urlscan.io logo urlscan.io
SecurityTrails logo

pjma.info Open in urlscan Pro
216.219.81.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://pjma.info/fb-item68325400236i5263/login.php
Submission: On August 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 5 countries across 56 domains to perform 100 HTTP transactions. The main IP is 216.219.81.3, located in United States and belongs to IS-AS-1, US. The main domain is pjma.info.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 25th 2023. Valid for: 3 months.
This is the only time pjma.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 216.219.81.3 19318 (IS-AS-1)
3 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 104.18.34.83 13335 (CLOUDFLAR...)
3 18.164.124.103 16509 (AMAZON-02)
3 3.136.136.253 16509 (AMAZON-02)
2 67.202.105.33 32748 (STEADFAST)
1 13.225.223.33 16509 (AMAZON-02)
4 23.206.121.209 20940 (AKAMAI-ASN1)
4 108.138.128.124 16509 (AMAZON-02)
2 15.235.42.104 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 141.94.171.212 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
10 10 142.250.80.34 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 1 67.202.105.21 32748 (STEADFAST)
2 2 108.138.106.17 16509 (AMAZON-02)
1 1 199.38.167.131 54312 (ROCKETFUEL)
3 5 54.88.112.111 14618 (AMAZON-AES)
2 3 107.178.254.65 396982 (GOOGLE-CL...)
12 17 104.107.25.203 16625 (AKAMAI-AS)
5 5 108.138.128.21 16509 (AMAZON-02)
4 2600:9000:251... 16509 (AMAZON-02)
2 34.123.65.25 396982 (GOOGLE-CL...)
1 108.139.29.87 16509 (AMAZON-02)
3 3 15.197.193.217 16509 (AMAZON-02)
3 3.136.3.63 16509 (AMAZON-02)
3 4 35.190.60.146 15169 (GOOGLE)
1 1 54.83.175.63 14618 (AMAZON-AES)
1 3.213.195.177 14618 (AMAZON-AES)
3 7 3.230.62.22 14618 (AMAZON-AES)
1 2 34.111.234.236 396982 (GOOGLE-CL...)
2 11 3.228.223.152 14618 (AMAZON-AES)
1 104.124.154.37 16625 (AKAMAI-AS)
1 2 63.251.114.136 32475 (SINGLEHOP...)
1 3.216.196.251 14618 (AMAZON-AES)
1 108.139.29.127 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 34.171.234.26 396982 (GOOGLE-CL...)
2 63.251.114.137 ()
4 4 18.164.124.41 16509 (AMAZON-02)
1 69.173.151.100 ()
1 2 52.46.151.131 16509 (AMAZON-02)
1 2 216.22.16.8 30633 (LEASEWEB-...)
1 1 34.247.150.29 ()
1 2 23.23.38.193 14618 (AMAZON-AES)
1 13.225.223.2 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 1 52.1.88.9 ()
2 2 35.210.53.219 ()
1 34.229.3.43 ()
2 2 52.55.2.158 ()
1 1 64.58.232.176 ()
1 69.169.86.39 ()
1 2 89.108.119.28 ()
2 2 68.67.161.208 ()
100 48
3    216.219.81.3 (United States)

ASN19318 (IS-AS-1, US)
pjma.info
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:cf32 (United States)

ASN13335 (CLOUDFLARENET, US)
www.logo.wine
4    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
2    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
whos.amung.us
3    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
3    18.164.124.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-103.jfk50.r.cloudfront.net
get.s-onetag.com
3    3.136.136.253 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-136-253.us-east-2.compute.amazonaws.com
pd.sharethis.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    13.225.223.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-33.jfk51.r.cloudfront.net
onetag-geo.s-onetag.com
4    23.206.121.209 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-121-209.deploy.static.akamaitechnologies.com
t.sharethis.com
4    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    15.235.42.104 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
wt.rqtrk.eu
1    2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
3    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
10    142.250.80.34 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
lex.33across.com
2    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    54.88.112.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-112-111.compute-1.amazonaws.com
i.liadm.com
3    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
17    104.107.25.203 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-25-203.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
stags.bluekai.com
x.dlx.addthis.com
tags.bluekai.com
5    108.138.128.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-21.jfk50.r.cloudfront.net
aa.agkn.com
4    2600:9000:2511:e000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    34.123.65.25 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.65.123.34.bc.googleusercontent.com
i.simpli.fi
1    108.139.29.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-87.jfk50.r.cloudfront.net
data-beacons.s-onetag.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    3.136.3.63 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-3-63.us-east-2.compute.amazonaws.com
sync.sharethis.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    54.83.175.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-175-63.compute-1.amazonaws.com
usermatch.krxd.net
1    3.213.195.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-195-177.compute-1.amazonaws.com
beacon.krxd.net
7    3.230.62.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com
ps.eyeota.net
2    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
11    3.228.223.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-223-152.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    104.124.154.37 (Santa Clara, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-124-154-37.deploy.static.akamaitechnologies.com
tags.bkrtx.com
2    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    3.216.196.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-196-251.compute-1.amazonaws.com
track2.securedvisit.com
1    108.139.29.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-127.jfk50.r.cloudfront.net
api.intentiq.com
1    2600:1f18:ed:550f:e955:bb38:ba2:3837 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    2606:4700:e2::ac40:8d1f (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
2    63.251.114.137 (None, )

ASN- ()
ce.lijit.com
4    18.164.124.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-41.jfk50.r.cloudfront.net
cm.smadex.com
1    69.173.151.100 (None, )

ASN- ()
pixel.rubiconproject.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    216.22.16.8 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
1    34.247.150.29 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
2    23.23.38.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-38-193.compute-1.amazonaws.com
thrtle.com
1    13.225.223.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-2.jfk51.r.cloudfront.net
audex.userreport.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    52.1.88.9 (None, )

ASN- ()
pixel.shareaholic.com
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
1    34.229.3.43 (None, )

ASN- ()
loadus.exelator.com
2    52.55.2.158 (None, )

ASN- ()
dpm.demdex.net
1    64.58.232.176 (None, )

ASN- ()
global.ib-ibi.com
1    69.169.86.39 (None, )

ASN- ()
ib.mookie1.com
2    89.108.119.28 (None, )

ASN- ()
x01.aidata.io
2    68.67.161.208 (None, )

