExTbitMRSt4R041dVFLRTBPWnF3V2VEV3BMTStCTUliSm5NcmhVWjRwaG9pYUN5eU9ldGJaMU1SRkVkbnJYZkN1dW5DZ0svMHhSblc5Vj...
428 B
631 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=7OmwjHxaaTJoVlRyMjhyTDlTQUxnM3dpTzFxNmp1bmQyTXFqQjhZYTMvc0k0aExTbitMRSt4R041dVFLRTBPWnF3V2VEV3BMTStCTUliSm5NcmhVWjRwaG9pYUN5eU9ldGJaMU1SRkVkbnJYZkN1dW5DZ0svMHhSblc5Vjk3L1U3ZGE5N1k2MzIxRFZkSEFHNFI2ZkUyeUpXSkZCajVIZUsxNlFTckpXRTArRklHQ1dlR1QwKzdmcUcwOFphTFVSRGtUcnVYaFRLZkVEQTBwakFzcDVicHlaS3NzaUhUL3k5bkp3NnJRRXlvdGVtcGNHc0xZeVZGOUlIZ1dXRFJVV0FqTnM2bFhZeVBPUTg0ZGdMaVpqbDlhbWJtRHRPRVZQcjA1QytsV2JIUnpPR3EzYz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
5409a4f82a27d44c674d8a0ef7ba24dbfd6e4ce7a7860ea4723195bcbbc1437e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5816
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:52 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=7OmwjHxaaTJoVlRyMjhyTDlTQUxnM3dpTzFxNmp1bmQyTXFqQjhZYTMvc0k0aExTbitMRSt4R041dVFLRTBPWnF3V2VEV3BMTStCTUliSm5NcmhVWjRwaG9pYUN5eU9ldGJaMU1SRkVkbnJYZkN1dW5DZ0svMHhSblc5Vjk3L1U3ZGE5N1k2MzIxRFZkSEFHNFI2ZkUyeUpXSkZCajVIZUsxNlFTckpXRTArRklHQ1dlR1QwKzdmcUcwOFphTFVSRGtUcnVYaFRLZkVEQTBwakFzcDVicHlaS3NzaUhUL3k5bkp3NnJRRXlvdGVtcGNHc0xZeVZGOUlIZ1dXRFJVV0FqTnM2bFhZeVBPUTg0ZGdMaVpqbDlhbWJtRHRPRVZQcjA1QytsV2JIUnpPR3EzYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1855
content-length
567
expires
0
tap.php
pixel.rubiconproject.com/ Frame 9B47
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U7c-XMMkN4YJCuPFpBHDHcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5515320833668442085
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5515320833668442085
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif

Redirect headers

date
Fri, 24 Jun 2022 22:29:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5515320833668442085
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 9B47
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b74ec138-a50e-4d90-bfcd-2cfbc928158b&gdpr=0&gdpr_consent=&expires=30
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b74ec138-a50e-4d90-bfcd-2cfbc928158b&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b74ec138-a50e-4d90-bfcd-2cfbc928158b&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9B47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELJJ_ugxtDyqqwXCfPFlzbQ&google_cver=1
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELJJ_ugxtDyqqwXCfPFlzbQ&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELJJ_ugxtDyqqwXCfPFlzbQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 9B47
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4T10ASF-1X-IPY4&gdpr=0
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4T10ASF-1X-IPY4&gdpr=0
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 88A28D36048F4FF6BC506E41EE8C13E3 Ref B: BLUEDGE0406 Ref C: 2022-06-24T22:29:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXiORv209R4QPqSOy2VAw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4T10ASF-1X-IPY4&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9B47
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRUMTBBU0YtMVgtSVBZNA==&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRUMTBBU0YtMVgtSVBZNA==&gdpr=0
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRUMTBBU0YtMVgtSVBZNA==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9B47
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IFk2oSWfRyqw83BMoWl52A&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IFk2oSWfRyqw83BMoWl52A&gdpr=0
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IFk2oSWfRyqw83BMoWl52A&gdpr=0
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZNKJE26XDY2TCBWG2H1G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IFk2oSWfRyqw83BMoWl52A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9B47
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s5svjJPuQhe0v-6hct7zMw&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s5svjJPuQhe0v-6hct7zMw&gdpr=0
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s5svjJPuQhe0v-6hct7zMw&gdpr=0
Protocol
HTTP/1.1
Server
52.95.115.196 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4TJN6JV12QGE3M2F3X57
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=s5svjJPuQhe0v-6hct7zMw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 9B47
42 B
448 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 22:29:53 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
yahoo
prebid.a-mo.net/setuid/ Frame 4EFF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=a58b4f94-7a95-411b-b149-5fd879049f05
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-gWgwycpE2uFwY3vkkF9MxHI8jEYgZWIJdN.6Va4-~A&gdpr=0&gdpr_consent=
0
135 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-gWgwycpE2uFwY3vkkF9MxHI8jEYgZWIJdN.6Va4-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-gWgwycpE2uFwY3vkkF9MxHI8jEYgZWIJdN.6Va4-~A&gdpr=0&gdpr_consent=
date
Fri, 24 Jun 2022 22:29:53 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 4EFF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L4T10ASF-1X-IPY4&gdpr=0
0
115 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L4T10ASF-1X-IPY4&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L4T10ASF-1X-IPY4&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
cookie
cm.adform.net/ Frame 4EFF
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 4EFF
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%...
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=smartadserver&uid=5339958381621273884
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=smartadserver&uid=5339958381621273884
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=smartadserver&uid=5339958381621273884
date
Fri, 24 Jun 2022 22:29:53 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 4EFF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBQTc5QUEtNzZFMS00QTNFLTk0ODUtQzUzMjcxNTJDOTJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dpubmatic%26uid%3DB0AA79AA-76E1-4A3E-9485-C53...
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=pubmatic&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=pubmatic&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=pubmatic&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
date
Fri, 24 Jun 2022 22:29:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1 Frame 4EFF
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_co...
0
0

setuid
prebid.a-mo.net/ Frame 4EFF
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=sovrn&uid=E3dljLZHfhi6tyNGRjWvXsMN
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=sovrn&uid=E3dljLZHfhi6tyNGRjWvXsMN
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 24 Jun 2022 22:29:53 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=sovrn&uid=E3dljLZHfhi6tyNGRjWvXsMN
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 4EFF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=appnexus&uid=2798025318759613024
0
150 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=appnexus&uid=2798025318759613024
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:53 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ad18e69-7733-48ad-ae8c-034dff17adf1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=a58b4f94-7a95-411b-b149-5fd879049f05&bidder=appnexus&uid=2798025318759613024
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 4EFF
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=a58b4f94-7a95-411b-b149-5fd879049f05
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 22:29:53 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
be2ac851-bb57-44ae-9563-786bd9b0bcda
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 4EFF
86 B
386 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=a58b4f94-7a95-411b-b149-5fd879049f05
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame 4EFF
86 B
706 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=a58b4f94-7a95-411b-b149-5fd879049f05
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 4EA2
95 B
333 B
Image
General
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=483817835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
1
sync-eu.connectad.io/syncer/ Frame C9BA
5 KB
2 KB
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb17824288e8b3987d6ae50487e4c73362a03e4df2182cedbc684af96915d10b

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
7208e79efa9e4bca-YUL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 22:29:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
cloudflare
vary
Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame DFBE
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83934375&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
be97db6aa2d16de1dd990838fdfc498aa0cc7e4e71c60193e66873040bfdf816

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
cds.taboola.com/ Frame 2868
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=aaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.zupimages.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Jun 2022 22:29:53 GMT
Cache-Control
no-store
Server
nginx
Connection
close
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 66C5
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=105109
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 26 Jun 2022 03:41:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/pixel/ Frame 7646
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc&gdpr=0
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=rtaplus&bsw_custom_parameter=1a045212-f21f-4db9-80ac-fbf41042a812
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=rtaplus&bsw_custom_parameter=1a045212-f21f-4db9-80ac-fbf41042a812
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5e5aac34-92f4-4737-bc48-45f4a9d9322e&ssp=rtaplus&expires=30&user_group=5&bsw_param=1a045212-f21f-4db9-80ac-fbf41042a812
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=1a045212-f21f-4db9-80ac-fbf41042a812
0
0
Document
General
Full URL
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=1a045212-f21f-4db9-80ac-fbf41042a812
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
7208e7a62967ca5f-YUL
date
Fri, 24 Jun 2022 22:29:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 24 Jun 2022 22:29:54 GMT
Location
//sync-eu.connectad.io/pixel/1?dataid=data3&uuid=1a045212-f21f-4db9-80ac-fbf41042a812
Server
nginx
cookie
cm.adform.net/ Frame A85C
43 B
105 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 24 Jun 2022 22:29:53 GMT
server
nginx
cm
u.openx.net/w/1.0/ Frame 958B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7B...