ASN- ()
secure.adnxs.com
ib.adnxs.com
Apex Domain
Subdomains		 Transfer
15 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
39 KB
12 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2379
x.dlx.addthis.com — Cisco Umbrella Rank: 1884
6 KB
10 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
3 KB
10 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 14187
t.sharethis.com — Cisco Umbrella Rank: 6549
sync.sharethis.com — Cisco Umbrella Rank: 3313
17 KB
9 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
d.agkn.com — Cisco Umbrella Rank: 907
5 KB
7 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1211
4 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 770
i6.liadm.com — Cisco Umbrella Rank: 2424
3 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 716
tags.bluekai.com — Cisco Umbrella Rank: 776
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4478
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6072
data-beacons.s-onetag.com — Cisco Umbrella Rank: 11933
15 KB
4 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3396
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
ce.lijit.com
3 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
790 B
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1288
88 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
2 KB
3 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 4159
um.simpli.fi — Cisco Umbrella Rank: 1009
2 KB
3 pippio.com
pippio.com — Cisco Umbrella Rank: 1005
841 B
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3601
1 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 14043
ic.tynt.com — Cisco Umbrella Rank: 6713
de.tynt.com — Cisco Umbrella Rank: 1898
11 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 11692
5 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
50 KB
3 pjma.info
pjma.info
502 KB
2 adnxs.com
secure.adnxs.com
ib.adnxs.com
1 KB
2 aidata.io
x01.aidata.io
942 B
2 demdex.net
dpm.demdex.net
2 KB
2 admedo.com
pool.admedo.com
636 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1501
875 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1577
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
1 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 2146
547 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1796
beacon.krxd.net — Cisco Umbrella Rank: 757
507 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1950
2 KB
2 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 26854
lex.33across.com — Cisco Umbrella Rank: 5435
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3551
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
893 B
2 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1987
5 KB
2 amung.us
widgets.amung.us — Cisco Umbrella Rank: 23676
whos.amung.us — Cisco Umbrella Rank: 13692
4 KB
1 mookie1.com
ib.mookie1.com
991 B
1 ib-ibi.com
global.ib-ibi.com
513 B
1 exelator.com
loadus.exelator.com
324 B
1 shareaholic.com
pixel.shareaholic.com
514 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 722
412 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 4507
433 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
500 B
1 rubiconproject.com
pixel.rubiconproject.com
787 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 19254
451 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1625
1 securedvisit.com
track2.securedvisit.com — Cisco Umbrella Rank: 4894
178 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 6063
16 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
1 KB
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 12570
596 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 832
1 logo.wine
www.logo.wine — Cisco Umbrella Rank: 878462
2 KB
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
100 56
Domain Requested by
10 cm.g.doubleclick.net 10 redirects
8 e.dlx.addthis.com 8 redirects
7 ps.eyeota.net 3 redirects bcp.crwdcntrl.net
data-beacons.s-onetag.com
6 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
5 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
5 aa.agkn.com 5 redirects
5 i.liadm.com 3 redirects bcp.crwdcntrl.net
4 cm.smadex.com 4 redirects
4 idsync.rlcdn.com 3 redirects bcp.crwdcntrl.net
4 d.agkn.com pjma.info
4 x.dlx.addthis.com pjma.info
4 tags.crwdcntrl.net t.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
4 use.fontawesome.com pjma.info
use.fontawesome.com
3 sync.sharethis.com pjma.info
3 match.adsrvr.org 3 redirects bcp.crwdcntrl.net
3 stags.bluekai.com 3 redirects
3 pippio.com 2 redirects pjma.info
3 pixel.onaudience.com 3 redirects
3 pd.sharethis.com t.dtscout.com
pjma.info
t.sharethis.com
3 get.s-onetag.com t.dtscout.com
get.s-onetag.com
3 t.dtscout.com widgets.amung.us
t.dtscout.com
3 cdn.jsdelivr.net pjma.info
3 pjma.info pjma.info
2 x01.aidata.io 1 redirects bcp.crwdcntrl.net
2 dpm.demdex.net 2 redirects
2 pool.admedo.com 2 redirects
2 thrtle.com 1 redirects bcp.crwdcntrl.net
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 s.amazon-adsystem.com 1 redirects bcp.crwdcntrl.net
2 ce.lijit.com
2 px.ads.linkedin.com 1 redirects
2 ap.lijit.com 1 redirects pjma.info
2 tags.bluekai.com 1 redirects tags.bkrtx.com
2 ml314.com 1 redirects pjma.info
2 i.simpli.fi pjma.info
2 live.rezync.com 2 redirects
2 wt.rqtrk.eu t.dtscout.com
pjma.info
1 ib.adnxs.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 loadus.exelator.com bcp.crwdcntrl.net
1 pixel.shareaholic.com 1 redirects
1 trc.taboola.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 synchroscript.deliveryengine.adswizz.com 1 redirects
1 pixel.rubiconproject.com bcp.crwdcntrl.net
1 um.simpli.fi 1 redirects
1 a.dtssrv.com t.dtscout.com
1 i6.liadm.com
1 api.intentiq.com data-beacons.s-onetag.com
1 track2.securedvisit.com data-beacons.s-onetag.com
1 tags.bkrtx.com pd.sharethis.com
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 data-beacons.s-onetag.com get.s-onetag.com
1 p.rfihub.com 1 redirects
1 lex.33across.com 1 redirects
1 cdn-tc.33across.com de.tynt.com
1 de.tynt.com cdn.tynt.com
1 mwzeom.zeotap.com pjma.info
1 spl.zeotap.com 1 redirects
1 t.dtscdn.com t.dtscout.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ic.tynt.com pjma.info
1 cdn.tynt.com widgets.amung.us
1 whos.amung.us widgets.amung.us
1 widgets.amung.us pjma.info
1 static.xx.fbcdn.net pjma.info
1 www.logo.wine pjma.info
0 ups.analytics.yahoo.com Failed
0 aorta.clickagy.com Failed bcp.crwdcntrl.net
0 sync.search.spotxchange.com Failed bcp.crwdcntrl.net
0 sync.mathtag.com Failed bcp.crwdcntrl.net
100 75

This site contains no links.

Subject Issuer Validity Valid
pjma.info
cPanel, Inc. Certification Authority		 2023-07-25 -
2023-10-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
logo.wine
E1		 2023-08-13 -
2023-11-11		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-31 -
2023-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-11 -
2024-06-09		 a year crt.sh
dtscout.com
GTS CA 1P5		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1		 2023-06-01 -
2024-05-31		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2023-07-20 -
2023-10-18		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-01-17		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
dtssrv.com
GTS CA 1P5		 2023-07-30 -
2023-10-28		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-01-18		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh

This page contains 11 frames:

Primary Page: https://pjma.info/fb-item68325400236i5263/login.php
Frame ID: 1DE862B0729C643059DE49EFB8274AF1
Requests: 59 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D0016926498628DAA59B1CC58EE0931
Frame ID: C2D67F7132F74480EBCAD284DFF45ABB
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 64041CBC761E4AABE265BDE2DE5271A0
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
Frame ID: 92C1E5BBDF7858A957271E28074818F7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1229.23362/a/US/t_.js?cid=c010&cls=C
Frame ID: A0532634755F68DAF9FD385EE5534A6C
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 7809A5D42B38390453F1538AB6DB919E
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEDWs1Rzg0ZKOEuL44PJuXY&google_cver=1
Frame ID: 49273E7117030682B072C186BB688D86
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95859
Frame ID: F29D49B06EF31BCCED076F41BD3520D7
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: B8E81D735A621E85F71D8EC223F917F4
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: E6681DB4C592BE5BDDC89D1F288E5A5A
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B68C8EB0E450AC6C78B9A6765D299592
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