773 B
815 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/7f1e280 /
Resource Hash
1250698db8cc473d47968d59c948a5b5e7e381a5c3737758509c8bfe4d2d514b

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
480
content-type
text/html
date
Fri, 24 Jun 2022 22:29:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 24 Jun 2022 22:29:53 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
via
1.1 google
1
sync.connectad.io/umatch/ Frame 5F9B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=connectad
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=NJyIuKsAUVKYk387T5rb&pi=connectad&tc=1
0
0
Document
General
Full URL
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=NJyIuKsAUVKYk387T5rb&pi=connectad&tc=1
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
7208e7a5e924ca5f-YUL
date
Fri, 24 Jun 2022 22:29:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 24 Jun 2022 22:29:54 GMT Fri, 24 Jun 2022 22:29:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=NJyIuKsAUVKYk387T5rb&pi=connectad&tc=1
pragma
no-cache
1
sync.connectad.io/umatch/ Frame CA6C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=E3dljLZHfhi6tyNGRjWvXsMN
0
0
Document
General
Full URL
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=E3dljLZHfhi6tyNGRjWvXsMN
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
7208e7a2cf9a4bca-YUL
date
Fri, 24 Jun 2022 22:29:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Connection
close
Date
Fri, 24 Jun 2022 22:29:53 GMT
Location
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=E3dljLZHfhi6tyNGRjWvXsMN
X-Sovrn-Pod
ad_ap3dca1
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1 Frame 7304
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
  • https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
0
0

/
onetag-sys.com/usync/ Frame 6270
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc
csync.smilewanted.com/set_partner_userid_get/connectad/ Frame 7E73
0
700 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/connectad/hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e7a0ec7c8c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
1
sync.connectad.io/umatch/ Frame 958B
0
840 B
Image
General
Full URL
https://sync.connectad.io/umatch/1?dataid=data5&uuid=dd41a5a7-12af-064a-3989-bf79ba367e5c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
7208e7a5e923ca5f-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sd
us-u.openx.net/w/1.0/ Frame 958B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 958B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrY64QALSsZtpgAj
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrY64QALSsZtpgAj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656109794.102222,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrY64QALSsZtpgAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
70584c2c-3b9c-a7ea-63d2-6999c43a7198
pr-bh.ybp.yahoo.com/sync/openx/ Frame 958B
43 B
986 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/70584c2c-3b9c-a7ea-63d2-6999c43a7198?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:19f8:d00:d1ab:5f75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 958B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttd_puid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0&gdpr_consent=
43 B
249 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttd_puid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b74ec138-a50e-4d90-bfcd-2cfbc928158b&ttd_puid=e49f2a68-ab30-35a3-5205-7f6c3b6dbcd1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 958B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzhmMGY5YTItNjI0Ny02YjA3LTQ3ZTUtMjVkNWYxOGY3MmIx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 958B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIowZWJRYkk5CWe64imorio&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIowZWJRYkk5CWe64imorio&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIowZWJRYkk5CWe64imorio&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame C06A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1a045212-f21f-4db9-80ac-fbf41042a812&ssp=between&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10821094373694048936&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ddc2d496-f108-4206-8ad7-35746168dba9&ssp=between&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10821094373694048936&ssp=between&gdpr=&gdpr_consent=
0
0

match
c1.adform.net/serving/cookie/ Frame C7CA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 24 Jun 2022 22:29:54 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 24 Jun 2022 22:29:54 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4548
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrY64QALSsZtpgAj&gdpr=0&gdpr_consent=
1 B
318 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrY64QALSsZtpgAj&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 24 Jun 2022 22:29:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 24 Jun 2022 22:29:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YrY64QALSsZtpgAj&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12830-YUL
x-timer
S1656109795.613775,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
42 B
341 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 24 Jun 2022 22:29:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 24 Jun 2022 22:29:54 GMT
Expires
Fri, 24 Jun 2022 22:29:53 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master ord-pixel-x50 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:927d62b6-3adc-4900-b1ae-1b13c2591c10&gdpr=0&gdpr_consent=
rtset
bh.contextweb.com/bh/ Frame C803
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERlVVN0ZiSFlBQUJBeFNrMlVJUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFUU7FbHYAABAxSk2UIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
0
0

B0AA79AA-76E1-4A3E-9485-C5327152C92D
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame B2D8
0
511 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/B0AA79AA-76E1-4A3E-9485-C5327152C92D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7208e7a86dd78c23-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Jun 2022 22:29:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKp5qnbhSj6UhcUycVLJLQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105108
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 26 Jun 2022 03:41:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame DFBE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c626369d36c55fd3ac0c233acfe1e30773077bbe77f02ca26fc0be07ac9cfd11791426b5417dce21&_=2
0
0

SPug
image4.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=927d62b6-3adc-4900-b1ae-1b13c2591c10
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=927d62b6-3adc-4900-b1ae-1b13c2591c10
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 24 Jun 2022 22:29:54 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=927d62b6-3adc-4900-b1ae-1b13c2591c10
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 24 Jun 2022 22:29:53 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBQTc5QUEtNzZFMS00QTNFLTk0ODUtQzUzMjcxNTJDOTJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI9Y5iD_CH3CPyNHpS214DY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DFBE
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2831007936169504445&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 24 Jun 2022 22:29:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b74ec138-a50e-4d90-bfcd-2cfbc928158b
42 B
277 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b74ec138-a50e-4d90-bfcd-2cfbc928158b
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 22:29:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b74ec138-a50e-4d90-bfcd-2cfbc928158b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
B0AA79AA-76E1-4A3E-9485-C5327152C92D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DFBE
43 B
986 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B0AA79AA-76E1-4A3E-9485-C5327152C92D?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:19f8:d00:d1ab:5f75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame DFBE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B0AA79AA-76E1-4A3E-9485-C5327152C92D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KDkdiGpE2uW2pB5yTpJu7kz3QgayTlw-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KDkdiGpE2uW2pB5yTpJu7kz3QgayTlw-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 22:29:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KDkdiGpE2uW2pB5yTpJu7kz3QgayTlw-~A&gdpr=0&gdpr_consent=
date
Fri, 24 Jun 2022 22:29:54 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10821094373694048936&ssp=between&gdpr=&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADFUU7FbHYAABAxSk2UIQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=c626369d36c55fd3ac0c233acfe1e30773077bbe77f02ca26fc0be07ac9cfd11791426b5417dce21&_=2
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR function| $ function| jQuery object| jQuery1102020157674353257882 function| __tcfapi function| __uspapi function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 function| refreshVisibility26328 object| sc function| Adcall_26328 string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| MobileDetect object| md object| regeneratorRuntime function| __tcfapiui object| gaplugins object| gaGlobal object| gaData boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| verbose object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| confiant function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| libJsLeadPlace string| Smart_SR_data boolean| tmcredentials object| Criteo object| google_llp number| google_lpabyc object| google_image_requests undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26300 object| slowBidders object| adsArea26322 object| observers26322 function| refreshQueueManager26322 function| loopChecker26322 object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 object| adsArea30012 object| observers30012 function| refreshQueueManager30012 function| loopChecker30012 object| TRC number| taboola_view_id object| el object| lastBidder26322 object| lastBidder26328 object| lastBidder30012 function| Viewability function| Interstitial object| newObj9251369 function| pub_ist_hd number| lnt_z object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| criteo_syncframe_state

105 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQjvnXvpkwCgoIgQIQjvnXvpkwCgoIlAIQjvnXvpkwCgoI5gEQjvnXvpkwCgoIhwIQjvnXvpkwCgkICRCO-de-mTAKCQg6EI75176ZMAoJCAsQjvnXvpkwCgoIjAIQjvnXvpkwCgkIXxCO-de-mTA=
www.zupimages.net/ Name: PHPSESSID
Value: 91oqhmej5jm580vr4p4g3jgak0
.zupimages.net/ Name: _ga
Value: GA1.2.183789403.1656109787
.zupimages.net/ Name: _gid
Value: GA1.2.963792114.1656109787
www.zupimages.net/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.zupimages.net/ Name: sharedid
Value: 38474c2f-79c4-4eec-94a3-7f8cbbb721e3
.zupimages.net/ Name: _gat
Value: 1
.quantserve.com/ Name: mc
Value: 62b63adb-9759e-bf220-43e59
.zupimages.net/ Name: __qca
Value: P0-1846196188-1656109787576
.zupimages.net/ Name: __gads
Value: ID=53bf7feba0348b12-229c7b10fdd2006f:T=1656109787:RT=1656109787:S=ALNI_MYNDCwJgtJbEM94gsXBowk3pZh1cQ
.zupimages.net/ Name: __gpi
Value: UID=0000062e7caa1237:T=1656109787:RT=1656109787:S=ALNI_Ma2FxfCc01_XecCIINa4ZO3eeQ2kw
.zupimages.net/ Name: cto_bidid
Value: f5jL4l92JTJCUjFJSEFZZk5BUlN5QiUyRkY4TE9halJ5UE4wdGRzQkthOFJhMXIyVzRHSFREcWtuT0hhYldmVUIyc25SeGxQUnh3OGY0VEswQWpUandEcERpN3RoZkElM0QlM0Q
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 981e946c-f4af-4361-8629-cc83f5a9fcea#1656109787755#2
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 309500ee-31e9-53b0-a9e7-e33bcb51d9e0
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AC14ojTnn2SldgBt
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJkM2JkMTk4Ni0zYzZlLTQwNzEtYmJmMi0xYTRjZDUyMGJlMDIiLCJleHBpcmVzIjoiMjAyMi0wOC0yM1QyMjoyOTo0OC4wMDM0NTU5NTlaIn19LCJiZGF5IjoiMjAyMi0wNi0yNFQyMjoyOTo0OC4wMDMxNDU2WiJ9
.omnitagjs.com/ Name: ayl_visitor
Value: 6f1663c62690200c378bac6fda1e6c1c
.adnxs.com/ Name: icu
Value: ChgIiI5zEAoYASABKAEw3PXYlQY4AUABSAEQ3PXYlQYYAA..