100
Requests

57 %
HTTPS

21 %
IPv6

56
Domains

75
Subdomains

48
IPs

5
Countries

773 kB
Transfer

1130 kB
Size


Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D0016926498628DAA59B1CC58EE0931 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2809f509825feddd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zcluid=2809f509825feddd&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zcluid=2809f509825feddd&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN4Fcask99wI6z3Lzs6lcSE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zcluid=2809f509825feddd&zdid=1332
Request Chain 31
  • https://lex.33across.com/ps/v1/pubtoken/?pid=93&us_privacy=&rnd=1692649863468.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3D%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fpjma.info%252Ffb-item68325400236i5263%252Flogin.php%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&r=true HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&us_privacy=&cache_buster=1692649864&custom1= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D70e43ec6-07b4-498b-8d85-b4a7231346b5%253A1692649864.7105138%26pid%3D500040%26it%3D1%26iv%3D70e43ec6-07b4-498b-8d85-b4a7231346b5%253A1692649864.7105138%26_%3D1692649864.7148695&cb=1692649864.7149134 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336242687278199&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D70e43ec6-07b4-498b-8d85-b4a7231346b5%253A1692649864.7105138%26pid%3D500040%26it%3D1%26iv%3D70e43ec6-07b4-498b-8d85-b4a7231346b5%253A1692649864.7105138%26_%3D1692649864.7148695 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&pid=500040&it=1&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&_=1692649864.7148695 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138&pid=500040&_li_chk=true&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138&previous_uuid=6875b22d403e4efaae17fdbfdcb60ee0 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138
Request Chain 32
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.2 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.2&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023082120310400016384464487&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=6MMhWx9999elpmBA
Request Chain 33
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.3 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1692649864019&sk=212630604615013338540
Request Chain 35
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.6 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.6&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023082120310400036676238470&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Request Chain 36
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.7 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1692649864219&sk=213800604615013329950
Request Chain 38
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.9 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.9&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm=&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D&google_tc= HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEDqMdf5cyyTSa3b85IUzhQU&google_cver=1
Request Chain 39
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.10 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1692649864304&sk=214040604615013338552
Request Chain 40
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.11 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.11&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm=&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D&google_tc= HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEGhIahdxc_ZhyZFUZIuDTkc&google_cver=1
Request Chain 41
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.12 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1692649864303&sk=213920604615013334538
Request Chain 48
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&gdpr=0&gdpr_consent=
Request Chain 49
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhlQUJtVGp5WVlBQUFBSUEwV0xBdz09EAAaDQiIk4-nBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIiZOPpwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIiZOPpwYSBAgCEABCAEoA&google_gid=CAESEB_Ps0XiTcbeDTPUvZEekdg&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Request Chain 50
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2EGdsm7a4nnzqnKFQpO76MnUQO6DUkQCHFXEzjQo8dS0&gdpr=0&gdpr_consent=
Request Chain 51
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3637967078593396818 HTTP 307
  • https://ml314.com/csync.ashx?fp=&person_id=3637967078593396818&eid=50082
Request Chain 52
  • https://tags.bluekai.com/site/59574?id=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 55
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 56
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHeABmTjyYYAAAAIA0WLAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1229.23362%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1229.23362%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=43853864 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=WWVxaFc1R205OTkreXJCQQ%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEDWs1Rzg0ZKOEuL44PJuXY&google_cver=1
Request Chain 61
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088 HTTP 303
  • https://i6.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088
Request Chain 64
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu=&expected_cookie=f0376f25-cb23-4a59-b110-33c21bdcc462
Request Chain 67
  • https://um.simpli.fi/lj_match?r=49054 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F4EE1362CED745F3B51E08ED784DBEDB
Request Chain 68
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=934adda03d33f7616abb1637babc4623&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=934adda03d33f7616abb1637babc4623&custom=&tag_format=img&tag_action=sync&final=true&reqid=a8b7b080-4061-11ee-b03b-8f666b964d33&timestamp=2023-08-21T20%3A31%3A08.168Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4838202465699042224&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a8f1ac40-4061-11ee-9eb2-995e3fbf3097?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=934adda03d33f7616abb1637babc4623&tag_format=img&tag_action=sync&cb=11718894 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
Request Chain 69
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0 HTTP 302
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=VytyNkV0djBUaVdTVy9aUnZNSStEQT09&sm_p=dc&sm_r=lotame,lotame,rbc,smt,tl,bds HTTP 302
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,rbc,smt,tl,bds HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=5beafa12-dbf4-4e25-925b-f651bcc23e0c&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Crbc%2Csmt%2Ctl%2Cbds HTTP 302
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,rbc,smt,tl,bds HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=5beafa12-dbf4-4e25-925b-f651bcc23e0c&expires=30
Request Chain 70
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623&dcc=t
Request Chain 71
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 72
  • https://id5-sync.com/s/19/9.gif?puid=934adda03d33f7616abb1637babc4623&gdpr=0 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=934adda03d33f7616abb1637babc4623&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/2/7/3.gif?puid=4838202465699042224&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-0959rSMZnPxvs2tvs5o5VTzYm8MUTr0w_NN831ZIEA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 73
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=cd945e38a348fd2842bbc6d2e5d14eca&gdpr=0
Request Chain 74
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623 HTTP 302
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623&vxii_pid=12&vxii_pid1=10014&vxii_rcid=85b402b7-d38b-4720-ac8e-2cc2b338b73c
Request Chain 79
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd054260-48e2-43ef-8535-2f6b086d91b6&gdpr=0
Request Chain 81
  • https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79 HTTP 302
  • https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=284da76b-f797-4696-8bb8-6c7dfc766e44
Request Chain 83
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=934adda03d33f7616abb1637babc4623&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=934adda03d33f7616abb1637babc4623&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80745522197733214142425389923400850199/gdpr=0
Request Chain 84
  • https://pixel.onaudience.com/?mapped=934adda03d33f7616abb1637babc4623&partner=104&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=1310f199f3a8f0a4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm5DdWd6eEVDRW9ZaUY0ZURJZXpON2NGdS0xTW1VOGJDWUNKTFZVLWd6SzA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEM0TcQIgzlcRf_4ZYEPyWkw&google_cver=1
Request Chain 85
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=934adda03d33f7616abb1637babc4623 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=ZOPJjNsHUcYJmP2KwYshIKGt HTTP 307
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=c3904642047874b16a68f32a8500a0f2d17c418ca7bddcdbdfee6a6cfb0a589825abae5358c0e7bc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Wk9QSmpOc0hVY1lKbVAyS3dZc2hJS0d0 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGM9VtbVgPh2tsB2Nbcb-Mw&google_cver=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=ZOPJjNsHUcYJmP2KwYshIKGt&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=80745522197733214142425389923400850199
Request Chain 86
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623
Request Chain 87
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0&bounce=1
Request Chain 88
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214040604615013338552&gdpr=0&gdpr_consent=
Request Chain 90
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=196198120 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4838202465699042224/gdpr=0/rand=196198120
Request Chain 94
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HMJPdSZHG_84LVKYSkudcFJ6/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=934adda03d33f7616abb1637babc4623
Request Chain 96
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&bid=1e2n4ou
Request Chain 97
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
Request Chain 98
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZOPJjQAAATPn-wBV HTTP 302
  • https://ps.eyeota.net/match?uid=ZOPJjQAAATPn-wBV&bid=0rijhbu&referrer_pid=51md42u&_test=ZOPJjQAAATPn-wBV
Request Chain 99
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=4838202465699042224&bid=2cr76e1&referrer_pid=51md42u
Request Chain 100
  • https://tags.bluekai.com/site/29535?limit=1&id=2oqT7r5Mzj-2DhBhXS3z6iljIbVe4ugxsutG0mlx9m8g HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
pjma.info/fb-item68325400236i5263/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.219.81.3 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
4dbe644caa3662fed78c0048cb8ae24d374900661384cff97e8a8f89c0b7e11f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 21 Aug 2023 20:30:59 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
style-m.css
pjma.info/fb-item68325400236i5263/ 		45 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjma.info/fb-item68325400236i5263/style-m.css
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.219.81.3 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
542a69480761cb856b82c039588da89a7206cc6117b0324d01981f6297545b23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:30:59 GMT
Last-Modified
Mon, 27 Jun 2022 17:58:36 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
45795
fL0gASD89fmhDS.css
pjma.info/fb-item68325400236i5263/ 		445 KB
445 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pjma.info/fb-item68325400236i5263/fL0gASD89fmhDS.css
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.219.81.3 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
01a1084202c44b767202260be09c3178ea3a9a4e2187d7c22cf8c712d2708109

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:30:59 GMT
Last-Modified
Mon, 27 Jun 2022 17:55:56 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
455903
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pjma.info/
Origin
https://pjma.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Aug 2023 20:30:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
8146247
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-eddf8230037-FRA, cache-nyc-kteb1890031-NYC
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Facebook-Logo.wine.svg
www.logo.wine/a/logo/Facebook/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.logo.wine/a/logo/Facebook/Facebook-Logo.wine.svg
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:cf32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80dd250899432943f373346377e658bcd23a2af4788ac901738d18dcaf4868c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:30:59 GMT
content-encoding
br
x-oss-request-id
641A5796CD8032323509B8F7
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
jNR5YxpDuhMT8HlbahWAMQ==
age
259781
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sun, 15 Dec 2019 17:07:10 GMT
server
cloudflare
etag
W/"8CD479631A43BA1313F0795B6A158031"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9c2dPf7wNvJWRsu%2BcDtLgsnFQnnkC5b67XsignF3p6yX5iI%2FVoalRaOwkbZNIN4xYwa3Cx92gWqPgE418VbLhQ6sVFkuHk%2B%2BK7MI8Xidn%2FAcNq0frVfBe1KInHXDDfTsNKlHzwaA3Kwfelo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=UTF-8
cache-control
public, max-age=315360000
x-oss-storage-class
Standard
cf-ray
7fa5a315c9c14bd8-BUF
x-oss-hash-crc64ecma
14188148386939844559
x-oss-server-time
23
7af8102e6b.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7af8102e6b.js
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be87d1092b0a7d6de2f6836caad7a231315edb48aa694e959f726c5f172e0311