.adnxs.com/ Name: uuid2
Value: 2798025318759613024
.cpx.to/ Name: cpSess
Value: 3c7e4031c1ee0bf9
.richaudience.com/ Name: pdid
Value: 171c780f-d20c-47f0-8a2c-0zz1656109788
.rubiconproject.com/ Name: khaos
Value: L4T10ASF-1X-IPY4
.prebid.a-mo.net/ Name: __amc
Value: 1_1656109787_1656109787
.a-mo.net/ Name: amuid2
Value: a58b4f94-7a95-411b-b149-5fd879049f05
.prebid.a-mo.net/ Name: sd_amuid2
Value: a58b4f94-7a95-411b-b149-5fd879049f05
.mathtag.com/ Name: uuid
Value: 927d62b6-3adc-4900-b1ae-1b13c2591c10
.adsrvr.org/ Name: TDID
Value: b74ec138-a50e-4d90-bfcd-2cfbc928158b
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B0AA79AA-76E1-4A3E-9485-C5327152C92D
.doubleclick.net/ Name: IDE
Value: AHWqTUmoZ-yspQ1hm0D4HxDblxUs8Vs7U0JqTTF5Wh8niPam5Yj-7o4KcBkc2ZPI0bs
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.cpx.to/ Name: dsp_app_nexus
Value: 2798025318759613024#1656109788277
.doubleclick.net/ Name: DSID
Value: NO_DATA
.cpx.to/ Name: dsp_dbm
Value: CAESEFBdshPoB_yWeUesq6_xx1s#1656109788380
.smartadserver.com/ Name: pid
Value: 5339958381621273884
.smartadserver.com/ Name: csync
Value: 111:ID5-ZHMOgM8avJjGisBCZO8kwUwK6Ex8Pg3h9nSEAklj7A
.cpx.to/ Name: dsp_TTD
Value: b74ec138-a50e-4d90-bfcd-2cfbc928158b#1656109788482
.cpx.to/ Name: dsp_pubmatic
Value: B0AA79AA-76E1-4A3E-9485-C5327152C92D#1656109788504
.yahoo.com/ Name: A3
Value: d=AQABBNw6tmICEClQgV8Etf3A9aQxb7a89-gFEgEBAQGMt2LAYgAAAAAA_eMAAA&S=AQAAAlLu85xdvE2g3BFnRzOiejc
.tapad.com/ Name: TapAd_TS
Value: 1656109788596
.tapad.com/ Name: TapAd_DID
Value: ddc2d496-f108-4206-8ad7-35746168dba9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.smartadserver.com/ Name: vs
Value: 201923=4985189
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.smartadserver.com/ Name: dyncdn
Value: 1
.mediarithmics.com/ Name: mics_vid
Value: 27713934984
.mediarithmics.com/ Name: mics_uaid
Value: web:1:3c00022f-8e3a-4437-b888-3ca81cbc71cc
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637917065889688943&o=1
.mediarithmics.com/ Name: mics_lts
Value: 1656109789307
.id5-sync.com/ Name: 3pi
Value: 2#1656109788055#1571810947#3185939832957658367|18#1656109789558#-1109958487|3#1656109788288#339955442#927d62b6-3adc-4900-b1ae-1b13c2591c10|102#1656109788586#-545433401|264#1656109788439#1072146121#b74ec138-a50e-4d90-bfcd-2cfbc928158b|108#1656109788719#-970559261
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
www.zupimages.net/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Daaacbbee-75de-483b-bc0a-f471e40c43fa-tuct9afc05d
.bidr.io/ Name: bito
Value: AADFUU7FbHYAABAxSk2UIQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.smartadserver.com/ Name: Trk290876
Value: Value=886920&Creation=24%2f06%2f2022+22%3a29%3a50
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: b2f00e13ad630b2ffebd89e74d375d3f
.zemanta.com/ Name: zuid
Value: aQgegR-9GmyIYygZSdye
.3lift.com/ Name: tluid
Value: 4478434973641580528205
.lijit.com/ Name: ljt_reader
Value: E3dljLZHfhi6tyNGRjWvXsMN
.richaudience.com/ Name: cmpsync
Value: 1
.criteo.com/ Name: uid
Value: 0d049871-189f-4b3f-9067-af3297451e30
.smilewanted.com/ Name: sw_user_params_infos
Value: lRZ4%2B4BjGB75GCG4angrKyTCq3NwNP6xBH8ngh%2FD2Ku2f6rSDGDUswu6uRJc8iLfzrXyfidXr9Sbd6tXJoQuuRJmKyHlbknRPC5sG2%2B5z208Od3HNMrgubjI5Va%2B4H1s148Mx0lkbnas69qI5KZ8Sw%3D%3D
.bidswitch.net/ Name: tuuid
Value: 1a045212-f21f-4db9-80ac-fbf41042a812
.bidswitch.net/ Name: c
Value: 1656109792
.connectad.io/ Name:
Value: cadsync
.360yield.com/ Name: tuuid
Value: 5cfca5b3-af93-4982-bac3-49b1c0a42c71
.360yield.com/ Name: tuuid_lu
Value: 1656109792
.richaudience.com/ Name: avcid-apn-uid
Value: 2798025318759613024
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKi49O7ijus6EAUSFgoHcnViaWNvbhILCI65gfTijus6EAUYASACKAIyCwiosPeb-Y7rOhAFOAFaB3N2eDl0NTBgAg..