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:30:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4TVXNT4N6BJP31SF
age
2040
alt-svc
h3=":443"; ma=86400
x-amz-id-2
U0n4O10FqAgSG0fIcCsUkaKbMgLsjSoiKGeEuYVibTAa8c/8f85k6W6PbkZfsZ+CJhnchX/1V9U=
last-modified
Sat, 12 Mar 2022 00:22:12 GMT
server
cloudflare
etag
W/"f01a9b85de2142fc9d619de7fa04fd7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bvd5NiOeZ6cxFMIiT2ZzymJbMZH1LmeGP1K5JEQscG4YB5EuPgSu%2BoTByHhVPifdCUMT6l9hxw0nPgOsjUIvg4S1pM7mr%2F7WQf1ywDPK0vS7pxYZ0vBTnk7%2B9YRBlu46EfKE6J1yr3ekAZt1vQrfB%2FqU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7fa5a315de414338-EWR
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pjma.info/
Origin
https://pjma.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Aug 2023 20:30:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
4221514
x-jsd-version
2.10.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6952
x-served-by
cache-fra-eddf8230065-FRA, cache-nyc-kteb1890031-NYC
x-jsd-version-type
version
etag
W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pjma.info/
Origin
https://pjma.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Aug 2023 20:30:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
10876262
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17624
x-served-by
cache-fra-eddf8230103-FRA, cache-nyc-kteb1890031-NYC
x-jsd-version-type
version
etag
W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
C-IF1ZQl9kN.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C-IF1ZQl9kN.png
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
truncated
/ 		135 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
7af8102e6b.css
use.fontawesome.com/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7af8102e6b.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7af8102e6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc990b466cd6c71bb08f89a891a36e9d6105ce085f4a7b1907e02cb25e436a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4W1224G7R0FNXXA9
age
2040
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4iMg6mpJhwprqi9tw5kk+8b/mT7dXjgCC/eCfHbuivADfUwwPrZNClOQa3y006eVaXEBF9K7LR6pm2W5N3/TdQ==
last-modified
Sat, 12 Mar 2022 00:22:12 GMT
server
cloudflare
etag
W/"be461058fe4e1407a74f8b589a63af11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEZuPXOdKAux76cHoaVVLaKUW9NW%2BdTRFPZJnc2ruO7GOFbQRirPsBjLUXmGs44CJSQPdW8C4HnstoRVQ%2F4VhhPc7nOZicWewcKq74DVpIkeBUdvgpJCM8Z3UaKPdMZmO0yGMv8%2F9oAcXXX%2BqqndNtWw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7fa5a322ece64338-EWR
small.js
widgets.amung.us/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/small.js
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 17:19:40 GMT
server
cloudflare
age
285
etag
W/"63c0412c-2170"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7fa5a3247c7d4bc9-BUF
expires
Tue, 22 Aug 2023 20:26:16 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7af8102e6b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.fontawesome.com/7af8102e6b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WCEWVRKWP6GE435Z
age
1066740
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/M8gpcAqEbu6A6SbiU36nkMMB9a3GqKUHYf5Qw4YH6sHJPQX2KwUxdtzIa4LwcH9Tu0nDkXRrLg=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq5%2B6YOPIocwGkLogdE%2Fw0iGj3G1XGbLgvrD9RZyiuXKR%2BeKy31yu6UdJcT68wHL78cEn33bOBU9LNpdJbaL1F%2F9BF7yuzQREFD3LysGpVg5LOK1Q%2FvWqlKKZgHPYOUag6f%2FZCNcqe2R9bBXpU9aorUp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7fa5a32399034328-EWR
/
t.dtscout.com/i/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93904c329d557a1eff9e49acd9641b51cd8bd147d438705e8ede2a80f37d5c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:02 GMT
x-t
0.265
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYIZC7Bk%2Bax5a1nzaCkPmriadRBeTwFzy5IE1K70MI%2BSsVDwQpeB30fRvE%2F5mfnqJ1%2FuBkum5zjbpDpsoHnzESAQABSBa9UCS5tLAxXXWns1l878q0NRqEJH1MAiNQczwVHy7n5CpKbhGv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl1
cf-ray
7fa5a328df664bc1-BUF
expires
Mon, 21 Aug 2023 20:31:01 GMT
/
whos.amung.us/pingjs/ 		24 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=can00&t=m.facebook.com%20-%20Login%20to%20continue.&c=s&x=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&y=&a=0&d=2.863&v=27&r=130
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dfe88009cac63108683c51852a36513aee2795fb2a27dcd058bf54838010790

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7fa5a326aca04bc9-BUF
content-type
text/javascript;charset=UTF-8
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7af8102e6b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/7af8102e6b.css
Origin
https://pjma.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E0FTZVTBSK54JDDP
age
9226
alt-svc
h3=":443"; ma=86400
content-length
77160
x-amz-id-2
MduvlIikBgHRwEJUfXA8gzwNLzdSzJo7Z+D3wdXy8BlvC+WEo/p2eOsLslbzZ+sg4sBzMwUHbeQ=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK8bZKRqM1MmG9kDRQ6dMqVmaggpVz1h9SnMrvGdFztYZG%2FRvulgHEjomHjo4MvBqCH9U9yNLawMVA5a%2F%2BTNeUyBXKF%2BS7m7THtxJXqlRzXpeVp%2FkXfmHL7ihgtiuTcbJkMGQTKqX7AdM3yuuDFAmI%2BZ"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7fa5a3269f8842f7-EWR
tc.js
cdn.tynt.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c408f5b072dc8f5449091bc50d95ea19c724eb19e1ff19a61d19336ac0087259

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 17:56:27 GMT
server
cloudflare
age
182057
etag
W/"64d524cb-4e3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7fa5a329788936eb-YYZ
expires
Thu, 24 Aug 2023 20:31:02 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
/
t.dtscout.com/idg/ Frame C2D6 		1 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D0016926498628DAA59B1CC58EE0931
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc1dae0103c590b563307cc990fb044cf77c7a119376d786178b4086b9482bb