.linkedin.com/ Name: li_sugr
Value: 8226bd1a-b08d-4a44-bdbb-47f94dad9ee5
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&bb543979-cfba-4ffe-8737-8d6641914bfd"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2851:u=1:x=1:i=1656109793:t=1656196193:v=2:sig=AQEZEhcanEtxrlYGvSHxj7nZHrtqjP33"
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid_lu
Value: 1656109793
.adnxs.com/ Name: anj
Value: dTM7k!M4/QDunaTF']wIg2E?]tzBRI!]tbx8bhzs#DNB=:lK9B*:1C`[mpI$V>[`qDBbZ'G535lXoelnQOy*c[jM1C_$U8NO@M85_>Udv+3?@^)`q$B<QrmK41jk2i8Ad/4yAL@4jhAq4/U<h5/0eO3]npr^yUw0)rP$6@8dZP!!)_!/x++/
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJkZTk4MDY5YzYxZDAwZWVmMDExZDlkN2Q2ZTgxMTMzZiIsImV4cGlyZXMiOiIyMDIyLTA5LTIyVDIyOjI5OjUyWiJ9LCJhbXgiOnsidWlkIjoiYTU4YjRmOTQtN2E5NS00MTFiLWIxNDktNWZkODc5MDQ5ZjA1IiwiZXhwaXJlcyI6IjIwMjItMDktMjJUMjI6Mjk6NTNaIn19LCJiaXJ0aGRheSI6IjIwMjItMDYtMjRUMjI6Mjk6NTJaIn0=
.rlcdn.com/ Name: rlas3
Value: TleSYhc8pRT5gwBnmCRJd8hoz0y1KLBglJyBgc3FZEY=
.rlcdn.com/ Name: pxrc
Value: CAA=
.connectad.io/ Name: uid
Value: hyINN1QrH1lsJBbpfuFyx4oOUHjYBHfyNp7kDUdc
.connectad.io/ Name: id
Value: eyJpdiI6IkNDd1YyUHBhUHFOOG1vK3VObFhcL2d3PT0iLCJ2YWx1ZSI6Ik0yRXRpR1pDRllMT0FsVDNUTDRTU3hXaDhrREd5XC8yN0pyQmcyVDhiVmFROVJiK01EaHphaE9aOENld09DZmZzQUl6dGRXcG9GU2w1bGFsQm5iVDZtOVFBR3d4VXczY0xWbFVHN0xLOXVqSnc0cGFGcXNoZE5WdUx4dERTZ1ZhMmtJQTZwNGpCb1JcLzdISlpOdVRWeWNBPT0iLCJtYWMiOiIwOTEzODM4NTFkZmMwMTMzNmM3ZmNmOTc0ZDdhZDBlNjdiODI3NzA1MGQ3M2NmMjFmY2NmOGIxNGRmMWIxNTQxIn0%3D
.pubmatic.com/ Name: SyncRTB3
Value: 1657238400%3A220
.pubmatic.com/ Name: ipc
Value: 158355^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Da58b4f94-7a95-411b-b149-5fd879049f05%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID^2^0
.pubmatic.com/ Name: pi
Value: 158355:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.zupimages.net/ Name: cto_bundle
Value: opGvyl96VEtsanROVGlXYURmdW90TWh3dFZLcm5yMUlEWHI5T3A1JTJCajd1SWRoVExwJTJCdkh5QnN2czE5UXM3anNmTFhkY1ZVSWN5ZVMzcEt5eUxRZmpUYjM4VE1kckw1TzAydHc3VzJXdzV1T0ZGR0ljRUpUT01YemRSbjRDdE04N1pJcEgwdTZjS1NyJTJCTTY5TmtxOHpjQ2REVEElM0QlM0Q
.adhigh.net/ Name: gi_u
Value: 6qm1nGaWLO2.AikABlGBl9X_kg
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bFoqhZxnlnoou1WuCoMxA8a+JUixCbOKdrlsURZUKs6GG1eUVtbfl4hlxwPFRRkdKGGtFGquGeP3WlCtH3bHFbQBUQ3rNZOh0Qbsm1clVNMrQ==
.casalemedia.com/ Name: CMID
Value: YrY64d5T7SehGkgq8fwyxQAA
.casalemedia.com/ Name: CMPS
Value: 020
.betweendigital.com/ Name: ut
Value: YrY64QAH53De8fCF32-He5M03PAjEY9WQFR2gw==
.openx.net/ Name: i
Value: 37331531-02b7-0a54-08d3-b7845f4a8f2c|1656109793
.amazon-adsystem.com/ Name: ad-id
Value: A-G7B859xUHyh9Vo_NexojA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AADFUU7FbHYAABAxSk2UIQ
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ssum.casalemedia.com%2C%20r19.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da58b4f94-7a95-411b-b149-5fd879049f05%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.themoneytizer.com
adservice.google.ca
adservice.google.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
apis.cmp.quantcast.com
assets.a-mo.net
b1h.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.tmyzer.com
c1.adform.net
c2shb.pubgw.yahoo.com
cache.betweendigital.com
cdn.adnxs.com
cdn.connectad.io
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
ced.sascdn.com
cm.adform.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
cookie-matching.mediarithmics.com
crcdn01.adnxs-simple.com
creativecdn.com
csync.loopme.me
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
inv-nets.admixer.net
kvt.sddan.com
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
nym1-ib.adnxs.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pippio.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
protected-by.clarium.io
px.adhigh.net
px.ads.linkedin.com
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
shb.richaudience.com
simage2.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.connectad.io
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
tag.leadplace.fr
tlx.3lift.com
tmk.smartadserver.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zupimages.net
x.bidswitch.net
zupimages.net
aa.agkn.com
bh.contextweb.com
csync.loopme.me
pippio.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.crwdcntrl.net
um.simpli.fi
100.25.49.196
104.127.172.242
104.18.101.194
104.22.69.131
104.36.115.113
104.36.115.123
107.22.248.125
107.23.118.220
13.225.66.191
141.226.224.32
141.95.98.66
142.250.64.66
142.251.40.130
145.239.192.166
145.40.89.200
151.101.129.108
151.101.129.194
151.101.129.44
151.101.193.44
151.101.194.49
151.101.65.108
151.236.118.210
162.55.233.28
172.98.26.126
184.85.195.135
185.167.164.43
185.184.10.30
185.184.8.90
192.35.249.127
193.232.150.149
195.201.152.104
195.244.31.10
199.187.193.140
199.187.193.181
199.187.193.192
199.187.193.199
199.187.193.200
204.62.13.72
208.115.232.150
212.129.3.112
216.200.232.253
23.21.165.102
23.33.44.85
23.54.68.184
23.54.68.197
2600:141b:13::17d7:822b
2600:1f18:4e9:5a01:19f8:d00:d1ab:5f75
2600:9000:21dd:1c00:6:44e3:f8c0:93a1
2600:9000:21ea:7400:9:46dc:4700:93a1
2602:803:c002:200::113
2606:4700:10::6816:1957
2606:4700:10::6816:36ce
2606:4700:10::6816:37ce
2606:4700:3038::6815:e9c5
2606:4700::6812:272
2606:4700::6813:9e13
2607:f8b0:4004:c09::9a
2607:f8b0:4006:806::2002
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::200e
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:22::14
2a02:6ea0:c400::12
3.230.192.192
34.202.202.48
35.157.246.167
35.190.60.146
35.211.178.172
35.244.159.8
35.71.131.137
35.71.139.29
37.157.4.24
37.157.4.25
46.137.175.60
51.222.39.184
52.210.143.40
52.45.33.138
52.46.154.242
52.95.115.196
54.154.72.131
54.164.218.146
54.175.54.201
54.36.150.187
54.38.64.100
63.251.86.51
64.202.112.95
68.67.160.137
68.67.179.91
68.67.181.207
69.173.151.100
70.42.32.255
74.119.119.129
74.119.119.139
8.28.7.82
8.28.7.83
8.28.7.84
96.46.183.20
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0727988881bef77bba2dc1553b2d17f15deb67f0c6595a28273a9f56b57a6d40
07a174ab8a296f70c811dfca6bbcf042f1eea52478d6b6dfb5137a0281b72704
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0a0bd439de4416ea0c6aa82eb5622e9061eaa9694a319747808dfe4ea2d151cd
0a409798a02d81f07b3ae09a9b6a86f0c7f9fc2841ba6e874b0d55f6ce4b22cf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
1250698db8cc473d47968d59c948a5b5e7e381a5c3737758509c8bfe4d2d514b
13de31994b659fe46dafca8dbceb7083780c45aed2e605265647897fa0aca999
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15a3ef2e03a12e2d33b83daebf12cc066f4bb819fcd52a14f1aaae663540431f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1910fa08f4ea69e1c561b007eb70930c5e1122750327c4fd36f5a343989612cd
1934484c6e3de585a10ee635a01b793a2ca123f451c4b983719480bbdfe67460
1b4cede075182023770da5277bdc3605cb3beb3286c89f6074d24b1dd770fca0
1b6d777b7ff20b6c3d0d042c16988ea141e238c7351f582027357689338861a5
1f542632e79e4d1520577bced9891083909ab387e03d0a1855cee498993e7566
1fc22a74cbe99e91548c82b011349db4937c8c693dfa3bafe75dade9856baba4
2064a9bf596e317cb309441cb39ac15a8196bd6b55c679e5c68817a2c22e6846
21f090de2ce4483842ec7b9a44e3858a614af4139b0d6e5d2391e57a5941a645
22f0de3e0286092962d93ca3d7cc363b5945d5cd5e32b93863bec0e8a53de80b
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d4b586c986d6fd93586557470ca8c664dc385397e6f43fb6e0d44497ecd80b7
2ea4e6420a06884ea2613cad4c76e860fd3bc2880a226d838d854c7d5bbbe80c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f449517071372cfe0364f386adb23c38b0c20b99450ce636fde4e1abb4f672e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c
446dccf495439073ea1a877a7d27729a40991f0fb6f25900876b75725d9b67f0
46c998e4578d9a0011b253b8dafaec1f8733527c788a5ff2f6898e5387caefe1
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494f0f54e4a6b99a35d5e58d659c378d008114f2beb3cbe73a2a62e69ae8fdd9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50add6c21b4f6948aafffcb35e64cc01300860e9691ab117790f6a51c50db720
5191996e88bb4f451ca68b058e7a83057c03399885a762177d22717b327dfb87
522ca1fbeccb1955e29bfb0995d8fa69b4386197c7195823027e8679fa15a6d6
5409a4f82a27d44c674d8a0ef7ba24dbfd6e4ce7a7860ea4723195bcbbc1437e
54123bdc7abf20ca23f6f980c96255124a63d90dfd86444058fd96f27e997938
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
5536966979688e97a4b8ed333e56d318f1e38d7ed7a6a6d2c19021ce894dffe1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5906e88fb1c8b087fca2c1b1f751e831c19165952ea0e2b2ee066505ff1f41f3
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
5e3d312d38ed11b4eb51b27441c5d211edfa1dfd6ebeda861bca1420b7e4198b
5ea2ee0f208493177bc197d3a7b29d9a57c393225174d4568f808e79a4a4e7bb
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6084d63cdb56423eb1e424577286ddb988758f0ce47109a4ea5793dcfaa221ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62180a6cc1135d7bb568c121566a6a21ec9e041aa5f102cf239fb9a98073a396
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a8690ff7476862a1112202db60a78e0c1f65fab37f699caca36cb80ca6abb04
6a8d2e6d62758035e2930dbafcf25f0c4b751cd326a3a73237a5a880b7f62ec5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
73bbc484b3d43584fa285453ff2fbafe05cd7c1328d317ffd7239492dd348348
7512adadf0b067094c0abe674c78c1f9637e6d1ab45d35b119135db6d49cafd0
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7f4133f79cbda66554970a558c459336fa784ebde8621553aaa97c34ab9c205b
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
82009546877bd0e33897de19d48b10a89c32182f68eeaecd8461d0e94dc80873
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab20ac6ee276f1f2bfbcea1215c83360d284d3e3f39f4724da18a6daf76416e
8b1a4e9bb3c8d9d340b7027c28bc36620da4cd48e7aae69d8a3458d0fde2fa49
8ce5fc696c84c677f9c906e3c298446ae54d4ed5d3de7c1ae6eb3c43d916e9ce
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc
8facf7ae16122632df54d9ab2727fe669adf5c2a7142364cf428eb80b0620fb0
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9
90b35b5c9587da3f6f397d6ae1b8c58054be54948acf999f0e3458ede22ff7e6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
994187aed7ba871b0960ca4c96283fa328b45fb194e600e3907c461122e26ce2
9b87ba9f38a8905c569f57b2e7f262a904383984fb76af355216f2cd31e856a7
9ca3cb0bf66c47aa380608c5433c83ffee5f9dbebe8d4241d3bc9f8b1278838a
9d67998d946b452ad4f9d2d56b25d525d64b48fcfd7f463e4145141ce112396f
9f235d195451b13294c9fdb41898a4d518c5a4f59310a00e2eaf688703c6dfb4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fe930bedb0e3d98f2503da5eab788268c8d643caa9bee196e2bbfbc22f3cb3
a56aef362a374f2300d4004413bb3cf95e7c456a8a590ec3d20abfe8ef50f221
a8d8e2d6947111361b7e4ab01e7d5b28c8a41bb0ce373694f937930678b74781
aaf0a3935aa4ffd5280aea30aeb34f7cd779bf6abd48278609d06338031f4790
ad5599052de9a6aea385e3260e775aaab44c4dda37b004176294b1edb036d1c9
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
af35fcabf994e4505580c738fde38b59278d44aa5738aa9a726b41fec90073f1
b0e97d7ee8067446c23db1c99619b20755ea1d17c64971b5f16426aa41111e19
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41946b764af8ba045a081358aeeed48fdc42aa8240969a23732a4e41efcc917
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4a39a62d25ee48d7db7807feb47ac8882273261da0ff569e4961f64b3a4c353
b90814a9491f08fac560e76e26508b60e6920a5e61ba9b435d3d4b3b8dcba7d3
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be97db6aa2d16de1dd990838fdfc498aa0cc7e4e71c60193e66873040bfdf816
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf2fe1af73e59e0cc944abf2e8f4a94e1f592cbe97a3fbb9788811e7d45e8196
c0ba9b8e6a9bdfe5da98879966af1f52e68a3e54a917082d092d841928de74cd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c65eee8d25c4e24bd064c181cbc6de011da18b51ef54ad08e33757ef44181e6c
c9241fb453df5bcc7a5896039ce3abd7280bbb94a961a581433a990bd7a789d1
cb17824288e8b3987d6ae50487e4c73362a03e4df2182cedbc684af96915d10b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d0cda494673a8d8a62789f5840482f4209d64fce1a52643b8efadc9ed0845a03
d81706b1582c94df5c7db76d7a08ac02e464b09ace060035b57a8e2b2bd0efe1
d93fd0b87ba2f26ca429bc869f5546a9af95302d7c62a0c5cbc6ad264484a65e
dd43b2a4263f001d674632eb445eca35bea1cfc448958b333bd46c1160c0c79a
e084db01b5234b4a24b89064f84e52597e212dec07d0efdbf11ca91ee108fd8f
e12faeacfa3a0a048ac31777f9d7f8c415582ebfc3ab4f774de87c8e9217d672
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7989a4b246360e62b8489e8f772c9debac586cf53f21e77edbba23e31bde9c7
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec08be17e4c62a6f369d67030a8da4ff8b6ff12892039bf78e5917ea0fc4340e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3294d4b5ca24380c162583a68f6fcddef49716fdda31bc90ca4cc950a4fb5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1eb55e777e45316fed7c686f03d29ab9b1def4bef451dfc9970206aec046b7
f55e898b0b8daf1940d47028ca18c094f13ae0175ef361df9edf260fe16c37d7
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa3c38c644dbb0d4c6b4ba7970b7d3e7de25f70a1efe9f4b4b6ce25b6e14f38e
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f