Request headers

Referer
https://pjma.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fa5a32a3f6d4bc1-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 21 Aug 2023 20:31:02 GMT
expires
Mon, 21 Aug 2023 20:31:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3VtvkQoy%2BrPZl4N0N%2BBGeRGHt1m55Cc5OEhUjA47L%2FLmSq4yaW7i4O1CF63qBEgarFifqs5UFfNQWAoZIQvOQG1RAUiOaIIaBY%2FBErP%2BVM5yrHDw6prbKanl01cHxqfn%2FY4ifNw1%2FGpjio%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
date
Mon, 21 Aug 2023 10:20:47 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
36615
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
dNvbyR4sw7Zs5hxJGwO06CEtaxTQnqf1zq4T-t2HQ-OHO69JhjM32w==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.136.253 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-136-253.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1845d6fbb87eb5b682e8e3b27133dddf59bda5ea4b48b1886efad562ea7ca126
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Content-Type
application/javascript
/
t.dtscout.com/pv/ 		51 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=pjma.info&_ss=5o8hhl5aha&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4xqw&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06fdb355c470dbcaa41aa98db5ff4c3aaad6f4572c84eed3bd296acbd162beaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:02 GMT
x-t
0.168
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V80OyiB5Uh%2FnFE30sopXGqqKJ%2F8KqmSEF7kGjYOZ%2BzMgMI%2B%2BrCt74QcOuaDrqsm%2BA6AebRFa6Bm44q6dNHFGRY9jTY3LdgFLSKzslIWsrQYowk5048fwBF3wKOw2cGyFJAuA5RctvnU9wdU%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
7fa5a3297f684bc1-BUF
expires
Mon, 21 Aug 2023 20:31:01 GMT
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!can00&lm=0&ts=1692649862810&dn=TC&iso=0&gpp_sid=&pu=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&t=m.facebook.com%20-%20Login%20to%20continue.&chmob=0
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:03 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
onetag-geo.s-onetag.com/ 		50 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-33.jfk51.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:12:28 GMT
via
1.1 0173aeb09060ae0dd8c77e399d9e5634.cloudfront.net (CloudFront), 1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1, JFK51-C1
age
8315
x-amzn-requestid
d437f4d7-182f-4d79-aa1d-cad02e172e23
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
KBdaEEx9CYcFg4A=
content-length
50
x-amz-cf-id
XOqVF1S2nuumaJ8jlD8OVqbRCZhNah_9dGPvD9zOFHLmmuDPmWFqDg==
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.600638899291154&stid=ZHeABmTjyYYAAAAIA0WLAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.121.209 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-121-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Mon, 21 Aug 2023 21:31:03 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&event_source=dtscout&rnd=0.600638899291154&exptid=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&fcmp=false
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.136.253 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-136-253.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
last-modified
Fri, 04 Aug 2023 20:20:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
32154
etag
W/"183da5a969dad8920a93eaf8ce902db3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
FI8E6CZfkshit3rshwz9aP7W4vtJM-mnUrDl_xY2il_8BIp8Hr8ylw==
7fe7eff6-46b8-4e38-be16-be1bf1212a98-trk.js
wt.rqtrk.eu/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wt.rqtrk.eu/7fe7eff6-46b8-4e38-be16-be1bf1212a98-trk.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.104 Victoria, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-003.roqad.pl
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:03 GMT
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
49763
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
0
last-modified
Thu, 29 Jun 2023 20:33:47 GMT
server
istio-envoy
etag
W/"1d03ef341b90639c36608648291fa98b"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400,public
x-amz-cf-id
FgeUfUPzVuMjMfZ4qPAqOKEWrL4i9qU5Y203wTmNFBfwl4GQGmt2vA==
expires
Tue, 22 Aug 2023 20:31:03 GMT
/
t.dtscdn.com/widget/ 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D0016926498628DAA59B1CC58EE0931&nid=0&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:03 GMT
x-t
1.83
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3WBcho4Z3E9vb3v7DOGSjIqnscjnXweEtfFZQMYbGzuDropV3HZsyfNclXNZDNcl2EqrPZ3FpqOrKay%2F5SsZOMe905A4C5YPZS42vGIW2NESsT1KrKGN0jdIvomp8eADFkpmXJRaRcWtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web16.ny1.dtscdn.com
cf-ray
7fa5a3306a8a4bc6-BUF
expires
Mon, 21 Aug 2023 20:01:53 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D0016926498628DAA59B1CC58EE0931
  • https://spl.zeotap.com/?zdid=1332&zcluid=2809f509825feddd
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN4Fcask99wI6z3Lzs6lcSE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEN4Fcask99wI6z3Lzs6lcSE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zcluid=2809f509825feddd&zdid=1332
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://pjma.info
access-control-allow-credentials
true
cf-ray
7fa5a33a4e0c4bc9-BUF
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEN4Fcask99wI6z3Lzs6lcSE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=06eba71e-4197-4ed1-7782-56fa39e83fc3&reqId=a056fd35-d641-4861-4ee7-68c0b0422c4f&zcluid=2809f509825feddd&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
de.tynt.com/deb/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!can00&dn=TC&cc=1&chmob=0&r=&gpp_sid=&pu=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Mon, 21 Aug 2023 20:31:02 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1837
expires
Sat, 26 Jul 1997 05:00:00 GMT
lotame-sync.html
cdn-tc.33across.com/ Frame 6404 		343 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!can00&dn=TC&cc=1&chmob=0&r=&gpp_sid=&pu=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://pjma.info/fb-item68325400236i5263/login.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11378
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
7fa5a332b883a244-YYZ
content-encoding
gzip
content-type
text/html
date
Mon, 21 Aug 2023 20:31:04 GMT
etag
W/"64d524d1-157"
expires
Thu, 24 Aug 2023 20:31:04 GMT
last-modified
Thu, 10 Aug 2023 17:56:33 GMT
server
cloudflare
vary
Accept-Encoding
sync
pippio.com/api/
Redirect Chain
  • https://lex.33across.com/ps/v1/pubtoken/?pid=93&us_privacy=&rnd=1692649863468.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&us_pri...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D70e43ec6-07b4-498b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336242687278199&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D70e43ec...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&pid=500040&it=1&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5%3A1692649864.7105138&_=169...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138&pid=500040&_li_chk=true&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:06 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1692649864.7148695&iv=70e43ec6-07b4-498b-8d85-b4a7231346b5:1692649864.7105138
Date
Mon, 21 Aug 2023 20:31:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.2
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.2&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023082120310400016384464487&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=6MMhWx9999elpmBA
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=6MMhWx9999elpmBA
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 20:31:05 GMT
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=6MMhWx9999elpmBA
date
Mon, 21 Aug 2023 20:31:05 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.3
  • https://d.agkn.com/pixel/6644/?che=1692649864019&sk=212630604615013338540
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1692649864019&sk=212630604615013338540
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
2600:9000:2511:e000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:03 GMT
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
RFHS2p0C_GnaZtsVh4t6PhNCA4j8iAL0Oh9bT4s26dq1BXyDzvIX1Q==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1692649864019&sk=212630604615013338540
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
ylestdJU_MbMoE8MOyA0mKctaW5tp4CwV3W6q6GzKNJSWfzfu2h6og==
expires
0
dpx
i.simpli.fi/ 		95 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1692649863468.4&ref=
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.123.65.25 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.65.123.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
F32AFVhjF994L-g-qcvC
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.6
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.6&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023082120310400036676238470&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 20:31:05 GMT
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
date
Mon, 21 Aug 2023 20:31:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.7
  • https://d.agkn.com/pixel/6644/?che=1692649864219&sk=213800604615013329950
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1692649864219&sk=213800604615013329950
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
2600:9000:2511:e000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
53pzq4pshP4ma5kP_Alo6tFmGCclUs59rlh_sHOJXMe8_wORip7A5A==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1692649864219&sk=213800604615013329950
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
fTctLko5axxO-AhEn7zzCJDX6jbl-7q0_my9pikEzI6GRKj-rl6GtQ==
expires
0
dpx
i.simpli.fi/ 		95 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1692649863468.8&ref=
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.123.65.25 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.65.123.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
F32AFV2nJkbxoUQ-qc_C
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
googlegdn_sync
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.9
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.9&rd=Y
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm=&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D&google_tc=
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEDqMdf5cyyTSa3b85IUzhQU&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEDqMdf5cyyTSa3b85IUzhQU&google_cver=1
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 20:31:05 GMT
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEDqMdf5cyyTSa3b85IUzhQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.10
  • https://d.agkn.com/pixel/6644/?che=1692649864304&sk=214040604615013338552
43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1692649864304&sk=214040604615013338552
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
2600:9000:2511:e000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:03 GMT
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
_Mn0ohLORxTLsswGuXfscod9PVKIif53GYA81xU8AAnnHpMHDZUgHQ==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1692649864304&sk=214040604615013338552
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
se-fzxjsWEB6m81Q_H7PJSdxNRWLiQHOd823J9e-u7Wd_JHpUN6usQ==
expires
0
googlegdn_sync
x.dlx.addthis.com/e/
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.11
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21can00&33random=1692649863468.11&rd=Y
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm=&google_hm=MjAyMzA4MjEyMDMxMDQwMDAzNjY3NjIzODQ3MA%3D%3D&google_tc=
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEGhIahdxc_ZhyZFUZIuDTkc&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEGhIahdxc_ZhyZFUZIuDTkc&google_cver=1
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Mon, 21 Aug 2023 20:31:05 GMT
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEGhIahdxc_ZhyZFUZIuDTkc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1692649863468.12
  • https://d.agkn.com/pixel/6644/?che=1692649864303&sk=213920604615013334538
43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/6644/?che=1692649864303&sk=213920604615013334538
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
2600:9000:2511:e000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/fb-item68325400236i5263/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
nJuALFsZe-uiqwtTFxST40Nm0JvCnExxIsK8HZ35lgF4rr_sDIaF1Q==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1692649864303&sk=213920604615013334538
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
R8UfUi_CjFUc2XE8ijlDppJw6nwA-gK9i9bhfTbAKZWD1pKqmOYm0g==
expires
0
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
Yg05UO6NTOeAVh89ijS_gJS9wGU8sF2q
content-encoding
gzip
via
1.1 baec235d174153a8f2e92ea724643824.cloudfront.net (CloudFront)
date
Mon, 21 Aug 2023 20:28:33 GMT
last-modified
Wed, 19 Jul 2023 15:29:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
152
etag
W/"d94796629c48c2aea8b46d4ba841348d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
JwzjJBSNqU_wLV9Q7NlvadR2z6hjrbxyJ_8HN9VACsCFla5irBW7dg==
t_.htm
t.sharethis.com/a/ Frame 92C1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.600638899291154&stid=ZHeABmTjyYYAAAAIA0WLAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.121.209 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-121-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://pjma.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Mon, 21 Aug 2023 20:31:03 GMT
Expires
Mon, 28 Aug 2023 20:31:03 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
/
wt.rqtrk.eu/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=7fe7eff6-46b8-4e38-be16-be1bf1212a98&url=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&cb=169264986388683&src=www&type=100&uid=6D0016926498628DAA59B1CC58EE0931&gdpr=0&gdpr_pd=0&gdpr_consent=null&sid=0
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.104 Victoria, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-003.roqad.pl
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Mon, 21 Aug 2023 20:31:03 GMT
t_.js
t.sharethis.com/1.1229.23362/a/US/ Frame A053 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1229.23362/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.121.209 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-121-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9080
Expires
Mon, 28 Aug 2023 20:31:04 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 6404 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:28:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
32154
etag
W/"e665301d41766524e38b808a6d06bf6b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fGJOyDrpaIVWazBACr6IlCu_O_LlyY125ICGD8kj0gdhAhF8qsVdoA==
test_oracle
pd.sharethis.com/pd/ Frame 7809 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.136.253 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-136-253.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame A053
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&gdpr=0&gdpr_consent=
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Server
3.136.3.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-3-63.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeABmTjyYYAAAAIA0WLAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
215
usermatch.gif
beacon.krxd.net/ Frame A053
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhlQUJtVGp5WVlBQUFBSUEwV0xBdz09EAAaDQiIk4-nBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIiZOPpwYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIiZOPpwYSBAgCEABCAEoA&google_gid=CAESEB_Ps0XiTcbeDTPUvZEekdg&google_cver=1
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
Protocol
H2
Server
3.213.195.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-195-177.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n032-ash-prod.krxd.net
date
Mon, 21 Aug 2023 20:31:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1692649867
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp_identity
date
Mon, 21 Aug 2023 20:31:06 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
eyeota
sync.sharethis.com/ Frame A053
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2EGdsm7a4nnzqnKFQpO76MnUQO6DUkQCHFXEzjQo8dS0&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2EGdsm7a4nnzqnKFQpO76MnUQO6DUkQCHFXEzjQo8dS0&gdpr=0&gdpr_consent=
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Server
3.136.3.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-3-63.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeABmTjyYYAAAAIA0WLAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2EGdsm7a4nnzqnKFQpO76MnUQO6DUkQCHFXEzjQo8dS0&gdpr=0&gdpr_consent=
Date
Mon, 21 Aug 2023 20:31:04 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame A053
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3637967078593396818
  • https://ml314.com/csync.ashx?fp=&person_id=3637967078593396818&eid=50082
43 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=&person_id=3637967078593396818&eid=50082
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
H2
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Tue, 22 Aug 2023 16:31:05 GMT

Redirect headers

date
Mon, 21 Aug 2023 20:31:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=&person_id=3637967078593396818&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame A053
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHeABmTjyYYAAAAIA0WLAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Server
3.136.3.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-3-63.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHeABmTjyYYAAAAIA0WLAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Mon, 21 Aug 2023 20:31:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
map
bcp.crwdcntrl.net/6/ Frame 6404 		156 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.6.75
access-control-allow-credentials
true
content-length
156
expires
0
bk-coretag.js
tags.bkrtx.com/js/ Frame 7809 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.124.154.37 Santa Clara, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-124-154-37.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Mon, 21 Aug 2023 20:31:05 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Mon, 28 Aug 2023 20:31:05 GMT
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: pjma.info
URL: https://pjma.info/fb-item68325400236i5263/login.php
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pjma.info
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Mon, 21 Aug 2023 20:31:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://pjma.info
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
2981
tags.bluekai.com/site/ Frame 4927
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHeABmTjyYYAAAAIA0WLAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1229.23362%26cid%3Dc010%26...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=WWVxaFc1R205OTkreXJCQQ%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEDWs1Rzg0ZKOEuL44PJuXY&google_cver=1
62 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEDWs1Rzg0ZKOEuL44PJuXY&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Mon, 21 Aug 2023 20:31:05 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Aug 2023 20:31:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEEDWs1Rzg0ZKOEuL44PJuXY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
1540_03681
track2.securedvisit.com/sync/ 		43 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=HMJPdSZHG_84LVKYSkudcFJ6
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.196.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-196-251.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:06 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.22.0
content-length
43
content-type
image/gif
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pjma.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 21 Aug 2023 18:00:17 GMT
content-encoding
gzip
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
9050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 04 Aug 2023 20:20:16 GMT
server
AmazonS3
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
PAHiEVWCxy_BElTYk8ifPwjibtaQi9BJ_5G_uh8wG1jnVbugvKWaeA==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F29D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95859
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-127.jfk50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://pjma.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Mon, 21 Aug 2023 20:31:07 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-id
B2UwjRnTMFLr7f678CP7HM7-KRekcCWSX7i4CPIXr_NhrrdOUiybwA==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
data
bcp.crwdcntrl.net/6/ 		326 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://pjma.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pjma.info
cache-control
no-cache
x-server
10.40.3.94
access-control-allow-credentials
true
content-length
326
expires
0
76929
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088
  • https://i6.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:e955:bb38:ba2:3837 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=16088
Date
Mon, 21 Aug 2023 20:31:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
a
a.dtssrv.com/ 		0
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=6D0016926498628DAA59B1CC58EE0931&k=lotpano&v=f440ee18aae27c8c44a8cb3889cea9fb927af5c9e14b0599520abdf363fb5c66
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpjma.info%2Ffb-item68325400236i5263%2Flogin.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Fr7X9dvEQZGAfeb9N4rkHhbxR0ZQho0I%2BVmEo%2BxcZEHaYEfD4fpoq45mCmkldwkop%2Bvyx0%2Fhh7v1F%2F%2F0nCN5wTDWhqGIjDKls%2BXD%2FXpX2aeK%2FKg4m9SIIoG2amXx93bqMcd4aTw5Qo%2BGNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7fa5a3469d7f8c17-EWR
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame B8E8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pjma.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
32158
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 21 Aug 2023 11:35:10 GMT
etag
W/"ab50484458d62eef36ef1969b84da1b5"
last-modified
Tue, 25 Apr 2023 19:53:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-id
4hS76AcepwTvyKrZHqILPUvWpsrIQXnpfW2-ApvOAF8zRgTR01hZNw==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu=&expected_cookie=f0376f25-cb23-4a59-b110-33c21bdcc462
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu=&expected_cookie=f0376f25-cb23-4a59-b110-33c21bdcc462
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:07 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6DAE7CB9CD0145D78B3EF0B3D7A23332 Ref B: NYCEDGE1714 Ref C: 2023-08-21T20:31:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDdMIe4/dLWr6STFvw0A==

Redirect headers

date
Mon, 21 Aug 2023 20:31:07 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CAA59D0D3FCD451EA390AC0D081B3294 Ref B: NYCEDGE1714 Ref C: 2023-08-21T20:31:07Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
/db_sync?pid=15697&puuid=HMJPdSZHG_84LVKYSkudcFJ6&rand=27942&pu=&expected_cookie=f0376f25-cb23-4a59-b110-33c21bdcc462
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYDdMIXJtJ90GDYuVb8sQ==
pixels
bcp.crwdcntrl.net/ Frame E668 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
3099
content-type
text/html
date
Mon, 21 Aug 2023 20:31:07 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.8.36
a.gif
t.sharethis.com/d/ Frame A053 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHeABmTjyYYAAAAIA0WLAw%253D%253D&tt=t.dhj&dhjLcy=1692649863765&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1229.23362&ell=d&cck=__stid&dmn=pjma.info&pn=%2Ffb-item68325400236i5263%2Flogin.php&qs=na&rdn=pjma.info&rpn=%2Ffb-item68325400236i5263%2Flogin.php&rqs=na&cc=US&cont=NA&evid=TzzyZoYABZn2YMM0ra4I&urls=!1!867!b-13j,!0!2951!b-13l,!1!858!b-14s,!1!0!b-14t,!1!720!b-150,!1!734!b-16f&rnd=1692649867485&cid=c010&version=1.1229.23362&cc=US&cont=NA&cls=C&repeat=0&htmLcy=238
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.121.209 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-121-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1229.23362&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 21 Aug 2023 20:31:07 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=49054
  • https://ce.lijit.com/merge?pid=2&3pid=F4EE1362CED745F3B51E08ED784DBEDB
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=F4EE1362CED745F3B51E08ED784DBEDB
Protocol
HTTP/1.1
Server
63.251.114.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:08 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 21 Aug 2023 20:31:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=F4EE1362CED745F3B51E08ED784DBEDB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 20 Aug 2023 20:31:08 GMT
generic
match.adsrvr.org/track/cmf/ Frame E668
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=934adda03d33f7616abb1637babc4623&custom=&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=934adda03d33f7616abb1637babc4623&custom=&tag_format=img&tag_action=sync&final=true&reqid=a8b7b080-4061-11ee-b03b-8f666b964...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4838202465699042224&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a8f1ac40-4061-11ee-9eb2-995e3fbf3097?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=934adda03d33f7616abb1637babc4623&tag_format=img&tag_action=sync&cb=11718894
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
0
0
tap.php
pixel.rubiconproject.com/ Frame E668
Redirect Chain
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc=
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=VytyNkV0djBUaVdTVy9aUnZNSStEQT09&sm_p=dc&sm_r=lotame,lotame,rbc,smt,tl,bds
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,rbc,smt,tl,bds
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=5beafa12-dbf4-4e25-925b-f651bcc23e0c&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Crbc%2Csmt%2Ctl%2Cbds
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,rbc,smt,tl,bds
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=5beafa12-dbf4-4e25-925b-f651bcc23e0c&expires=30
42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=5beafa12-dbf4-4e25-925b-f651bcc23e0c&expires=30
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=5beafa12-dbf4-4e25-925b-f651bcc23e0c&expires=30
date
Mon, 21 Aug 2023 20:31:09 GMT
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
46EfSGsTsTdiW_3H8-LJa4_sfjGijHg9O2gvqW52uNngKp1jFQus2A==
x-cache
Miss from cloudfront
dcm
s.amazon-adsystem.com/ Frame E668
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623&dcc=t
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K1GS6BWQP91H3H9S4JPE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R37VPD0AQB9M8FA169P0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=934adda03d33f7616abb1637babc4623&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame E668
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
216.22.16.8 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:08 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
img
sync.mathtag.com/sync/ Frame E668
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=934adda03d33f7616abb1637babc4623&gdpr=0
  • https://id5-sync.com/c/19/19/9/1.gif?puid=934adda03d33f7616abb1637babc4623&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/19/2/7/3.gif?puid=4838202465699042224&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-0959rSMZnPxvs2tvs5o5VTzYm8MUTr0w_NN831ZIEA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
0
0
qmap
sync.crwdcntrl.net/ Frame E668
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=cd945e38a348fd2842bbc6d2e5d14eca&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=cd945e38a348fd2842bbc6d2e5d14eca&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.33.37
content-length
49
expires
0

Redirect headers

Date
Mon, 21 Aug 2023 20:31:07 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
a8d46040-4061-11ee-bf62-02d9a288b34b
Instance-id
i-074893cbb5fc5287b
Location
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=cd945e38a348fd2842bbc6d2e5d14eca&gdpr=0
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
insync
thrtle.com/ Frame E668
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623&vxii_pid=12&vxii_pid1=10014&vxii_rcid=85b402b7-d38b-4720-ac8e-2cc2b338b73c
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623&vxii_pid=12&vxii_pid1=10014&vxii_rcid=85b402b7-d38b-4720-ac8e-2cc2b338b73c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
23.23.38.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-38-193.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 21 Aug 2023 20:31:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&vxii_pdid=934adda03d33f7616abb1637babc4623&vxii_pid=12&vxii_pid1=10014&vxii_rcid=85b402b7-d38b-4720-ac8e-2cc2b338b73c
date
Mon, 21 Aug 2023 20:31:08 GMT
content-type
text/html; charset=utf-8
content-length
189
p3p
CP="NOI OUR BUS UNI COM NAV"
41715
i.liadm.com/s/ Frame E668 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=934adda03d33f7616abb1637babc4623
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-112-111.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
ltm
audex.userreport.com/sync/put/ Frame E668 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=934adda03d33f7616abb1637babc4623
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:08 GMT
Via
1.1 0bb631caf01a1e61a0610f8aef984a00.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
JFK51-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
SNxmZm4QQ6sdAKyT8JV3e-8A39A1uqAZnzp1kyi3FNUjpxcLuePtuQ==
partner
sync.search.spotxchange.com/ Frame E668 		0
0
cm
trc.taboola.com/sg/lotame/1/ Frame E668 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lotame/1/cm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Mon, 21 Aug 2023 20:31:08 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
18660
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-nyc-kteb1890050-NYC
pragma
no-cache
server
nginx
x-timer
S1692649868.160741,VS0,VE20
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
qmap
sync.crwdcntrl.net/ Frame E668
Redirect Chain
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd054260-48e2-43ef-8535-2f6b086d91b6&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd054260-48e2-43ef-8535-2f6b086d91b6&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.27
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd054260-48e2-43ef-8535-2f6b086d91b6&gdpr=0
pragma
no-cache
date
Mon, 21 Aug 2023 20:31:08 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
7
sync.search.spotxchange.com/audience_sync/ Frame E668 		0
0
tpid=284da76b-f797-4696-8bb8-6c7dfc766e44
bcp.crwdcntrl.net/map/c=10737/tp=AMBO/ Frame E668
Redirect Chain
  • https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79
  • https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79
  • https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=284da76b-f797-4696-8bb8-6c7dfc766e44
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=284da76b-f797-4696-8bb8-6c7dfc766e44
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.64
content-length
49
expires
0

Redirect headers

location
//bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=284da76b-f797-4696-8bb8-6c7dfc766e44
date
Mon, 21 Aug 2023 20:31:09 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
loadus.exelator.com/load/ Frame E668 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=934adda03d33f7616abb1637babc4623&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.229.3.43 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80745522197733214142425389923400850199/ Frame E668
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=934adda03d33f7616abb1637babc4623&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=934adda03d33f7616abb1637babc4623&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80745522197733214142425389923400850199/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80745522197733214142425389923400850199/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.77
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-va6-1-v049-0cb78c034.edge-va6.demdex.com 15 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RKy3tKCGQQg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=80745522197733214142425389923400850199/gdpr=0
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame E668
Redirect Chain
  • https://pixel.onaudience.com/?mapped=934adda03d33f7616abb1637babc4623&partner=104&gdpr=0
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=1310f199f3a8f0a4
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm5DdWd6eEVDRW9ZaUY0ZURJZXpON2NGdS0xTW1VOGJDWUNKTFZVLWd6SzA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEM0TcQIgzlcRf_4ZYEPyWkw&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEM0TcQIgzlcRf_4ZYEPyWkw&google_cver=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 21 Aug 2023 20:31:09 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEM0TcQIgzlcRf_4ZYEPyWkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
aorta.clickagy.com/ Frame E668
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=934adda03d33f7616abb1637babc4623
  • https://idsync.rlcdn.com/420246.gif?partner_uid=ZOPJjNsHUcYJmP2KwYshIKGt
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=c3904642047874b16a68f32a8500a0f2d17c418ca7bddcdbdfee6a6cfb0a589825abae5358c0e7bc
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Wk9QSmpOc0hVY1lKbVAyS3dZc2hJS0d0
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGM9VtbVgPh2tsB2Nbcb-Mw&google_cver=1
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=ZOPJjNsHUcYJmP2KwYshIKGt&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=80745522197733214142425389923400850199
0
0
image.sbxx
ib.mookie1.com/ Frame E668
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623
120 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
69.169.86.39 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:09 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
NY15
Content-Length
120
Expires
-1

Redirect headers

Date
Mon, 21 Aug 2023 20:31:08 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=934adda03d33f7616abb1637babc4623
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
private
X-Server
LAS11
Content-Length
217
0.gif
x01.aidata.io/ Frame E668
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0&bounce=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0&bounce=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
89.108.119.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
last-modified
Mon, 21 Aug 2023 20:31:08 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Mon, 21 Aug 2023 20:31:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
last-modified
Mon, 21 Aug 2023 20:31:08 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=LOTAME&id=934adda03d33f7616abb1637babc4623&gdpr=0&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 21 Aug 2023 20:31:08 GMT
qmap
sync.crwdcntrl.net/ Frame E668
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214040604615013338552&gdpr=0&gdpr_consent=
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214040604615013338552&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.8.0
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:07 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214040604615013338552&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
14f4CeN5FtnHouK97UizAeHtEsLYb7Nw-RW66x1E8Zb1Xrnf5MrZxQ==
expires
0
382416.gif
idsync.rlcdn.com/ Frame E668 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=934adda03d33f7616abb1637babc4623&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:31:07 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rand=196198120
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4838202465699042224/gdpr=0/ Frame E668
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=196198120
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4838202465699042224/gdpr=0/rand=196198120
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4838202465699042224/gdpr=0/rand=196198120
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=161%2C159%2C153%2C148%2C135%2C132%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C100%2C94%2C89%2C79%2C78%2C76%2C65%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-223-152.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.44
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
an-x-request-uuid
e4e9c5a9-4323-4035-83e7-61e266e935fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4838202465699042224/gdpr=0/rand=196198120
x-proxy-origin
96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
57333
i.liadm.com/s/ 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HMJPdSZHG_84LVKYSkudcFJ6&rnd=4532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-112-111.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 20:31:08 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
5
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame B68C 		85 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pjma.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
213092
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 19 Aug 2023 09:19:36 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
x-amz-cf-id
x_TD4iAElvKnB02FGexLfzNYTNaEzA9hoNzij4I3lOFdEdJokIXNVg==
x-amz-cf-pop
JFK50-P7
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame B68C 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 13 Aug 2023 04:56:24 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
747285
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
g4Gue9HFuX4OfTDuvMFdnKJ4hk4Fl2vDuBeOuIOREb7rj6H-pKH30w==
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HMJPdSZHG_84LVKYSkudcFJ6/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=934adda03d33f7616abb1637babc4623
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=934adda03d33f7616abb1637babc4623
Protocol
HTTP/1.1
Server
63.251.114.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Aug 2023 20:31:09 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=934adda03d33f7616abb1637babc4623
cache-control
no-cache
x-server
10.40.4.0
content-length
0
expires
0
pixel
ps.eyeota.net/ 		644 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Mon, 21 Aug 2023 20:31:09 GMT
Content-Length
644
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&bid=1e2n4ou
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&bid=1e2n4ou
Protocol
HTTP/1.1
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 21 Aug 2023 20:31:09 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=472440fc-c0dd-4ffc-8317-4b18f843a8e0&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
cms
ups.analytics.yahoo.com/ups/58773/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
0
0
match
ps.eyeota.net/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZOPJjQAAATPn-wBV
  • https://ps.eyeota.net/match?uid=ZOPJjQAAATPn-wBV&bid=0rijhbu&referrer_pid=51md42u&_test=ZOPJjQAAATPn-wBV
0
0
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=4838202465699042224&bid=2cr76e1&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=4838202465699042224&bid=2cr76e1&referrer_pid=51md42u
Protocol
HTTP/1.1
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pjma.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 21 Aug 2023 20:31:09 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 21 Aug 2023 20:31:09 GMT
an-x-request-uuid
1b2b133e-6a71-4679-b80c-8730694fb2c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=4838202465699042224&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin
96.9.246.196; 96.9.246.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://tags.bluekai.com/site/29535?limit=1&id=2oqT7r5Mzj-2DhBhXS3z6iljIbVe4ugxsutG0mlx9m8g
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-0959rSMZnPxvs2tvs5o5VTzYm8MUTr0w_NN831ZIEA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=lotame
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=80745522197733214142425389923400850199
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
Domain
ps.eyeota.net
URL
https://ps.eyeota.net/match?uid=ZOPJjQAAATPn-wBV&bid=0rijhbu&referrer_pid=51md42u&_test=ZOPJjQAAATPn-wBV
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C-IF1ZQl9kN.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://pjma.info/fb-item68325400236i5263/login.php
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=HMJPdSZHG_84LVKYSkudcFJ6' because its MIME type ('image/gif') is not executable.
network error URL: https://sync.search.spotxchange.com/partner?source=lotame
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn-tc.33across.com
cdn.jsdelivr.net
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
d.agkn.com
data-beacons.s-onetag.com
de.tynt.com
dpm.demdex.net
e.dlx.addthis.com
get.s-onetag.com
global.ib-ibi.com
i.liadm.com
i.simpli.fi
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
idsync.rlcdn.com
lex.33across.com
live.rezync.com
loadus.exelator.com
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.rfihub.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.shareaholic.com
pjma.info
pool.admedo.com
ps.eyeota.net
px.ads.linkedin.com
s.amazon-adsystem.com
secure.adnxs.com
spl.zeotap.com
stags.bluekai.com
static.xx.fbcdn.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
synchroscript.deliveryengine.adswizz.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
track2.securedvisit.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
whos.amung.us
widgets.amung.us
wt.rqtrk.eu
www.logo.wine
x.dlx.addthis.com
x01.aidata.io
aorta.clickagy.com
match.adsrvr.org
ps.eyeota.net
sync.mathtag.com
sync.search.spotxchange.com
ups.analytics.yahoo.com
104.107.25.203
104.124.154.37
104.18.34.83
104.18.35.167
107.178.254.65
108.138.106.17
108.138.128.124
108.138.128.21
108.139.29.127
108.139.29.87
13.225.223.2
13.225.223.33
141.94.171.212
142.250.80.34
15.197.193.217
15.235.42.104
18.164.124.103
18.164.124.41
199.38.167.131
216.219.81.3
216.22.16.8
23.206.121.209
23.23.38.193
2600:1f18:ed:550f:e955:bb38:ba2:3837
2600:9000:2511:e000:19:fc2c:a140:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:4bab
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:3037::ac43:cf32
2606:4700:e0::ac40:660b
2606:4700:e2::ac40:8d1f
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a04:4e42:200::485
2a04:4e42::300
3.136.136.253
3.136.3.63
3.213.195.177
3.216.196.251
3.228.223.152
3.230.62.22
34.111.234.236
34.123.65.25
34.171.234.26
34.229.3.43
34.247.150.29
35.190.60.146
35.210.53.219
52.1.88.9
52.46.151.131
52.55.2.158
54.83.175.63
54.88.112.111
63.251.114.136
63.251.114.137
64.58.232.176
67.202.105.21
67.202.105.33
68.67.161.208
69.169.86.39
69.173.151.100
89.108.119.28
01a1084202c44b767202260be09c3178ea3a9a4e2187d7c22cf8c712d2708109
06fdb355c470dbcaa41aa98db5ff4c3aaad6f4572c84eed3bd296acbd162beaa
1845d6fbb87eb5b682e8e3b27133dddf59bda5ea4b48b1886efad562ea7ca126
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
4dbe644caa3662fed78c0048cb8ae24d374900661384cff97e8a8f89c0b7e11f
542a69480761cb856b82c039588da89a7206cc6117b0324d01981f6297545b23
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
8dfe88009cac63108683c51852a36513aee2795fb2a27dcd058bf54838010790
9dc990b466cd6c71bb08f89a891a36e9d6105ce085f4a7b1907e02cb25e436a4
bcc1dae0103c590b563307cc990fb044cf77c7a119376d786178b4086b9482bb
be87d1092b0a7d6de2f6836caad7a231315edb48aa694e959f726c5f172e0311
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
c408f5b072dc8f5449091bc50d95ea19c724eb19e1ff19a61d19336ac0087259
c80dd250899432943f373346377e658bcd23a2af4788ac901738d18dcaf4868c
d93904c329d557a1eff9e49acd9641b51cd8bd147d438705e8ede2a80f37d5c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac