urlscan.io logo urlscan.io
SecurityTrails logo

cfw.worsebox.shop Open in urlscan Pro
2606:4700:3034::6815:2392  Public Scan

Go To Rescan Add Verdict Report
URL: https://cfw.worsebox.shop/
Submission: On January 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 1 countries across 80 domains to perform 245 HTTP transactions. The main IP is 2606:4700:3034::6815:2392, located in United States and belongs to CLOUDFLARENET, US. The main domain is cfw.worsebox.shop.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.
This is the only time cfw.worsebox.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
48 2600:141b:1c0... 20940 (AKAMAI-ASN1)
15 32 2600:9000:23c... 16509 (AMAZON-02)
3 18.238.64.130 ()
1 18.173.132.98 ()
2 16 2600:9000:26f... ()
2 18.173.219.124 ()
2 2607:f8b0:400... ()
3 69.192.109.53 ()
2 8 35.244.159.8 ()
13 2600:9000:251... ()
1 2 2620:116:800b... ()
7 7 35.211.178.172 ()
13 17 142.250.65.226 ()
3 12 172.64.151.101 ()
4 12 35.71.139.29 ()
9 13 8.43.72.98 ()
5 5 3.225.218.10 ()
2 2 2600:1f18:612... ()
1 1 23.195.76.23 ()
2 2 23.92.190.68 ()
1 1 63.251.28.133 ()
1 1 23.83.76.84 ()
1 37.157.5.133 ()
1 2 34.236.67.173 ()
7 7 69.194.240.13 ()
2 2 2620:112:f002... ()
2 54.243.90.71 ()
1 104.36.115.111 ()
1 52.2.10.131 ()
1 69.173.151.96 ()
1 18.173.132.21 ()
1 108.139.54.29 ()
2 8.28.7.81 ()
2 6 209.54.182.161 ()
2 2 173.231.178.85 ()
2 27 8.28.7.83 ()
7 7 54.165.177.33 ()
1 1 23.105.12.137 ()
1 1 198.148.27.131 ()
1 1 2603:c020:400... ()
2 3 151.101.130.49 ()
3 5 68.67.179.87 ()
1 2 8.18.47.7 ()
2 2 35.210.53.219 ()
2 2 54.227.205.3 ()
1 1 54.225.192.239 ()
1 2 54.211.17.237 ()
2 74.119.119.150 ()
1 1 199.38.167.131 ()
2 3 2606:4700::68... ()
1 1 69.90.254.78 ()
1 1 82.145.213.8 ()
2 3 34.111.113.62 ()
9 10 15.197.193.217 ()
1 40.76.134.238 ()
2 2 35.236.220.17 ()
2 4 2600:1f18:4e9... ()
2 8.28.7.84 ()
1 1 52.2.41.65 ()
2 2 2606:ae80:147... ()
2 2 207.198.113.88 ()
1 18.215.116.242 ()
1 2 38.98.69.175 ()
2 2 185.167.164.39 ()
2 2607:f8b0:400... ()
2 2600:9000:247... ()
1 2607:f8b0:400... ()
1 2607:f8b0:400... ()
6 2600:1f18:1ac... ()
1 2607:f8b0:400... ()
2 141.95.33.120 ()
1 52.20.53.186 ()
2 172.64.149.180 ()
2 23.47.170.102 ()
2 2001:4860:480... ()
2 2620:1ec:21::14 ()
2 2 52.45.176.159 ()
5 6 8.43.72.97 ()
1 162.19.138.116 ()
4 4 34.225.109.145 ()
1 1 2620:112:f002... ()
1 2600:1f18:ed:... ()
1 1 23.83.76.101 ()
2 2 185.184.8.90 ()
1 52.95.115.255 ()
1 2 104.18.41.104 ()
1 147.28.146.89 ()
1 23.92.190.74 ()
1 23.55.235.227 ()
1 1 216.200.232.253 ()
1 1 172.105.199.172 ()
1 35.186.193.173 ()
1 195.5.165.20 ()
1 162.55.120.196 ()
2 2 23.73.245.216 ()
1 2 34.234.194.189 ()
1 3.229.81.23 ()
1 52.73.29.135 ()
1 1 188.166.17.21 ()
245 69
1    2606:4700:3034::6815:2392 (United States)

ASN13335 (CLOUDFLARENET, US)
cfw.worsebox.shop
4    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
48    2600:141b:1c00:26::17ce:acb7 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.indianhealthyrecipes.com
32    2600:9000:23cb:e000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    18.238.64.130 (None, )

ASN- ()
c.amazon-adsystem.com
1    18.173.132.98 (None, )

ASN- ()
api.intentiq.com
16    2600:9000:26fa:8a00:1b:6b7d:2300:93a1 (None, )

ASN- ()
sync.intentiq.com
2    18.173.219.124 (None, )

ASN- ()
sync1.intentiq.com
syncv4.intentiq.com
2    2607:f8b0:4006:80e::200a (None, )

ASN- ()
fonts.googleapis.com
3    69.192.109.53 (None, )

ASN- ()
ads.pubmatic.com
8    35.244.159.8 (None, )

ASN- ()
u.openx.net
swasthis-d.openx.net
us-u.openx.net
13    2600:9000:2511:e00:1:6448:6d00:93a1 (None, )

ASN- ()
video.primis.tech
2    2620:116:800b:21:b08a:1dc5:659b:4055 (None, )

ASN- ()
pixel.quantserve.com
cms.quantserve.com
7    35.211.178.172 (None, )

ASN- ()
x.bidswitch.net
17    142.250.65.226 (None, )

ASN- ()
cm.g.doubleclick.net
12    172.64.151.101 (None, )

ASN- ()
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
12    35.71.139.29 (None, )

ASN- ()
eb2.3lift.com
13    8.43.72.98 (None, )

ASN- ()
pixel.rubiconproject.com
5    3.225.218.10 (None, )

ASN- ()
ups.analytics.yahoo.com
2    2600:1f18:612b:4264:b711:868:5175:f82d (None, )

ASN- ()
mb9eo.publishers.tremorhub.com
1    23.195.76.23 (None, )

ASN- ()
cs.media.net
2    23.92.190.68 (None, )

ASN- ()
ap.lijit.com
1    63.251.28.133 (None, )

ASN- ()
ads.stickyadstv.com
1    23.83.76.84 (None, )

ASN- ()
ssbsync-global.smartadserver.com
1    37.157.5.133 (None, )

ASN- ()
cm.adform.net
2    34.236.67.173 (None, )

ASN- ()
match.sharethrough.com
7    69.194.240.13 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (None, )

ASN- ()
ad.turn.com
2    54.243.90.71 (None, )

ASN- ()
pixel.adsafeprotected.com
1    104.36.115.111 (None, )

ASN- ()
hbopenbid.pubmatic.com
1    52.2.10.131 (None, )

ASN- ()
tlx.3lift.com
1    69.173.151.96 (None, )

ASN- ()
prebid-server.rubiconproject.com
1    18.173.132.21 (None, )

ASN- ()
config.aps.amazon-adsystem.com
1    108.139.54.29 (None, )

ASN- ()
aax.amazon-adsystem.com
2    8.28.7.81 (None, )

ASN- ()
image6.pubmatic.com
6    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
2    173.231.178.85 (None, )

ASN- ()
cm.adgrx.com
27    8.28.7.83 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
7    54.165.177.33 (None, )

ASN- ()
match.prod.bidr.io
1    23.105.12.137 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (None, )

ASN- ()
sync.technoratimedia.com
3    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
5    68.67.179.87 (None, )

ASN- ()
ib.adnxs.com
2    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
2    54.227.205.3 (None, )

ASN- ()
pm.w55c.net
1    54.225.192.239 (None, )

ASN- ()
sync.srv.stackadapt.com
2    54.211.17.237 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
1    199.38.167.131 (None, )

ASN- ()
p.rfihub.com
3    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
3    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
10    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
1    40.76.134.238 (None, )

ASN- ()
us01.z.antigena.com
2    35.236.220.17 (None, )

ASN- ()
um.simpli.fi
4    2600:1f18:4e9:5a02:bfa:a46e:1266:8631 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    8.28.7.84 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    52.2.41.65 (None, )

ASN- ()
sync.ipredictive.com
2    2606:ae80:1471:12::440 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    207.198.113.88 (None, )

ASN- ()
pixel-sync.sitescout.com
1    18.215.116.242 (None, )

ASN- ()
rtb.adentifi.com
2    38.98.69.175 (None, )

ASN- ()
pmp.mxptint.net
2    185.167.164.39 (None, )

ASN- ()
c1.adform.net
2    2607:f8b0:4006:80f::200a (None, )

ASN- ()
imasdk.googleapis.com
2    2600:9000:247b:3200:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
1    2607:f8b0:4006:80c::2006 (None, )

ASN- ()
s0.2mdn.net
1    2607:f8b0:4006:81d::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
6    2600:1f18:1aca:4282:f9e3:91a:8408:ef72 (None, )

ASN- ()
dt.adsafeprotected.com
1    2607:f8b0:4006:823::2002 (None, )

ASN- ()
securepubads.g.doubleclick.net
2    141.95.33.120 (None, )

ASN- ()
id5-sync.com
1    52.20.53.186 (None, )

ASN- ()
id.crwdcntrl.net
2    172.64.149.180 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
2    23.47.170.102 (None, )

ASN- ()
eus.rubiconproject.com
2    2001:4860:4802:32::3 (None, )

ASN- ()
csi.gstatic.com
2    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
2    52.45.176.159 (None, )

ASN- ()
ads.creative-serving.com
6    8.43.72.97 (None, )

ASN- ()
token.rubiconproject.com
1    162.19.138.116 (None, )

ASN- ()
lb.eu-1-id5-sync.com
4    34.225.109.145 (None, )

ASN- ()
i.liadm.com
1    2620:112:f002:bbbb::23 (None, )

ASN- ()
d.turn.com
1    2600:1f18:ed:550e:f339:4051:d8d6:6b16 (None, )

ASN- ()
i6.liadm.com
1    23.83.76.101 (None, )

ASN- ()
ssbsync.smartadserver.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    52.95.115.255 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN- ()
capi.connatix.com
1    147.28.146.89 (None, )

ASN- ()
prebid.a-mo.net
1    23.92.190.74 (None, )

ASN- ()
ce.lijit.com
1    23.55.235.227 (None, )

ASN- ()
hb.yahoo.net
1    216.200.232.253 (None, )

ASN- ()
sync.mathtag.com
1    172.105.199.172 (None, )

ASN- ()
gocm.c.appier.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    23.73.245.216 (None, )

ASN- ()
px.owneriq.net
2    34.234.194.189 (None, )

ASN- ()
thrtle.com
1    3.229.81.23 (None, )

ASN- ()
crb.kargo.com
1    52.73.29.135 (None, )

ASN- ()
sync.bfmio.com
1    188.166.17.21 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
48 indianhealthyrecipes.com
www.indianhealthyrecipes.com — Cisco Umbrella Rank: 260550
4 MB
45 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
video.primis.tech
3 MB
35 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
44 KB
22 rubiconproject.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
27 KB
19 intentiq.com
api.intentiq.com
sync.intentiq.com
sync1.intentiq.com
syncv4.intentiq.com
16 KB
18 doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
4 KB
13 3lift.com
eb2.3lift.com
tlx.3lift.com
6 KB
12 casalemedia.com
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
config.aps.amazon-adsystem.com
aax.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
80 KB
10 adsrvr.org
match.adsrvr.org
4 KB
10 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
105 KB
9 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
8 openx.net
u.openx.net
swasthis-d.openx.net
us-u.openx.net
2 KB
7 bidr.io
match.prod.bidr.io
4 KB
7 bidswitch.net
x.bidswitch.net
4 KB
6 gstatic.com
fonts.gstatic.com
csi.gstatic.com
53 KB
5 liadm.com
i.liadm.com
i6.liadm.com
3 KB
5 adnxs.com
ib.adnxs.com
5 KB
5 1rx.io
sync.1rx.io
3 KB
4 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
368 KB
3 tapad.com
pixel.tapad.com
1 KB
3 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
909 B
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 adform.net
cm.adform.net
c1.adform.net
1 KB
3 smartadserver.com
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
1 KB
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
2 thrtle.com
thrtle.com
683 B
2 owneriq.net
px.owneriq.net
1 KB
2 connatix.com
capi.connatix.com
536 B
2 creativecdn.com
creativecdn.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 linkedin.com
px.ads.linkedin.com
1 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 id5-sync.com
id5-sync.com
2 KB
2 mxptint.net
pmp.mxptint.net
967 B
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 dotomi.com
pubmatic-match.dotomi.com
743 B
2 simpli.fi
um.simpli.fi
1 KB
2 criteo.com
dis.criteo.com
725 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
835 B
2 w55c.net
pm.w55c.net
1 KB
2 admedo.com
pool.admedo.com
750 B
2 deepintent.com
match.deepintent.com
696 B
2 adgrx.com
cm.adgrx.com
1009 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1022 B
2 sharethrough.com
match.sharethrough.com
536 B
2 tremorhub.com
mb9eo.publishers.tremorhub.com
718 B
2 quantserve.com
pixel.quantserve.com
cms.quantserve.com
863 B
2 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187
6 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
359 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
279 B
1 ctnsnet.com
ipac.ctnsnet.com
360 B
1 appier.net
gocm.c.appier.net
436 B
1 mathtag.com
sync.mathtag.com
739 B
1 yahoo.net
hb.yahoo.net
651 B
1 a-mo.net
prebid.a-mo.net
451 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
277 B
1 crwdcntrl.net
id.crwdcntrl.net
825 B
1 googlesyndication.com
pagead2.googlesyndication.com
14 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 adentifi.com
rtb.adentifi.com
35 B
1 ipredictive.com
sync.ipredictive.com
554 B
1 antigena.com
us01.z.antigena.com
1 opera.com
t.adx.opera.com
552 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 rfihub.com
p.rfihub.com
790 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 technoratimedia.com
sync.technoratimedia.com
4 KB
1 contextweb.com
bh.contextweb.com
1009 B
1 stickyadstv.com
ads.stickyadstv.com
548 B
1 media.net
cs.media.net
901 B
1 worsebox.shop
cfw.worsebox.shop
89 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 loopme.me Failed
csync.loopme.me Failed
245 80
Domain Requested by
48 www.indianhealthyrecipes.com cfw.worsebox.shop
32 live.primis.tech 15 redirects cfw.worsebox.shop
live.primis.tech
18 simage2.pubmatic.com 2 redirects ads.pubmatic.com
17 cm.g.doubleclick.net 13 redirects eb2.3lift.com
u.openx.net
16 sync.intentiq.com 2 redirects live.primis.tech
ads.pubmatic.com
13 pixel.rubiconproject.com 9 redirects
13 video.primis.tech live.primis.tech
12 eb2.3lift.com 4 redirects ads.pubmatic.com
live.primis.tech
eb2.3lift.com
10 match.adsrvr.org 9 redirects live.primis.tech
9 image2.pubmatic.com ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
7 x.bidswitch.net 7 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 dt.adsafeprotected.com
6 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
u.openx.net
5 ib.adnxs.com 3 redirects eb2.3lift.com
5 sync.1rx.io 5 redirects
5 ups.analytics.yahoo.com 5 redirects
4 i.liadm.com 4 redirects
4 us-u.openx.net u.openx.net
ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
u.openx.net
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 fonts.gstatic.com cfw.worsebox.shop
fonts.googleapis.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 u.openx.net 2 redirects live.primis.tech
3 ads.pubmatic.com live.primis.tech
ads.pubmatic.com
3 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 thrtle.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 capi.connatix.com 1 redirects
2 creativecdn.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 csi.gstatic.com imasdk.googleapis.com
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 id5-sync.com live.primis.tech
2 static.adsafeprotected.com pixel.adsafeprotected.com
blank
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 a.tribalfusion.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
eb2.3lift.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 pool.admedo.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 pixel.adsafeprotected.com live.primis.tech
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 match.sharethrough.com 1 redirects
2 ap.lijit.com 2 redirects
2 mb9eo.publishers.tremorhub.com 2 redirects
2 fonts.googleapis.com cfw.worsebox.shop
live.primis.tech
2 fundingchoicesmessages.google.com cfw.worsebox.shop
1 match.adsby.bidtheatre.com 1 redirects
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync.mathtag.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 hb.yahoo.net
1 ce.lijit.com
1 prebid.a-mo.net
1 aax-eu.amazon-adsystem.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 lb.eu-1-id5-sync.com live.primis.tech
1 js-sec.indexww.com live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 securepubads.g.doubleclick.net imasdk.googleapis.com
1 pagead2.googlesyndication.com imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 prebid-server.rubiconproject.com live.primis.tech
1 tlx.3lift.com live.primis.tech
1 hbopenbid.pubmatic.com live.primis.tech
1 htlb.casalemedia.com live.primis.tech
1 swasthis-d.openx.net live.primis.tech
1 cm.adform.net
1 ssbsync-global.smartadserver.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 syncv4.intentiq.com
1 cs.media.net 1 redirects
1 pixel.quantserve.com
1 sync1.intentiq.com
1 api.intentiq.com live.primis.tech
1 cfw.worsebox.shop
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed live.primis.tech
0 cs.admanmedia.com Failed
0 csync.loopme.me Failed ads.pubmatic.com
245 118
Subject Issuer Validity Valid
worsebox.shop
GTS CA 1P5		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cert-00028-cdnedge-bluemix.akamaized.net
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh

This page contains 43 frames:

Primary Page: https://cfw.worsebox.shop/
Frame ID: 1DFEE6083EB53DF9CB50FD80FC23C9B7
Requests: 77 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Frame ID: EE91ED8472300352D6E94B8F397C04B9
Requests: 49 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: B73E7E9498B10B3AD9EED5E570DBB8E2
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: E8516983D7615DAFA30D8D37648DD2B9
Requests: 26 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
Frame ID: E6DCFDE246D1364C5EFA69EF49559C82
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=30836&chanId=cfw.worsebox.shop&placementId=108128&pubOrder=US&custom=desktop&custom2=windows&custom3=chrome
Frame ID: 352AF873593967A2918D51D0F56E4AED
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 69EC7A71F6B7254D8DE7AD6A0E414283
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4da09d22-af03-11ee-ab4a-8536a300ad77
Frame ID: C70C7687B34B6540858984E32E73F7E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB9Rk7LOssAABMMA-Yh3w&gdpr=0
Frame ID: 7DC697E74EC327C8CC746E0FC230A06A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ1lYQANP41nmABU
Frame ID: FDB59FEC4A0D3CDAE7DD30A13D493572
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6512890869263952158&gdpr=0&gdpr_consent=
Frame ID: DE2FF5776982A49EC8B7AACBAB54DA8A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4DED212B67EE1DF54065FBF3869C7F10
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: E2DF476D9D519B87F0AEAE67A970D132
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=18lan9fJVcrMzlbN089OndWYU8vMywHK18mMmA8A
Frame ID: 99822EC3166E43A1223B57F519463371
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:434yvpag1RndYJ5&gdpr=0&gdpr_consent=
Frame ID: 5F67D551D74338E918788C175E4B89C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Frame ID: 4DF94A59E7F5D628E830A64F7CF14927
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0380376-CB3D-473E-A4B4-770C743C62A2
Frame ID: DB7A596E6522764866CA528AA7AB67A8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 285BDBE0AA9AFFD1FF99FD2BF513B35F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314647821382682
Frame ID: FB8F156BFE77E60978927BC32BAAF56B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FE5753A809A39D83BC951B05D23CC7E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874890082907
Frame ID: 580867F5B6FC8E3F05A9EF1FCE5FF78F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe190f85d7715459aa44daecb81c8e068
Frame ID: 02545362E657AB1A8DA4D6626F232C48
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: E859E989BE004A41B0808B53FA330ACC
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Frame ID: 0EA512A1D9FAE4A768F468CC57493A05
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 73301598BB574B5458FE6CECD621716B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 205EA18FDD7CA8B4AAC2A54FA240B203
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7A4042962E006F01BD93ACC4DB98F4D6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 23BC316528C3C9E768DF97B0A7ACDF90
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EBA040F64209841C223017C2C44AC806
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 9B68E90508C31C9318F57D4182DAF24D
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160602&us_privacy=1---
Frame ID: 6DAA5CF3529546580839965C1AA2A439
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 3CFB3B5BA6846E88831640BC9F6412D1
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 71464E79903D32B53D8A3C905238653C
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80a1659d-6564-4d00-80d0-2f1145ad7f20&gdpr=0&gdpr_consent=
Frame ID: 8D078DD7367B8FC41D5AE6423DDB973B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=8rG9Hmw1DsSyD2FcZWWdZQ
Frame ID: 3B1605D6ABCD3228D23D815E49819874
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-63666236-8a18-4052-895a-7bba62bb80af-005
Frame ID: DE49371E63130BE7956B74C067C4467B
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 37BDDAAF6BDE4EB8706AD4BAB6FE8B65
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D0567FD4429B564551C27E5197D129C8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 206037A74B8E20D9EC69A6C7A2A6C861
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 31F8E2F24D9131B3C611E56BC8FB5700
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581003241959651180
Frame ID: F54EB1D2C2DF2C63F599567C7A571971
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E&gdpr=0&gdpr_consent=
Frame ID: 67258D35E1E9A343EC105090D9DE244A
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Frame ID: C52FA75031AA8F5F648EBBB2E46D9025
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Swasthi's Recipes - Authentic Indian Recipes by SwasthiFacebookTwitterInstagramPinterestYouTubeTikTokSearchFacebookTwitterInstagramPinterestYouTubeTikTokToggle MenuSearchExpandToggle Menu CloseSearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

245
Requests

72 %
HTTPS

25 %
IPv6

80
Domains

118
Subdomains

69
IPs

1
Countries

7438 kB
Transfer

10464 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsrnd=14_1704813920738&vrref=https%3A%2F%2Fcfw.worsebox.shop%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsrnd=14_1704813920738&vrref=https%3A%2F%2Fcfw.worsebox.shop%2F&jsver=5.09&ckls=true&ci=fb9LdShLpP&nc=false&trid=-1689478119
Request Chain 69
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=43f4d19c-f5a4-4ef4-942d-b32921e730ce HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
Request Chain 83
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23&google_hm=OGZlZmFhZTktOTM0MS00NjEyLWEwNzktOGYyM2VjZTY5ZTIz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23&google_hm=OGZlZmFhZTktOTM0MS00NjEyLWEwNzktOGYyM2VjZTY5ZTIz&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDfNQ-iWZtse5h1f1T4FBV8&google_cver=1&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=8fefaae9-9341-4612-a079-8f23ece69e23
Request Chain 85
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
Request Chain 86
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4209301636010743935426 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4209301636010743935426
Request Chain 87
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR6I6WHU-1X-BQU3&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6I6WHU-1X-BQU3
Request Chain 88
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A
Request Chain 89
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1bafc23b8abe4a9ba9e0b6796e05de61 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1bafc23b8abe4a9ba9e0b6796e05de61
Request Chain 90
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=659d656067a8a&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3478155216634401000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3478155216634401000V10
Request Chain 91
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H9o9aLZHVIO7Np-3SKiEEo25 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25 HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25&ripv6=2602:ffc8:2:104::8
Request Chain 92
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=8b87abe0ddb619229e78d9e03ac7d73&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=8b87abe0ddb619229e78d9e03ac7d73
Request Chain 94
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=8583501066539810264 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8583501066539810264
Request Chain 96
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=8b979332-0a8b-4673-9e49-441e00e1ea1e&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=8b979332-0a8b-4673-9e49-441e00e1ea1e
Request Chain 97
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1704813921559 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4271360775 HTTP 302
  • https://sync.1rx.io/usersync/turn/7680775545455140265?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-63666236-8a18-4052-895a-7bba62bb80af-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-63666236-8a18-4052-895a-7bba62bb80af-005 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-63666236-8a18-4052-895a-7bba62bb80af-005 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-63666236-8a18-4052-895a-7bba62bb80af-005
Request Chain 113
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 114
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4da09d22-af03-11ee-ab4a-8536a300ad77
Request Chain 115
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOVJrN0xPc3NBQUJNTUEtWWgzdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAB9Rk7LOssAABMMA-Yh3w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8583501066539810264&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAB9Rk7LOssAABMMA-Yh3w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8583501066539810264%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8583501066539810264&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB9Rk7LOssAABMMA-Yh3w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAB9Rk7LOssAABMMA-Yh3w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8583501066539810264%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8583501066539810264&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB9Rk7LOssAABMMA-Yh3w&gdpr=0
Request Chain 116
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ1lYQANP41nmABU
Request Chain 117
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6512890869263952158&gdpr=0&gdpr_consent=
Request Chain 119
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=01f8a307-fbb1-44b0-9d34-2d4479cb6b86&user_group=1&ssp=pubmatic&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 120
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=18lan9fJVcrMzlbN089OndWYU8vMywHK18mMmA8A
Request Chain 121
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:434yvpag1RndYJ5&gdpr=0&gdpr_consent=
Request Chain 122
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Request Chain 123
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bcf0a2f3-b216-40cb-a847-3f4712bfdbeb&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0380376-CB3D-473E-A4B4-770C743C62A2
Request Chain 125
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314647821382682
Request Chain 126
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 127
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874890082907
Request Chain 128
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe190f85d7715459aa44daecb81c8e068
Request Chain 130
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=E0380376-CB3D-473E-A4B4-770C743C62A2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4DgDdss9Rz6ktHcMdDxiog%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 132
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E0380376-CB3D-473E-A4B4-770C743C62A2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=E0380376-CB3D-473E-A4B4-770C743C62A2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%2C%2C
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTAzODAzNzYtQ0IzRC00NzNFLUE0QjQtNzcwQzc0M0M2MkEy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK9MaADWIwsbRqiXjEsRKas&google_cver=1
Request Chain 137
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E
Request Chain 138
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=
Request Chain 140
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZGvlOPpE2uVvPxQSzGgbHpp4iiLg0vw-~A&gdpr=0
Request Chain 141
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7d38a422-21d9-43bf-ab54-a73d3f567878&gdpr=0&gdpr_consent=
Request Chain 142
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=111ddf4d44cc2345&is_secure=true&networkId=17100&version=1&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClpt7etLefQMbI4zoAAAAAAA&expiration=1704900321&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 143
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fbe19f0-69fb-49dc-8843-9ef67bf14aa0-659d6561-5553&gdpr=0&gdpr_consent=
Request Chain 145
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365844744733744553&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 146
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10F063B2B_37504E43&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3512421894484483932
Request Chain 169
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1806720e-a05f-4a86-aa00-7e1e77d0234b&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 170
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPVWg_55jztDMVDcQ-yqaBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 172
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D
Request Chain 174
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4209301636010743935426?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TFRgHxRE2oQ9KSRYxMi1dq0UThMC.ZAXfwHMOj34NA--~A&dongle=0883
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4209301636010743935426&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=dd9105ad-3cd3-48ae-95cc-8070b22b771b&ssp=triplelift&expires=30&user_group=5&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=8fefaae9-9341-4612-a079-8f23ece69e23&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 177
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6512890869263952158&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ1lYQANP41nmABU
Request Chain 182
  • https://match.adsrvr.org/track/cmf/openx?oxid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0&gdpr_consent=
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7QvoPAAWJFJN1PrbObAE0&google_cver=1
Request Chain 189
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c9ba7fcdaa424aa7b30e4b21915eccb5 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4365844744733744553 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b
Request Chain 190
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&expiration=1707405922&gdpr=0&gdpr_consent=
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ1lYTiHX4MGolsQyGFzvQAADbwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMA3dQaKTTmSWcUtm05sgu4&google_cver=1
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ1lYTiHX4MGolsQyGFzvQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC9mYb-_kt-mF1z6SyrKnws&google_cver=1
Request Chain 193
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8583501066539810264&gdpr=0&gdpr_consent=
Request Chain 194
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Vw2tw1wOS2MLMFyeMp4c6bGRTRUc14dQF5TzrLVsnj4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1
Request Chain 195
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZZ1lYTiHX4MGolsQyGFzvQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087333156153
Request Chain 196
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_40ec9063d09f4fbba1759
Request Chain 201
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=&expires=30
Request Chain 202
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjIzNGI0YzE2ZDIyZDA2YzQ3MTIwMzNmMzFiYTczMmNhOWZiMTNiNw&us_privacy=1---
Request Chain 203
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Z_BgDtoTb-scuUuByNSFA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0Z_BgDtoTb-scuUuByNSFA
Request Chain 204
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6I6WHU-1X-BQU3&us_privacy=1---
Request Chain 205
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2STZXSFUtMVgtQlFVMw==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAGgpVuxRrvqGJXL_4JfwOY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2STZXSFUtMVgtQlFVMw==&google_push=
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR6I6WHU-1X-BQU3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7mOi_YtHwwp-BzBAyyRwc&google_cver=1
Request Chain 209
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W-6xijOSCaTTmbZgbiwV68n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JNN6qtpE2oJP1oif5wDhfEQFtYZsxvMCc8BeBw--~A
Request Chain 210
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB9Rk7LOssAABMMA-Yh3w&expires=30
Request Chain 211
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6I6WHU-1X-BQU3&us_privacy=1---
Request Chain 213
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Request Chain 214
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR6I6WHU-1X-BQU3&us_privacy=1---
Request Chain 215
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6I6WHU-1X-BQU3&redir=true&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6I6WHU-1X-BQU3&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OWDVfRUM1RTJ1R0Zia1ZyUVZVNVhWa1JDZUhpb2RFeH5B&ovsid=LR6I6WHU-1X-BQU3&dpid=58160&us_privacy=1---
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80a1659d-6564-4d00-80d0-2f1145ad7f20&gdpr=0&gdpr_consent=
Request Chain 230
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=8rG9Hmw1DsSyD2FcZWWdZQ
Request Chain 231
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8684363748 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1806720e-a05f-4a86-aa00-7e1e77d0234b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-63666236-8a18-4052-895a-7bba62bb80af-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-63666236-8a18-4052-895a-7bba62bb80af-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-63666236-8a18-4052-895a-7bba62bb80af-005
Request Chain 236
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7581003241959651180&uid=Q7581003241959651180&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581003241959651180
Request Chain 237
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E&gdpr=0&gdpr_consent=
Request Chain 238
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=E0380376-CB3D-473E-A4B4-770C743C62A2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Request Chain 239
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a05fbbe-8181-48a2-b341-6c000a3c7ae8
Request Chain 243
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8ac1c7ae-7472-4074-97c4-9b3a70386b6b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

245 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cfw.worsebox.shop/ 		450 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae19446fb60464f752f8709526ae55bcefd00f54dd4259ff32db4225018dc1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2412
cf-cache-status
DYNAMIC
cf-ray
842db11f5f8f4bc6-BUF
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 15:25:16 GMT
expires
Tue, 09 Jan 2024 16:05:28 GMT
last-modified
Tue, 09 Jan 2024 15:05:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soQZhUEY%2BT5YbHl1fhqCYxiKKThoMasmRyGlSck2nuEHn%2B7LOU5ZvHA0ZpfstzPll9uCE5K0UoBo1iGcEq813vLGeVYRlX0CtniZARseXVTYmzZHp3EZcIqZ1cifEohn6tTU%2BbmTFCEQIZK1u8cGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
EXPIRED
x-sucuri-id
15006
x-xss-protection
1; mode=block
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cfw.worsebox.shop/
Origin
https://cfw.worsebox.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 23:57:17 GMT
x-content-type-options
nosniff
age
574079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14124
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 23:57:17 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cfw.worsebox.shop/
Origin
https://cfw.worsebox.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 21:36:23 GMT
x-content-type-options
nosniff
age
582533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14928
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 21:36:23 GMT
pub-7729174349368549
fundingchoicesmessages.google.com/b/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-7729174349368549
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb8960767c07a91f5338afc8b5c0caea319f510a322f5f9adbdb4db6ecf03d43
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KDzoXq8bKzN4xnjcRJ_Jqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-KDzoXq8bKzN4xnjcRJ_Jqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Swasthis_Recipes_Logo.png.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/08/Swasthis_Recipes_Logo.png.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
ccef816cd54fcf5008d9ea688cd69d93a12ace2a2b4f65df9c4b5418ea7c7107
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Sat, 06 Aug 2022 01:39:29 GMT
server
Sucuri/Cloudproxy
etag
"62edc651-cda"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=313888016
x-sucuri-id
14006
accept-ranges
bytes
content-length
3290
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2033 14:32:12 GMT
paneer-butter-masala-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/paneer-butter-masala-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4c214c57dfbe0d7a146c91040e7407bff6a5757b7adc7c35c0560b578aa68ba6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:39:17 GMT
server
Sucuri/Cloudproxy
etag
"623aa475-12750"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311332746
x-sucuri-id
14006
accept-ranges
bytes
content-length
75600
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2033 00:44:22 GMT
samosa-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/samosa-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4bda402e279d970104a9b09ee8571b5fb56e74ce606c0cd1fcc3a3cbd0e7fe1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:39:44 GMT
server
Sucuri/Cloudproxy
etag
"623aa490-e28a"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311332650
x-sucuri-id
14006
accept-ranges
bytes
content-length
57994
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2033 00:42:46 GMT
butter-chicken-murgh-makhani-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/05/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/05/butter-chicken-murgh-makhani-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
1dbce60a6099959e03fb3def860ba18aad0c8e274eb92586be64f382c4c872aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 May 2023 13:40:19 GMT
server
Sucuri/Cloudproxy
etag
"645f9343-1e3d8"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311326172
x-sucuri-id
14006
accept-ranges
bytes
content-length
123864
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2033 22:54:48 GMT
lazyload.min.js
www.indianhealthyrecipes.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.indianhealthyrecipes.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 15:25:16 GMT
x-sucuri-cache
MISS
content-length
3053
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 01:06:21 GMT
server
Sucuri/Cloudproxy
etag
W/"64e7fe8d-22bc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=310168895
x-sucuri-id
14006
expires
Mon, 07 Nov 2033 13:26:51 GMT
circle.svg
www.indianhealthyrecipes.com/wp-content/plugins/kadence-blocks/includes/assets/images/masks/ 		0
0
chana-masala-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/08/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/08/chana-masala-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
445c133ef666ae3c22cf175a80fc8a854081c221b935aa361719280faf201b71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:38:13 GMT
server
Sucuri/Cloudproxy
etag
"623aa435-16a7a"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311332766
x-sucuri-id
14006
accept-ranges
bytes
content-length
92794
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2033 00:44:42 GMT
palak-paneer-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/palak-paneer-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
b735324cd34c9c013413a2a953ce5756e83e8c2535ed5c1fa545f3b8783c5606
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
63112
x-xss-protection
1; mode=block
last-modified
Wed, 23 Mar 2022 04:45:11 GMT
server
Sucuri/Cloudproxy
etag
"623aa5d7-f688"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=313924973
x-sucuri-id
14006
accept-ranges
bytes
expires
Wed, 21 Dec 2033 00:48:09 GMT
dal-makhani-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/04/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/04/dal-makhani-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
9da5b00be45970e714b4badc1b721c324fded3cbd0340a11a73df7a7dc63843c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 05:44:04 GMT
server
Sucuri/Cloudproxy
etag
"644b5d24-167ec"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314502893
x-sucuri-id
14006
accept-ranges
bytes
content-length
92140
x-xss-protection
1; mode=block
expires
Tue, 27 Dec 2033 17:20:09 GMT
matar-paneer-1-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/matar-paneer-1-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
c2a8050e843065e7e005b43d5d248d781a0d8f703dd123c17f48fb6b23030754
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:42:50 GMT
server
Sucuri/Cloudproxy
etag
"623aa54a-1c9a2"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314121190
x-sucuri-id
14006
accept-ranges
bytes
content-length
117154
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 07:18:26 GMT
pav-bhaji-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/11/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/11/pav-bhaji-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
153e0313d97fa05688d7fcf2a4e9ed9142f0ac752b725507b6fe4e03154fea24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:26:14 GMT
server
Sucuri/Cloudproxy
etag
"623aa166-114d0"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314502893
x-sucuri-id
14006
accept-ranges
bytes
content-length
70864
x-xss-protection
1; mode=block
expires
Tue, 27 Dec 2033 17:20:09 GMT
dosa-recipe.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2020/07/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2020/07/dosa-recipe.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
5da5d7a7f9ba6e780472cbd07af5caab487cd660409aafd1f6020f6c6e4b271b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 05:09:50 GMT
server
Sucuri/Cloudproxy
etag
"623aab9e-fa10"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=309511393
x-sucuri-id
14006
accept-ranges
bytes
content-length
64016
x-xss-protection
1; mode=block
expires
Sun, 30 Oct 2033 22:48:29 GMT
upma-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/05/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/05/upma-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
287f8fbfed38508f4db2e8971e73409f263ce229e7ad4ea80f0e3733888eafa9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 13:53:58 GMT
server
Sucuri/Cloudproxy
etag
"645115f6-19400"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314502893
x-sucuri-id
22006
accept-ranges
bytes
content-length
103424
x-xss-protection
1; mode=block
expires
Tue, 27 Dec 2033 17:20:09 GMT
idli-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/idli-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
e7b9007043cbb1fa860a5ffd0652b5640ecb011cf17829daaf2d4a520c5253bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:45:31 GMT
server
Sucuri/Cloudproxy
etag
"623aa5eb-eea2"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=310146554
x-sucuri-id
14006
accept-ranges
bytes
content-length
61090
x-xss-protection
1; mode=block
expires
Mon, 07 Nov 2033 07:14:30 GMT
paneer-recipes-swasthi-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/03/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/03/paneer-recipes-swasthi-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
37b9edcb298afc43600f6134ebcc91806d5edc5eedc986b59b745b57d3fcebda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Mar 2022 16:52:30 GMT
server
Sucuri/Cloudproxy
etag
"6241e7ce-e6b0"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315254307
x-sucuri-id
22006
accept-ranges
bytes
content-length
59056
x-xss-protection
1; mode=block
expires
Thu, 05 Jan 2034 10:03:43 GMT
dal-fry-dal-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/10/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/10/dal-fry-dal-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
008c07066f24a38a6bb02377be457fcfc6c7fd4f4e5a7044fdbb3f65fcfb7d48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Oct 2023 04:38:19 GMT
server
Sucuri/Cloudproxy
etag
"651cec3b-13bb2"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314141241
x-sucuri-id
22006
accept-ranges
bytes
content-length
80818
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 12:52:37 GMT
masoor-dal-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/02/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/02/masoor-dal-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
ca5a13618227cf8e51c00f12e054bf9fcc6f0323b307469d0db4bb72de803cfc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:16:58 GMT
server
Sucuri/Cloudproxy
etag
"623a9f3a-100b2"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
65714
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
chana-dal-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/chana-dal-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
34274ae3d1935bf5d55cd8f174a95f6d5e8c5a7919debc3e044b4ca95abfdf13
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:40:33 GMT
server
Sucuri/Cloudproxy
etag
"623aa4c1-c9f6"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
51702
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
green-moong-dal-green-gram-curry-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/06/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/06/green-moong-dal-green-gram-curry-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
7d0293baad4290303d2e3bf4763c73f9a655a86b689eff091d209472ecb6037b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Jun 2022 11:36:36 GMT
server
Sucuri/Cloudproxy
etag
"62974f44-240da"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314600784
x-sucuri-id
14006
accept-ranges
bytes
content-length
147674
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2033 20:31:40 GMT
moong-dal-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/moong-dal-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
41fc3840f3a3b2aaa7e00b1c6f004badca25baa1f9a0af679df5fed657332e77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:39:07 GMT
server
Sucuri/Cloudproxy
etag
"623aa46b-12c44"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314391268
x-sucuri-id
22006
accept-ranges
bytes
content-length
76868
x-xss-protection
1; mode=block
expires
Mon, 26 Dec 2033 10:19:44 GMT
sambar-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/05/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/05/sambar-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
2cad94a55b854c2153240c20d52d9510f32e23a7ab6bb76f821a8c33dda1d68a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:49:19 GMT
server
Sucuri/Cloudproxy
etag
"623aa6cf-146ee"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311391650
x-sucuri-id
14006
accept-ranges
bytes
content-length
83694
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2033 17:06:06 GMT
poori-puri-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/05/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/05/poori-puri-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
5e95ede81bbddf1b3f573c8ab7d4cdc859b560adbc5eb0f5afd4030ddc02b697
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:50:05 GMT
server
Sucuri/Cloudproxy
etag
"623aa6fd-1202a"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311406591
x-sucuri-id
14006
accept-ranges
bytes
content-length
73770
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2033 21:15:07 GMT
pulao-veg-pulao-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/05/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/05/pulao-veg-pulao-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
1efc21318732172389b2ad55bb658a4938e10359ca6e6c752f74a8be68510b3a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:50:02 GMT
server
Sucuri/Cloudproxy
etag
"623aa6fa-14ed8"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311329174
x-sucuri-id
14006
accept-ranges
bytes
content-length
85720
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2033 23:44:50 GMT
aloo-gobi-gravy-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/03/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/03/aloo-gobi-gravy-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4d779a57500f376991cd9a31647ee9ccfd3c597d0a992ad0fe1ea1e55d7f759f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:16:20 GMT
server
Sucuri/Cloudproxy
etag
"623a9f14-daa4"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311232557
x-sucuri-id
14006
accept-ranges
bytes
content-length
55972
x-xss-protection
1; mode=block
expires
Sat, 19 Nov 2033 20:54:33 GMT
eggless-chocolate-cake-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/12/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/12/eggless-chocolate-cake-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
36200b68d370cfd4dd9495b4fd5d1332b376b929db2b970af6360c71f1950813
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:23:35 GMT
server
Sucuri/Cloudproxy
etag
"623aa0c7-f210"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311323481
x-sucuri-id
14006
accept-ranges
bytes
content-length
61968
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2033 22:09:57 GMT
chicken-tikka-kebab-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/06/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/06/chicken-tikka-kebab-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
0a6b42bba7d76621b60cf6557976c1479e387d3378b400bc822645b7132fd1d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jun 2022 15:13:49 GMT
server
Sucuri/Cloudproxy
etag
"629e19ad-25b7e"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=311329067
x-sucuri-id
14006
accept-ranges
bytes
content-length
154494
x-xss-protection
1; mode=block
expires
Sun, 20 Nov 2033 23:43:03 GMT
masala-dosa-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/masala-dosa-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
e3382df05aaf3d2b850bc412e99dbc85f12ad478afe7a4495c9f7819c8f1d994
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:46:55 GMT
server
Sucuri/Cloudproxy
etag
"623aa63f-161b4"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314141241
x-sucuri-id
14006
accept-ranges
bytes
content-length
90548
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 12:52:37 GMT
oats-recipes-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/10/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/10/oats-recipes-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
d8b9ee0b22aefc8bd860464401701957a2f9a7703881c4f39314f30bcfc52590
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:28:48 GMT
server
Sucuri/Cloudproxy
etag
"623aa200-b132"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
45362
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
rava-dosa-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/rava-dosa-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
020409f518592fdc3cbcaaadaaa97c6e65974990f4fd3fdf931dd2713ebbb55b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:45:26 GMT
server
Sucuri/Cloudproxy
etag
"623aa5e6-1d6d6"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
120534
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
medu-vada-1-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/07/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/07/medu-vada-1-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
40b211a9e539c17ad65f8dccf4257e0af53acf230d3ca5fc5722d2fea313e307
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:40:18 GMT
server
Sucuri/Cloudproxy
etag
"623aa4b2-c88c"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
51340
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
rava-idli-instant-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/08/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/08/rava-idli-instant-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
be76662e7b110cfe5c3b530cea232ebe2afbeb11336e17e0f197187fb711298b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:38:09 GMT
server
Sucuri/Cloudproxy
etag
"623aa431-135f0"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
22006
accept-ranges
bytes
content-length
79344
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
indian-masala-chai-tea-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/05/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/05/indian-masala-chai-tea-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
850da7f4c84bb8d9b29b9f2e58104f56ed75912499e9a774d20386e6375b2e56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 15:21:14 GMT
server
Sucuri/Cloudproxy
etag
"646f7cea-11c7c"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
HIT
cache-control
max-age=314665299
x-sucuri-id
14006
accept-ranges
bytes
content-length
72828
x-xss-protection
1; mode=block
expires
Thu, 29 Dec 2033 14:26:55 GMT
curry-sauce-curry-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/08/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/08/curry-sauce-curry-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4873536e372f230c946244af86c3762f9f8b5635cc384e29f66c394a99636ed7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Aug 2023 17:25:47 GMT
server
Sucuri/Cloudproxy
etag
"64da639b-1ccde"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314461771
x-sucuri-id
14006
accept-ranges
bytes
content-length
117982
x-xss-protection
1; mode=block
expires
Tue, 27 Dec 2033 05:54:47 GMT
sandwich-recipes-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/04/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/04/sandwich-recipes-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
d9be3e54cf64fa767b71946bb28e8725d5bb85d8a6b579ab724b13491ee9c35f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Apr 2022 11:34:30 GMT
server
Sucuri/Cloudproxy
etag
"624d7ac6-e3c2"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
58306
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
tomato-soup-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/11/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/11/tomato-soup-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
8f3b7c7108296ce9322f9f9d99621333185afbb5ce836a70198cdc1a9428c71e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Nov 2022 14:02:11 GMT
server
Sucuri/Cloudproxy
etag
"637b84e3-15bc8"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
89032
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
masala-pasta-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/11/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/11/masala-pasta-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
91a490566c8666fabb0f6273f0e9a75dd1fb15ad4d0793aa1c1cdb8787e2cd01
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Nov 2022 14:05:14 GMT
server
Sucuri/Cloudproxy
etag
"63651c1a-1253c"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
75068
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
veg-biryani-vegetable-biryani-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/09/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/09/veg-biryani-vegetable-biryani-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4aa45dc8488f421b48890e9c830c53655f71492d6738509ed69a3783815177f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:31:40 GMT
server
Sucuri/Cloudproxy
etag
"623aa2ac-1f4dc"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314772513
x-sucuri-id
14006
accept-ranges
bytes
content-length
128220
x-xss-protection
1; mode=block
expires
Fri, 30 Dec 2033 20:13:49 GMT
tomato-chutney-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/07/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/07/tomato-chutney-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
d74ff686b312df2e7fd68cff8ec16cecd089d1e176346b14ebcaf1bba1033bc9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Jul 2022 19:12:09 GMT
server
Sucuri/Cloudproxy
etag
"62daf689-11db4"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314871488
x-sucuri-id
14006
accept-ranges
bytes
content-length
73140
x-xss-protection
1; mode=block
expires
Sat, 31 Dec 2033 23:43:24 GMT
egg-curry-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/04/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/04/egg-curry-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
3dd456bad80811f7d0cb8dc18b998d9dc5dd305fb53b2d0802a02425c7a04bac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 01 Apr 2022 04:59:26 GMT
server
Sucuri/Cloudproxy
etag
"624686ae-14280"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314157471
x-sucuri-id
14006
accept-ranges
bytes
content-length
82560
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 17:23:07 GMT
malai-kofta-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/06/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/06/malai-kofta-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
dda82e2e250c8a1a9ee6b1e9ce3dcad8b70085977b660c2b12205491a54935ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Jun 2022 17:13:19 GMT
server
Sucuri/Cloudproxy
etag
"62b34daf-11116"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314125563
x-sucuri-id
14006
accept-ranges
bytes
content-length
69910
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 08:31:19 GMT
veg-cutlet-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/veg-cutlet-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4a5f2fff965747e91c1219cfbf3858091028b3ffb1b03cb80bb54bdf0d239573
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:44:47 GMT
server
Sucuri/Cloudproxy
etag
"623aa5bf-10bfa"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=313897033
x-sucuri-id
14006
accept-ranges
bytes
content-length
68602
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2033 17:02:29 GMT
baingan-bharta-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/baingan-bharta-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
35f4e5a014aa2d6c72b9e6ea5371ef127c6d898324306d62b998698b4907bb30
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:45:16 GMT
server
Sucuri/Cloudproxy
etag
"623aa5dc-1e6e6"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
124646
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
gobi-manchurian-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/02/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/02/gobi-manchurian-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
333b5a28762aa06e8ad9a7a0dbc1d4f4f4bd021392a58819596fbcab40db1401
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:17:03 GMT
server
Sucuri/Cloudproxy
etag
"623a9f3f-1b528"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=314141241
x-sucuri-id
14006
accept-ranges
bytes
content-length
111912
x-xss-protection
1; mode=block
expires
Fri, 23 Dec 2033 12:52:37 GMT
basmati-rice-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2023/07/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2023/07/basmati-rice-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
215757f2e9abef94921bcde5a790b8a95f3ef7b7d6425319ca8ebd35a8aeed37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jul 2023 18:15:26 GMT
server
Sucuri/Cloudproxy
etag
"64aeedbe-1715c"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
94556
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
fried-rice-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/01/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/01/fried-rice-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
eb04d083f74e4683409d96bb239bf76e349c1d59733e87bee0d556a0791b99bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:20:57 GMT
server
Sucuri/Cloudproxy
etag
"623aa029-b890"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
47248
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
ghee-rice-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/06/ghee-rice-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
7ab8820126f70048a8e4ec0d8e002047d020fc906e28b06880c27e7453910873
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:45:44 GMT
server
Sucuri/Cloudproxy
etag
"623aa5f8-d48c"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
54412
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
tomato-rice-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/08/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/08/tomato-rice-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
1f11f25b77a04d6590d6574a8fd8d793cef8e56d245e01225471b1b64dc2df47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:37:56 GMT
server
Sucuri/Cloudproxy
etag
"623aa424-1aa08"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=312962686
x-sucuri-id
14006
accept-ranges
bytes
content-length
109064
x-xss-protection
1; mode=block
expires
Fri, 09 Dec 2033 21:30:02 GMT
khichdi-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2021/05/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2021/05/khichdi-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
fd3dd8a7e699c9b0c41905888dcb8ad521747b0223a1d5bf924687af4e620238
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 04:51:21 GMT
server
Sucuri/Cloudproxy
etag
"623aa749-15e38"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315209531
x-sucuri-id
14006
accept-ranges
bytes
content-length
89656
x-xss-protection
1; mode=block
expires
Wed, 04 Jan 2034 21:37:27 GMT
jeera-rice-recipe-680x1020.jpg.webp
www.indianhealthyrecipes.com/wp-content/uploads/2022/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indianhealthyrecipes.com/wp-content/uploads/2022/12/jeera-rice-recipe-680x1020.jpg.webp
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:26::17ce:acb7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
eff789b9056b609b3320534e88c32ddf72b4d1ba813e8544b50ac9a240a25216
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Tue, 09 Jan 2024 15:25:16 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Dec 2022 17:58:42 GMT
server
Sucuri/Cloudproxy
etag
"63a73dd2-11a6e"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sucuri-cache
MISS
cache-control
max-age=315360000
x-sucuri-id
14006
accept-ranges
bytes
content-length
72302
x-xss-protection
1; mode=block
expires
Fri, 06 Jan 2034 15:25:16 GMT
admin-ajax.php
www.indianhealthyrecipes.com/wp-admin/ 		0
0
AGSKWxUwuoME5GUUCcGcj4xYJ8bmtRouniHD4A2dShuJ9f4KZRuvFWOFbABhpwn2GCscQ88NEO14q8-PgzDRpz9TJz7iEQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwuoME5GUUCcGcj4xYJ8bmtRouniHD4A2dShuJ9f4KZRuvFWOFbABhpwn2GCscQ88NEO14q8-PgzDRpz9TJz7iEQ==
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5dtCQlRtrJb-nr2D1n5Lhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5dtCQlRtrJb-nr2D1n5Lhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108128
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fc57187158affe131d50764437b8373ad3c475fc7cd488777c2a3660446d3293

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
f4kou5pYVPTY1cwPu_Twzi3L3-O2sCmOSqpLMsZtQ45AMpiTcLQBBg==
liveView.php
live.primis.tech/live/ Frame EE91 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1f4556acf5ba2fa4e11a9055c033388701569aa68ead27d5cdc6020d74a0126c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tleItEy2DocBq6nsAgTp9gMPv7Otzbg1LfHsYqTvZMQ1JhwK_9BVVA==
deflate.min.js
live.primis.tech/main/js/ Frame EE91 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0ynB5xHQkJybu1yozWIIsWzYv0TCI0TxWifBmhUHJNv5FdvOttdwwA==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame EE91 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:07 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"64d0ac43-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
bDfi9sLxbDdQvBmiaOJ4tXTSFutgNeFpWOtewy1WkxwiF3b5jOdeFQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame EE91 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:19 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:07 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"64d0ac43-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
89yOuHGmR-TeLBGsd1JluVfCO_xuVBsAATpSqtJ70tM4JqNtrtOq7Q==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame EE91 		258 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"623b1723-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
e8xFcPxQmV_sT7PFWvWGdG9iw060rAVQoQNn3-ruRE4z6yNKSbfz1g==
expires
Wed, 08 Jan 2025 15:25:20 GMT
prebidVid.7.16.0_19.min.js
live.primis.tech/content/prebid/ Frame EE91 		552 KB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 13:16:41 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"657b0039-8a1f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Bu_H0Ou_4yI1dHJRUxfBBqlqKPeiG8XBRLUxwqAeczTYIhxEVrTZeg==
expires
Wed, 08 Jan 2025 15:25:20 GMT
liveVideo.php
live.primis.tech/live/ Frame EE91 		779 KB
298 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108128&cbuster=1704813920&pubUrlAuto=https%3A%2F%2Fcfw.worsebox.shop%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68859a83063cceda0ecd9582f2ede0343153cb0e490287ac9590433d5eb05d05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rXdPN1f26EUY6RNQW9o2MTnFhMRpD7hajB57Wnc1YPeuELVqiGGbqw==
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 09:00:54 GMT
server
nginx
x-amz-cf-pop
JFK50-P1
etag
W/"656ee6c6-47bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Fv8JGLABZN2WCLLUpVaaC47TYz8pzEcDYojf85dJIYWbvoK8041Xdw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame EE91 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:02:22 GMT
content-encoding
gzip
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
1379
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qf-PjvyxXApbfX7MzgwTScEN6MRQZ6rAEf0lJFngfVfGlFAd8tvT9g==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame EE91 		91 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=68_1704813920737&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fcfw.worsebox.shop%2F&ref=cfw.worsebox.shop
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d834bd13fb05ce21405cab931bea2d9cc7d65e6b551d0a0b84d45c0407e73dd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 ec0c03792167c1faa09ce29d408be53a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://cfw.worsebox.shop
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
aXq9vkqc46eyfgg-6ywfop6FaO6Bl2B2BmkiT2LbBnzXqPrSw5mhAA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsr...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsrnd=14_1704813920738&vrref=https%3A%2F%2Fcfw.worsebox.shop%2F&jsver=5.09&ckls=true&ci=fb9LdShLpP&nc=false&trid=-1689478119
Protocol
H2
Server
18.173.219.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
bCd7Lr5giwmZxFPcIK8dIrv_AbQVmB2Vrd0ZR43VQOZWX3N63I0xHA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 687f50ed8be10041d824dc8ad7bb0622.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=583426&iiqidtype=2&iiqpcid=f33c4496-5eff-4768-b4dc-8bdbece27fd4&iiqpciddate=1704813920736&tsrnd=14_1704813920738&vrref=https%3A%2F%2Fcfw.worsebox.shop%2F&jsver=5.09&ckls=true&ci=fb9LdShLpP&nc=false&trid=-1689478119
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
kThiXOYnp-Ei1Szc87mtg4PfNv78Is_QW9Wh1RBE-rLC6qyq69rlxw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame B73E 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: cfw.worsebox.shop
URL: https://cfw.worsebox.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 14:06:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 15:25:20 GMT
css
fonts.googleapis.com/ 		1 KB
517 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 14:30:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jan 2024 15:25:20 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E851 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147975
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 11 Jan 2024 08:31:36 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame E6DC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
43 B
937 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 687f50ed8be10041d824dc8ad7bb0622.cloudfront.net (CloudFront)
x-amz-cf-id
TQFfQcR_OOmeX9aSQVzJTwLz_fB7yDgziprWhM2gwi98IHFEWq912w==
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:20 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=43f4d19c-f5a4-4ef4-942d-b32921e730ce
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-id
KsPAGFMlLzWXR_P4cRWQP93IOY9OvbAGz-4ls2UcKqRPzXHGTl1hVg==
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame EE91 		67 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD01OTYzrT0mMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73a14346159939236624d7fe4f0edba3d96ae501f69dc0dd776bb4e03202afc1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7936
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
YngSkU2A6Gsiy7V191FCsBltkaqtKGrjQhtIiME-aeLVFWGVSjbHJQ==
liveView.php
live.primis.tech/live/ Frame EE91 		51 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD01OTYzrT0mMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5MvZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5cb7577e8688a4e7ed1e41d816d401ddcbe1348aa4319844abb67ddbd940b540

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7364
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
BNZTrl4mDO7TaWuklb0u4g31WHOADxDXdYJBgVbAL9yw0KK2I45AeQ==
liveView.php
live.primis.tech/live/ Frame EE91 		67 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD01OTYzrT0mMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5MlZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec2f950525260f1968ecc3abaab171db71c87414cef3d8e3570db5b2608b7cd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7933
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
MS4USfxqiZfqe0p_tahUwd_n6fGiy_cP8jRY6YSXhlLZ7-BCTpHRIg==
liveView.php
live.primis.tech/live/ Frame EE91 		67 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD0mNTAzrT0kOTpzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5MlZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85c54b99ae035c48b6975fd662d37aba12bd92d225ca040fdbba958c9ab2dbd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7930
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
aFp0zHYHpLEFE-_8BLYR7o6FqW5Ehh2rGLdRZe0hMON3zF4cP9B_kw==
liveView.php
live.primis.tech/live/ Frame EE91 		67 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD0mNTAzrT0kOTpzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5NCZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
43c5e9a6ce3274a3780cd2420679d9397f8d68eb76acaae6b1b7c960096fc082

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7930
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
IVQjSAZwjqdTAvXxsaHy9PniHwPbOaJjtFOjNq_5QWcFrjemkLF4aA==
liveView.php
live.primis.tech/live/ Frame EE91 		51 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDtmNvUlRaZcZGViXmY0MTplMwRxMWU0ZzI1NmY4ODtkMDQyMxZ2nWQ2NTyuYTIjYTVwMTElMwUlMwA1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXqPRE0lTDNnpFcHVaZYryxjTVRwrU1dUzgNV1UjWz1JMU56WTRPRGq4TURRqzRgoGgOnyU1WVqFrU1HRTFZrxV4TWcJMU1dSXqOVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01EUTNOVEV5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TxReME5dnmRNQXA5LwyfUzgeWxZspVZRTxYkQTJaN2NyYUuLRmFQYTF2OVFXNGbgUHJCUTBWZWfzqzyxX2NioaRyoaRsnWQ9NDA3NTYkMSZ2nWRsY29hqGVhqF9xZXNwPUVaZlgUo2FmqCZ2nWRsY29hqGVhqF90nXRfZT1FZ2peVG9up3QzqzyxX2NioaRyoaRsZHVlYXRco249MwYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTA1NTAzrD01OTYzrT0mMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZwZaphq29lp2Vvo3thp2uipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt2NlZaZW9Mo25aPS03OC44OTI3JaVmZXJJpEFxZHI9MwYjMvUmQWZzYmtyM0ElJTNBMTA0JTNBJTNBOCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTIjLwAhNwA5OS4kMwxeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTyxNwU2MDY3YTuuJzNvqXN0ZXI9MTpjNDtkMmxlMDx5OSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cda3ccc5c88e73caa5fd409ed1af6a15ab9bfe9afa517421f680ccaf6b553645

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
7366
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
xBuB-9vmrlh8SSkIakvo0tyZ0CKL-VtaDiEeXaI86cP-6opXeqWzVQ==
vid659aa20a5c112252205068_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ Frame B73E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068_thumb.jpg?cbuster=1704632844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
319000e77741715152e6c1e3fd0e54bff48eac116350ff33e995bff914fea535

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:41:19 GMT
via
1.1 3c84f89bba43de446e67a27b8df8b660.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
81841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3211
last-modified
Sun, 07 Jan 2024 13:08:08 GMT
server
nginx
etag
"1fc54608ddf251c44cdcec17b8ee50a9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ROKm_OlvIzr48GwCPg4wyqmfZ7DuIMpMSiKwMOnVPIgAxRi3AitCcg==
expires
Tue, 09 Jan 2024 16:41:19 GMT
vid6581972d1a487713587200_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ Frame B73E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid6581972d1a487713587200_thumb.jpg?cbuster=1702992135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c57918796429689eb261e8438f5edec56be35b3ed63d2b7d3d31db19741e1122

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 10:52:07 GMT
via
1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
16393
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3258
last-modified
Tue, 19 Dec 2023 13:23:46 GMT
server
nginx
etag
"35fcab4e6a1ecbca794d314a33340c3d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
uU-pBiZOvAdiLIqEJRxQyUXx8NBcOKFOlh8lgpy-OAhGB9Fq8qbTCw==
expires
Wed, 10 Jan 2024 10:52:07 GMT
vid657fffc282cf1930617705_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ Frame B73E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid657fffc282cf1930617705_thumb.jpg?cbuster=1702887685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
10119abe59256e7cf44039cdf30a4ab9952fdcdab36b30d4842c0cd788c9fc31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 02:15:07 GMT
via
1.1 fdcbbd5c4c7c5e8b036965d289e584e2.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
77997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3341
last-modified
Mon, 18 Dec 2023 08:22:09 GMT
server
nginx
etag
"708dcc00ca77a10f70395c9121a6d5b3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
sGfkWM3oWNimfHPDG6rrhJ_77T7EIiJ3zehLloyZRbPyv1lHbySQsw==
expires
Tue, 09 Jan 2024 17:45:24 GMT
vid656b4dfca6234383872782_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ Frame B73E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid656b4dfca6234383872782_thumb.jpg?cbuster=1701531395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
aa0ee5f3b92a7d98d18df3a77b9f32c8f501371dad2c728dee44a250f73af861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:37:46 GMT
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
8029
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2550
last-modified
Sun, 03 Dec 2023 18:25:25 GMT
server
nginx
etag
"58d3ea656942ce7de4bfca3cc94f4862"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
B-6fxUlNm3tzdAkWyrx28qW2l0tdfy7riUvmujLWQVIhffRZ9sTUKQ==
expires
Wed, 10 Jan 2024 13:11:32 GMT
vid6559dc322f70e520212075_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_625bfec435a11393558663/ Frame B73E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_625bfec435a11393558663/vid6559dc322f70e520212075_thumb.jpg?cbuster=1700387892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
28b0cc559b2f9255b9f5988e248af9c82a3e9889e21dd99bfead52fe84703797

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:26:55 GMT
via
1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
86305
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2828
last-modified
Sun, 19 Nov 2023 09:59:09 GMT
server
nginx
etag
"d9a7473b98ac076f016f8d5334f3cbf0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
cK0hw0Wtl0Q7AfJrwjr9rJfRJ3KbS36j7Ucq1HRQYNoazGc-8w13bA==
expires
Tue, 09 Jan 2024 15:26:55 GMT
liveView.php
live.primis.tech/live/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjNDtkMmxlMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MTI4JaN0YT0jJat9NTx2Jax9MmM1JaZcZF9jYXNmRG9gYWyhPWNzql53o3JmZWJirC5mnG9jJaN1YxyxPWNzql53o3JmZWJirC5mnG9jJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmAmMTJEMmAmOTVGMmEmNmqEN0I3MmMkMmYmNwM3MmEmODMlMmM3RDqCNDMmMmMjN0Q3QwUmNTxmMwVBMmM0QmZFNwQ3NwYmNxU0RTZDNTx2RDM5MmQ0QmZFNEU2RwYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmxmNwqEN0I1OTMmMmMmNTqEN0I2NwMkN0Q3QwRDMmEmMTMkMmAmMwqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lNwAlJTNBZzZwOCUmQTIyM0EkMDQyM0EyM0E4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTI5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTyxNwU2MDY3YTuuJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0kJzNwpGFDo25mZW50PTEgLS0zY2J1p3Rypw0kNmA0ODEmOTIjOTMkJaVcZD1TZWgcozRiU1BfYXyypwY1OWQ2NTYjOTNwNGYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWykJaB4nWQ9YmE4NzRuMDqwM2UjNTEmZwZxYmt5MDM5NmplNTU5NmM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8Cq0jsOFMWKMBajK9dioRhO2uUw_ctjlHVExU_Qf1VlIWUJXpXElsQ==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame EE91 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.30836.space.108128,adsize.596x335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23&google_hm=OGZlZmFhZTktOTM0MS00NjEyLWEwNzktOGYyM2VjZTY5ZTIz
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23&google_hm=OGZlZmFhZTktOTM0MS00NjEyLWEwNzktOGYyM2VjZTY5ZT...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDfNQ-iWZtse5h1f1T4FBV8&google_cver=1&ssp=sekindo&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=8fefaae9-9341-4612-a079-8f23ece69e23
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=8fefaae9-9341-4612-a079-8f23ece69e23
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
XJTIsoRiBE_wYZRb_4kjJkyZRitP8bDkk06c5wMSPONonWN8LmGcLg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=8fefaae9-9341-4612-a079-8f23ece69e23
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
VVRQvoRqjkedd-mOh3bllC5Ec4ptIBx_cjJvNHI6tI8P4umeWfesHw==
/
csync.loopme.me/ Frame EE91 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Vrz1cDgyQyXLCCDZ4M_iVtfNTNkvgNmkBZtVUBxgmNVQOqp9SOFDVw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LmsgYCc0E2p6rOrUzhbgvuDEO8QI0U6l3fz0ptNz0Sd-U_PtFUDaRg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4209301636010743935426
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4209301636010743935426
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4209301636010743935426
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
03jSKjCgt58fXp2o7hwaPOyLrprHiPzSLwaKMX1_sLtM6Ty-HYQwIg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4209301636010743935426
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KhPYOLaK2cD_p6i9jlnI6sELhRtNPS7ItMJkQaQUkXK7JPvOvamk4Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR6I6WHU-1X-BQU3&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6I6WHU-1X-BQU3
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6I6WHU-1X-BQU3
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
dGgsy6xxD_gNoNc_Jb7fg6dTgs4Sa64nJ3S_lSwNSxKEcjRs2d1AZQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6I6WHU-1X-BQU3
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mKowSnHR42r_meLUyUJbWZdRd7Fh8D37Bgxr3OMvg9_5gMyNEuop2Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
97BN8n2n8V8In5ojQVoniL_pame3rXS7kzgJ0JR365m0y396bk11Ug==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-fHZzbepE2uJ_BN0SsWOy4raaW79azzRT~A
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jiBddymHtrAUWB5ko3_gccl9cIAknOD-z6R6UA2CP3DHwjGjF9_Jvw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1bafc23b8abe4a9ba9e0b6796e05de61
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1bafc23b8abe4a9ba9e0b6796e05de61
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1bafc23b8abe4a9ba9e0b6796e05de61
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
8_btyeKC5ovuEFAyrnNTBCNl2of6lfMNrkG1wgYq5gm9kHnQgDfWIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=1bafc23b8abe4a9ba9e0b6796e05de61
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3HT2n7XHQ0mSR7qQxHHhXfbs_yd-ZkDONSoWR_T8-B_KFYLQ-lclhA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=659d656067a8a&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3478155216634401000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3478155216634401000V10
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3478155216634401000V10
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ADq_PaoaM8pPzYXdBxoE16g4tDeLAXp_3Fwo_IAzUsqckark9eE7XA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3478155216634401000V10
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
b6xBO2DbRmJ9b7Z9_GzDb-pTZkfznnaVzUoza8CwBuhZKKMg3eqANw==
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H9o9aLZHVIO7Np-3SKiEEo25
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25&ripv6=2602:ffc8:2:104::8
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25&ripv6=2602:ffc8:2:104::8
Protocol
H2
Server
18.173.219.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
hFTAxisoJGDAZcMwW_UAY-AXaZCxWw_mln1XMvcpW2a4FeKgyh2iFg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H9o9aLZHVIO7Np-3SKiEEo25&ripv6=2602:ffc8:2:104::8
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
M1maYjgfWZOMlRJUzYgsSIcbuzDSMtrt2EzaARGEAZFCjGuEIHPVDA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=8b87abe0ddb619229e78d9e03ac7d73&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=8b87abe0ddb619229e78d9e03ac7d73
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=8b87abe0ddb619229e78d9e03ac7d73
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
u8zixz9tygpXe_XsNeLnGXFUMkKcPQPlP7aW4JVApczmnYQZ-b4cog==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=8b87abe0ddb619229e78d9e03ac7d73
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Yb7fEWAiqNaAEDHK1EETpG5MfD77tCuX54mt-lIzs9kzJORdrCPUFA==
3613a31b6329d1c17d5663d05b080db1.gif
cs.admanmedia.com/ Frame EE91 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=8583501066539810264
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8583501066539810264
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8583501066539810264
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Hm2T2gh8sfFpffw3QGnjn9hbT_QWg5_fSbT4I4PbmD4kS69rJuwc-Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:20 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8583501066539810264
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vRJlMPAA2ww8qeixPsWLLYLJdKbjKVrm-gfg-wj7LsbuRmfRwZP76g==
cookie
cm.adform.net/ Frame EE91 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
server
nginx
content-length
43
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=8b979332-0a8b-4673-9e49-441e00e1ea1e&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=8b979332-0a8b-4673-9e49-441e00e1ea1e
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=8b979332-0a8b-4673-9e49-441e00e1ea1e
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
r5P77dItPOSQRfsjhuWJSrlU9LAwxjKN9LYxYal6QnWmK-v8wXPuQA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=8b979332-0a8b-4673-9e49-441e00e1ea1e
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KJoeVHUvb27Zz_OtYPATeEb71yVBoepYP_ovP--JHDR433gjpM98fg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE91
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1704813921559
  • https://ad.turn.com/r/cs?pid=45&rndcb=4271360775
  • https://sync.1rx.io/usersync/turn/7680775545455140265?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-63666236-8a18-4052-895a-7bba62bb80af-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-63...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-63666236-8a18-4052-895a-7bba62bb80af-005
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-63666236-8a18-4052-895a-7bba62bb80af-005
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-63666236-8a18-4052-895a-7bba62bb80af-005
Protocol
H3
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BU1H6PdY4QejFHFkilJfOoMAC6sa5OcKz-lR4n2GbAaz2y4Tjv2m8A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=utf-8
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-63666236-8a18-4052-895a-7bba62bb80af-005
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AE6nFq-8SE83btO5i2CBGlTE9lBA5pSmfJCZpBRA_gj5lnuWlRzM5g==
vid659aa20a5c112252205068.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.jpg?cbuster=1704632844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b9aa43571cb07d1612af573ee331a416d6671b7fcbc55d37352ed2e3cf109280

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:24:31 GMT
via
1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
64850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
29130
last-modified
Sun, 07 Jan 2024 13:08:08 GMT
server
nginx
etag
"17a5c3e6f20d23257cda594c8897174b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
At1yL57nGEbqkuEZxZQoEsKn2eMDgckza3s0-vdhLro-3k5T0JycUA==
expires
Tue, 09 Jan 2024 21:24:31 GMT
jload
pixel.adsafeprotected.com/ Frame 352A 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931599&pubId=30836&chanId=cfw.worsebox.shop&placementId=108128&pubOrder=US&custom=desktop&custom2=windows&custom3=chrome
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf4f5918ce280896a8e019f869f7b56237e7599b892f802871b4833b9f12eb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cfw.worsebox.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:13:50 GMT
x-content-type-options
nosniff
age
7891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 13:13:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B73E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cfw.worsebox.shop
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:15:11 GMT
x-content-type-options
nosniff
age
544210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 08:15:11 GMT
avjp
swasthis-d.openx.net/v/1.0/ Frame EE91 		106 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://swasthis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fcfw.worsebox.shop%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ebbd1023-6796-49ec-b640-4740eaca0e09&nocache=1704813921231&us_privacy=1---&pubcid=6306c683-7041-417c-b90e-eb78bf7b58b4&auid=545619279&vwd=596&vht=335&aucs=adUnit_3&aumfs=3900
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame EE91 		36 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=974056&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2236d08206975caf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcfw.worsebox.shop%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fcfw.worsebox.shop%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F108128%2Fcfw_worsebox_shop%22%2C%22adunitcode%22%3A%22adUnit_5%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22407dd9db16b038%22%2C%22ext%22%3A%7B%22siteID%22%3A%22974056%22%2C%22tid%22%3A%227361100d-c997-4b3a-8b63-c1e71983a771%22%2C%22sid%22%3A%22596x335%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F108128%2Fcfw_worsebox_shop%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B596%2C335%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A596%2C%22h%22%3A335%7D%2C%22bidfloor%22%3A2.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226306c683-7041-417c-b90e-eb78bf7b58b4%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e1e61ea37783350d2b5811ed3728e88261ca70721a414ebb60e4208d1702c8

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLtODGnEpH%2Fwhr%2BxrmSccUJwTsoMR4g9nIcGP6JHioaRcue4898nGT5Q2VKX5YG27PtImBLE0ic2MpUaFFldLcPYcrByNeSuxjvZZnwP%2BOsnpDbdrXb%2BNIMQCbJ2XvPDzzca2Eco"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
842db13fdde7a22e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame EE91 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cfw.worsebox.shop
date
Tue, 09 Jan 2024 15:25:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame EE91 		19 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.16.0&referrer=https%3A%2F%2Fcfw.worsebox.shop%2F&tmax=3000&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.2.10.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
accept-ch
sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent
x-auction-status
3
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame EE91 		184 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f263b2649413a341b71b2e6dd0251a97e42d298cf355e7994a295a46bfd097

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://cfw.worsebox.shop
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
vid659aa20a5c112252205068.jpg
video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.jpg?cbuster=1704632844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b9aa43571cb07d1612af573ee331a416d6671b7fcbc55d37352ed2e3cf109280

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:24:31 GMT
via
1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 6583236304db9b508d67c62740f04654.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, JFK50-P6
age
64850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
29130
last-modified
Sun, 07 Jan 2024 13:08:08 GMT
server
nginx
etag
"17a5c3e6f20d23257cda594c8897174b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
iUCh5HRoN46vjPbEJkkD-IrQ1nTdw-Jv-XnRFwJuWzi3T5yIEF3QRw==
expires
Tue, 09 Jan 2024 21:24:31 GMT
e3ef2467-90cb-4a77-8bb5-ac06e43b9981
config.aps.amazon-adsystem.com/configs/ Frame EE91 		564 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/e3ef2467-90cb-4a77-8bb5-ac06e43b9981
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.21 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
ffbf9d2a933d9dcb0f7ee68d389676f2799446d4d74dead0bd4ce495cfe5612b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:48:33 GMT
via
1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
2208
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
7v0v63jdt65xoAgJTagehNVY54RiTk-d_ASntHs7S1iH4OrLnrvuUg==
config
c.amazon-adsystem.com/cdn/prod/ Frame EE91 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcfw.worsebox.shop&pubid=e3ef2467-90cb-4a77-8bb5-ac06e43b9981
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
via
1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
LLZjoAG6VkK0JkLT_8sK7j3NGdYb8vc0CnrPDAdi9AaCi8Ipxl-1dQ==
bid
aax.amazon-adsystem.com/e/dtb/ Frame EE91 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcfw.worsebox.shop%2F&pid=owC2QnvllEX89&cb=0&ws=1x1&v=23.1211.1645&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A270%2C%22id%22%3A%22Primis_Outstream%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=e3ef2467-90cb-4a77-8bb5-ac06e43b9981&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.29 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
2RH8HZP3G64WKMTJBV2M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cfw.worsebox.shop
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
B_Jr62EgLZPtezMbKN6crW9yHj-9Ga_k2stIgRaChi8bWJIPtX6f1g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EE91 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
dnulWmvsKuEEubwfDp7W5u4GAMAuxLcmxFhyXN0MsfzyEU1nRKM9dg==
PugMaster
image6.pubmatic.com/AdServer/ Frame E851 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70159356&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0c428471f546056d81be7a3828dbcbe8ec620d974f7af9c22b30840c271f0d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 15:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 69EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 15:25:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QPA27AV4YWTR902DG3AF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 15:25:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TERV1M0J94ABEN8D66CH
Pug
simage2.pubmatic.com/AdServer/ Frame C70C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4da09d22-af03-11ee-ab4a-8536a300ad77
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4da09d22-af03-11ee-ab4a-8536a300ad77
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4da09d22-af03-11ee-ab4a-8536a300ad77
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-5
Pug
image2.pubmatic.com/AdServer/ Frame 7DC6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOVJrN0xPc3NBQUJNTUEtWWgzdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAB9Rk7LOssAABMMA-Yh3w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8583501066539810264&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAB9Rk7LOssAABMMA-Yh3w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8583501066539810264%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8583501066539810264&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AAB9Rk7LOssAABMMA-Yh3w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8583501066539810264%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8583501066539810264&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB9Rk7LOssAABMMA-Yh3w&gdpr=0
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB9Rk7LOssAABMMA-Yh3w&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:05:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 15:25:22 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB9Rk7LOssAABMMA-Yh3w&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame FDB5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ1lYQANP41nmABU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 09 Jan 2024 15:25:21 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4528-YYZ
x-timer
S1704813922.760120,VS0,VE20

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 09 Jan 2024 15:25:21 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ1lYQANP41nmABU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4528-YYZ
x-timer
S1704813922.693436,VS0,VE21
Pug
simage2.pubmatic.com/AdServer/ Frame DE2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6512890869263952158&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6512890869263952158&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:24:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f2c62937-52f0-4d10-a932-fdbb96eb8906
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6512890869263952158&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.40; 96.9.249.40; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
141
match.deepintent.com/usersync/ Frame 4DED 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:21 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame E2DF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=01f8a307-fbb1-44b0-9d34-2d4479cb6b86&user_group=1&ssp=pubmatic&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 15:25:22 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 9982
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=18lan9fJVcrMzlbN089OndWYU8vMywHK18mMmA8A
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=18lan9fJVcrMzlbN089OndWYU8vMywHK18mMmA8A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:05:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=18lan9fJVcrMzlbN089OndWYU8vMywHK18mMmA8A
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5F67
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:434yvpag1RndYJ5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:434yvpag1RndYJ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 15:25:21 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:434yvpag1RndYJ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b2538fc440df48c9@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4DF9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jan 2024 15:25:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame DB7A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bcf0a2f3-b216-40cb-a847-3f4712bfdbeb&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0380376-CB3D-473E-A4B4-770C743C62A2
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0380376-CB3D-473E-A4B4-770C743C62A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.17.237 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 09 Jan 2024 15:25:21 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 09 Jan 2024 04:24:34 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0380376-CB3D-473E-A4B4-770C743C62A2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 285B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Tue, 09 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
234922
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame FB8F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314647821382682
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314647821382682
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:35:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 09 Jan 2024 15:25:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970314647821382682
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame FE57
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
842db1438cbd4bcc-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
842db142bc774bcc-BUF
content-type
text/html
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1798
Pug
simage2.pubmatic.com/AdServer/ Frame 5808
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874890082907
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874890082907
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874890082907
Pug
image2.pubmatic.com/AdServer/ Frame 0254
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe190f85d7715459aa44daecb81c8e068
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe190f85d7715459aa44daecb81c8e068
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:38:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe190f85d7715459aa44daecb81c8e068
pragma
no-cache
server
nginx
/
csync.loopme.me/ Frame E859 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 0EA5
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=E0380376-CB3D-473E-A4B4-770C743C62A2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
43 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-id
khIhCuA-X5Vys1jlGM5InC0NF8ZrUhF_bteNGyCH63Pz31FQzsvAkA==
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-id
RBZoySJb78gaey8HMF7GkhC5OfR1eQR86rqeIUnQTRRbh0hQNhUClw==
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E851
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4DgDdss9Rz6ktHcMdDxiog%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
69.192.109.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147975
accept-ranges
bytes
content-length
5622
expires
Thu, 11 Jan 2024 08:31:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E851
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E0380376-CB3D-473E-A4B4-770C743C62A2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=E0380376-CB3D-473E-A4B4-770C743C62A2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=d4e25dcc-b704-4f3b-b9eb-16ed732d7d36%2C%2C
date
Tue, 09 Jan 2024 15:25:21 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame E851 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20E0380376-CB3D-473E-A4B4-770C743C62A2&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame E851 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=E0380376-CB3D-473E-A4B4-770C743C62A2&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTAzODAzNzYtQ0IzRC00NzNFLUE0QjQtNzcwQzc0M0M2MkEy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:39:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK9MaADWIwsbRqiXjEsRKas&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK9MaADWIwsbRqiXjEsRKas&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:37:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK9MaADWIwsbRqiXjEsRKas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E
42 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 08 Jan 2024 15:25:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=
42 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 15:25:21 GMT
server
Kestrel
content-length
355
E0380376-CB3D-473E-A4B4-770C743C62A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E851 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0380376-CB3D-473E-A4B4-770C743C62A2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0380376-CB3D-473E-A4B4-770C743C62A2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZGvlOPpE2uVvPxQSzGgbHpp4iiLg0vw-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZGvlOPpE2uVvPxQSzGgbHpp4iiLg0vw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZGvlOPpE2uVvPxQSzGgbHpp4iiLg0vw-~A&gdpr=0
date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7d38a422-21d9-43bf-ab54-a73d3f567878&gdpr=0&gdpr_consent=
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7d38a422-21d9-43bf-ab54-a73d3f567878&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 04:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7d38a422-21d9-43bf-ab54-a73d3f567878&gdpr=0&gdpr_consent=
Date
Tue, 09 Jan 2024 15:25:21 GMT
Connection
keep-alive
X-CI-RTID
5bc1efb2-79a8-43a4-9305-7d592a190082
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=111ddf4d44cc2345&is_secure=true&networkId=17100&version=1&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClpt7etLefQMbI4zoAAAAAAA&expiration=1704900321&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&...
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClpt7etLefQMbI4zoAAAAAAA&expiration=1704900321&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAClpt7etLefQMbI4zoAAAAAAA&expiration=1704900321&nuid=E0380376-CB3D-473E-A4B4-770C743C62A2&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fbe19f0-69fb-49dc-8843-9ef67bf14aa0-659d6561-5553&gdpr=0&gdpr_consent=
42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fbe19f0-69fb-49dc-8843-9ef67bf14aa0-659d6561-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9fbe19f0-69fb-49dc-8843-9ef67bf14aa0-659d6561-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E851 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.116.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365844744733744553&gdpr=0&gdpr_consent=&us_privacy=
1 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365844744733744553&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 04:37:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4365844744733744553&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame E851
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10F063B2B_37504E43&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Server
38.98.69.175 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387818721; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:21 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387818721; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 09 Jan 2024 15:25:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3512421894484483932
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3512421894484483932
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3512421894484483932
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EE91 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30312D30395F31377D7B7331363637313832337D7B4333307D7B5359325A334C6E6476636E4E6C596D39344C6E4E6F6233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583539367D7B593333357D7B66317D7B4C31313130327DFEFE&userIpAddr=2602%3Affc8%3A2%3A104%3A%3A8&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.129+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1704813920&csuuid=659d656067a8a&debugInfo=16671823_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671823&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2936qimgzrwl&secondaryContent=&x=596&y=335&pubUrl=https%3A%2F%2Fcfw.worsebox.shop%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=90&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8867&geoLong=-78.8927&vpTemplate=11102&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=1&ccpaConsent=1---&subId=default&appName=&appBundleId=https%3A%2F%2Fcfw.worsebox.shop%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Tue, 09 Jan 2024 15:25:21 GMT
main.19.8.471.js
static.adsafeprotected.com/ Frame 352A 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.471.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=30836&chanId=cfw.worsebox.shop&placementId=108128&pubOrder=US&custom=desktop&custom2=windows&custom3=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:3200:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:23:36 GMT
x-amz-version-id
X9sw1Zr8bAUw7F7sDeuDh.4SKpCYb.Kd
content-encoding
gzip
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
68506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 Jan 2024 20:21:44 GMT
server
AmazonS3
etag
W/"daac96423996349da2447fd453e5f6ab"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8gWjlo49Mw3cttVCmy6ZiHb_mfhWTzfI_xjOH94ovGtEIHTtHhvZrQ==
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 7330 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
193815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 09:35:06 GMT
expires
Mon, 06 Jan 2025 09:35:06 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame EE91 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 15:25:22 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 205E 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Jan 2024 16:17:04 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7A40 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:3200:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
14039983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cJ9gazeG0JAq0PKZxN8qwOmRfXDDN18GzKvEJV6SKXtbiZLH11aj8w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931599&pubId=30836&chanId=cfw.worsebox.shop&placementId=108128&pubOrder=US&custom=desktop&custom2=windows&custom3=chrome&adsafe_url=https%3A%2F%2Fcfw.worsebox.shop%2F&adsafe_type=abdq&adsafe_jsinfo=,id:97f6949d-f9d5-0608-3994-0037e157efda,c:M67jo,sl:inView,em:false,fr:true,thd:1,mn:jsserver-primary-5f89878557-8lgs9,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:341,mot:0,app:0,maw:0,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:VIDEO.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:477,oid:4d9902fd-af03-11ee-ba71-9a7225ffedea,v:19.8.471,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
nginx
x-server-name
app06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67k0,pingTime:0,time:514,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:596,h:335,t:476%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:514,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:475,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B169~100%5D,as:%5B169~596.335%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:477%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67kz,pingTime:-2,time:549,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:728,beZ:730,mfA:1069,cmA:1070,inA:1070,inZ:1075,prA:1075,prZ:1195,si:1204,poA:1205,poZ:1224,cmZ:1225,mfZ:1225,loA:1265,loZ:1266,ltA:1274,ltZ:1274,mdA:730,mdZ:890%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:596,h:335,t:476%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:549,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:475,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B204~100%5D,as:%5B204~596.335%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:VIDEO.qs,siq:477,slid:%5BVideo-iFrame-SekindoSPlayer659d656093c4f,Video-Div-SekindoSPlayer659d656093c4f,Player-Div-SekindoSPlayer659d656093c4f,primis_playerSekindoSPlayer659d656093c4f,primis_container_div,primisPlayerContainerDiv,post-128877,main,primary,inner-wrap,wrapper%5D,sinceFw:70,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ads
securepubads.g.doubleclick.net/gampad/ Frame 7330 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F111851082%2FPrimis_Desktop_Plus_Android&description_url=https%3A%2F%2Fcfw.worsebox.shop%2F&env=vp&correlator=2085428869333841&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dcumbfo&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2595571460&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=64AE6DAD-18CE-4D7E-8587-F89FF8B4AE1C&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fcfw.worsebox.shop%2F&url=https%3A%2F%2Fcfw.worsebox.shop%2F&dt=1704813922283&cookie_enabled=1&scor=1129394946028427&ged=ve4_td2_er286.-2570.439.-2270_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame EE91 		135 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cfw.worsebox.shop
date
Tue, 09 Jan 2024 15:25:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame EE91 		0
0
id
id.crwdcntrl.net/ Frame EE91 		75 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.53.186 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
95028f7c7c5a364bebcc6d03836395344246227c6dd75a30fad00b87d473c6fc

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
no-cache
x-server
10.40.52.118
access-control-allow-credentials
true
content-length
75
expires
0
rid
match.adsrvr.org/track/ Frame EE91 		108 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
b77b46d5c51115538995a11cc38fad6f6bb5bfcf42c80420360b3ccf2f8f2252

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://cfw.worsebox.shop
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 08 Feb 2024 15:25:22 GMT
sync
eb2.3lift.com/ Frame 23BC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbba0c613af3356697dbba64c51106a1c0921c28754623e866a1220bab68859f

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:22 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame EBA0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
206
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
842db1498d3239f2-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 15:25:22 GMT
expires
Tue, 09 Jan 2024 19:25:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9B68 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 15:25:22 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6DAA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160602&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147974
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 15:25:22 GMT
expires
Thu, 11 Jan 2024 08:31:36 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 3CFB 		880 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
32029d6e16d526738d92228efb0c40f1527a59075c9272c331602c3d977e1c01

Request headers

Referer
https://cfw.worsebox.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
550
content-type
text/html
date
Tue, 09 Jan 2024 15:25:22 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67qT,pingTime:-10,time:941,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704813922670%7C%7C0f8d26854a21ccb220bd9ad48d7ea3bf%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7Cc6948c393cb65db8b937c54554819eeb%7C%7C7ea3275a7677916d4e8fcdc819555fb8%7C%7C2c4608ac82df5468ab421b22221c4032%7C%7C071da27b1b08d214bcf59bcbc5bfb404%7C%7C90b083d043cf332c445108e5296cff50%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 7330 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr6i6x2y&c=5317592403672&slotId=2658796201836&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1806720e-a05f-4a86-aa00-7e1e77d0234b&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1806720e-a05f-4a86-aa00-7e1e77d0234b&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=1806720e-a05f-4a86-aa00-7e1e77d0234b&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 15:25:22 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPVWg_55jztDMVDcQ-yqaBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPVWg_55jztDMVDcQ-yqaBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPVWg_55jztDMVDcQ-yqaBU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 23BC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDIwOTMwMTYzNjAxMDc0MzkzNTQyNg%3D%3D
date
Tue, 09 Jan 2024 15:25:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 23BC 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4209301636010743935426&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 942338AC350947EF87FAED0176E35E04 Ref B: NYCEDGE1707 Ref C: 2024-01-09T15:25:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOhOxR3cLq+jho/7bpCg==
xuid
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4209301636010743935426?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-TFRgHxRE2oQ9KSRYxMi1dq0UThMC.ZAXfwHMOj34NA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TFRgHxRE2oQ9KSRYxMi1dq0UThMC.ZAXfwHMOj34NA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 09 Jan 2024 15:25:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TFRgHxRE2oQ9KSRYxMi1dq0UThMC.ZAXfwHMOj34NA--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4209301636010743935426&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=8fefaae9-9341-4612-a079-8f23ece69e23&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=dd9105ad-3cd3-48ae-95cc-8070b22b771b&ssp=triplelift&expires=30&user_group=5&bsw_param=8fefaae9-9341-4612-a079-8f23ece69e23
  • https://eb2.3lift.com/xuid?mid=2409&xuid=8fefaae9-9341-4612-a079-8f23ece69e23&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=8fefaae9-9341-4612-a079-8f23ece69e23&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=8fefaae9-9341-4612-a079-8f23ece69e23&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 09 Jan 2024 15:25:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 23BC 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
225984
expires
Tue, 09 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 23BC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6512890869263952158&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6512890869263952158&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 15:25:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
an-x-request-uuid
de5bb229-ca17-4b92-a5d1-2bb8d1bff10e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6512890869263952158&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.40; 96.9.249.40; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 23BC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4209301636010743935426
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
an-x-request-uuid
eb2cf8ce-878a-4bdd-8b89-7475ea46517b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CFB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ1lYQANP41nmABU
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ1lYQANP41nmABU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4528-YYZ
pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704813923.842883,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ1lYQANP41nmABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
20965168-294e-e44e-e19f-33ff32f8be92
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3CFB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/20965168-294e-e44e-e19f-33ff32f8be92?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:bfa:a46e:1266:8631 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 3CFB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ec874b51-a548-cdfd-1046-a79da59cb83b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5XCQDJCEMFKD901V9A3M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CFB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0&gdpr_consent=
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1806720e-a05f-4a86-aa00-7e1e77d0234b&ttd_puid=b451372c-b9e2-7607-d048-250acdaf73db&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 15:25:22 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 3CFB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTgzZWU0ZTYtNzA5NS0yOGEzLWM1YTgtN2ZiMzA3NGRiZGJi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3CFB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7QvoPAAWJFJN1PrbObAE0&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7QvoPAAWJFJN1PrbObAE0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM7QvoPAAWJFJN1PrbObAE0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9B68 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 15:25:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22339
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7146 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
25097605cc60ccc9922f45d79022e75caa9ea094545417a4418ea800c053dfae

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842db14a1e9b36fa-YYZ
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 15:25:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBZD8VNmkcIoOnvMmunBsMSN%2F9kzld0jHy2WCZzXqYex8OXwykObUnH3Y5wppSdKnOgKiG706XPa3uYT4wy6xBTNWOiTPVCZHJTVsx8cmNPWrU6SVZR%2BA0d3An341AZi3%2B9qBHpptRMQSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 9B68 		7 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
961e708718863ce5d2a91761d33d869a
Expires
0
v1
lb.eu-1-id5-sync.com/lb/ Frame EE91 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2facaf6dae2d5feb7fc52e6ebd4c34b3161e79034a567212af4b2864ccfb606
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cfw.worsebox.shop
date
Tue, 09 Jan 2024 15:25:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
35759
i6.liadm.com/s/ Frame 7146
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c9ba7fcdaa424aa7b30e4b21915eccb5
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4365844744733744553
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 15:25:23 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1806720e-a05f-4a86-aa00-7e1e77d0234b
Date
Tue, 09 Jan 2024 15:25:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
rum
dsum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&expiration=1707405922&gdpr=0&gdpr_consent=
43 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&expiration=1707405922&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArjI3FMnlsbOjVP9XemYehoEXM55y0CtE6IYuD2VDVpEh80sAV%2BzV5JKfd5amMk1hFd8RVgbM8nOtn1hP%2BJtu6WprncgCmzP2OrjxYm8ZM4UHvlcj1Z8sRJKEYfkvMhbYmQ8yjictV02ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14abf1da22e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1806720e-a05f-4a86-aa00-7e1e77d0234b&expiration=1707405922&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 15:25:22 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ1lYTiHX4MGolsQyGFzvQAADbwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMA3dQaKTTmSWcUtm05sgu4&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMA3dQaKTTmSWcUtm05sgu4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnNkc3BnC7K8UdLE4JAPsHPcJStQFHwkHlUS2VQmAJBgMSIfOAi40JxgJF0NGdGOOWGpqZMR3vEhmiL%2B4G57982UD5ntvQh8h%2FEeWeR9sOMyXL4OEzjLqchJQJZp0ODxGXZm2TxBo4OdjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14acfd536fa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMA3dQaKTTmSWcUtm05sgu4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ1lYTiHX4MGolsQyGFzvQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC9mYb-_kt-mF1z6SyrKnws&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC9mYb-_kt-mF1z6SyrKnws&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYsnzCa0fEn8lMHrXw621UU%2FN0YGDwNF57h9SLR8r64DA54rhKkW80f1wh%2F23E%2FIuotYZzuC2hGUu5zjLdms%2Fo0%2FCtbpgEuiCmGJATmadztWc4IQviXsBWVXtrCAZlBqYmvowGR7NguIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14b289436fa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC9mYb-_kt-mF1z6SyrKnws&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8583501066539810264&gdpr=0&gdpr_consent=
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8583501066539810264&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFPh4oPJMj1%2BuY3i9imkFFjcke7mwAxV%2FCsM%2FqF%2BO79ZVdKIwfu6BkWEkn3qVOrZEZSkiuN6l83zKPKP36DTQTkTArTqCsF0UnKcEAZ6LdRl%2FB6%2FQAt7zaBbkx4gc9WGZYYdU1EWdDA8UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14c2a7136fa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8583501066539810264&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 15:25:22 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Vw2tw1wOS2MLMFyeMp4c6bGRTRUc14dQF5TzrLVsnj4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Vw2tw1wOS2MLMFyeMp4c6bGRTRUc14dQF5TzrLVsnj4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7jH4IdF2TE4nYTn5sPA%2FTNNacmEhYyhX9Cu99qXSvSe%2BZr55H0udGPNjunfgmIT%2BxZASx0ePQOYc3HY7ZktVRRyW9BQAYJL8hINAynMTe5PvPQruhiu8eC7qRp9GO352WY2T6bjWSsrmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14f0ff736fa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Vw2tw1wOS2MLMFyeMp4c6bGRTRUc14dQF5TzrLVsnj4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ1lYTiHX4MGolsQyGFzvQAA%263516&tc=1
pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT, Tue, 09 Jan 2024 15:25:23 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7146
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087333156153
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087333156153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwbgjX9R46heSdcuhV70GVrazCyhXeYfHbPRwPUZn4RGzcdYHyFV%2FulXcJ2Kq0vrGW6QeUob5FpbKnVljZG3lROWbSnEAyKqLhJTrpoh31geiuTOQhsweBhSqM8ezMziD5p6DGuckbOc9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14b28a936fa-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3360
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662087333156153
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
842db14a885f4bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 7146
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_40ec9063d09f4fbba1759
43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_40ec9063d09f4fbba1759
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixk2vBORslbo8R%2BQ2hJ7Meyb5Hf7h3K4nOemGBbDPomUybabfqX277SbvcBP93CjHnOx5VyjVZbao6D%2BWviXct4k1VZjiXcrLVAjaAhgvWS%2BM%2FXCmi3grVxUtKleQ%2BxNsz4uHeQ2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842db14acf3ba22e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_40ec9063d09f4fbba1759
date
Tue, 09 Jan 2024 15:25:22 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7146 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZ1lYTiHX4MGolsQyGFzvQAA%263516
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcfw.worsebox.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
15686
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
842db14a8f4039f2-YYZ
content-length
43
expires
Wed, 10 Jan 2024 15:25:22 GMT
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		278 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1e08428899aa0ab4f1bd4f27b9f76aca4390fa99da13caa2ab5dedfbde4fe165

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 13:41:03 GMT
via
1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
6264
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
278
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"bf6e3a4ae71980ddab30a265c1e70cab"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
MSRZolH17F8i1_DmZT2n4S9PR6uso5867Pm7MG-v0-dZOQx8WzUnEg==
expires
Wed, 10 Jan 2024 13:40:58 GMT
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		417 KB
418 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
88f6f4a883bef778ddd80d476bdf323e8ff1fa8617e45f14ffad0257e9bb1778

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:00:19 GMT
via
1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
5104
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
427324
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"fa832238c151df648b1d1768d1521822"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
heo4yRZbAC5uiNxKO2tkfrNfhfWvLJhzV2ClQ_W-a6dtGjuW9z3MsQ==
expires
Tue, 23 Jan 2024 14:00:19 GMT
1b8a0731-b237-4bde-8f82-944e6cc8e05a
https://cfw.worsebox.shop/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cfw.worsebox.shop/1b8a0731-b237-4bde-8f82-944e6cc8e05a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
tap.php
pixel.rubiconproject.com/ Frame 9B68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=&expires=30
42 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1806720e-a05f-4a86-aa00-7e1e77d0234b&gdpr=0&gdpr_consent=&expires=30
date
Tue, 09 Jan 2024 15:25:23 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 9B68
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjIzNGI0YzE2ZDIyZDA2YzQ3MTIwMzNmMzFiYTczMmNhOWZiMTNiNw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjIzNGI0YzE2ZDIyZDA2YzQ3MTIwMzNmMzFiYTczMmNhOWZiMTNiNw&us_privacy=1---
Protocol
H3
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjIzNGI0YzE2ZDIyZDA2YzQ3MTIwMzNmMzFiYTczMmNhOWZiMTNiNw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
961e708718863ce5d2a91761d33d869a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9B68
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Z_BgDtoTb-scuUuByNSFA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0Z_BgDtoTb-scuUuByNSFA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0Z_BgDtoTb-scuUuByNSFA
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0ER39JQDEM58N8J4QFMZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0Z_BgDtoTb-scuUuByNSFA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9B68
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6I6WHU-1X-BQU3&us_privacy=1---
0
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6I6WHU-1X-BQU3&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:22 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: AEF914891FF64B41B7D795769FE3CBAD Ref B: NYCEDGE1707 Ref C: 2024-01-09T15:25:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOhOxR7ka4ymXDlPhxvw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6I6WHU-1X-BQU3&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
961e708718863ce5d2a91761d33d869a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9B68
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2STZXSFUtMVgtQlFVMw==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAGgpVuxRrvqGJXL_4JfwOY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2STZXSFUtMVgtQlFVMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2STZXSFUtMVgtQlFVMw==&google_push=
Protocol
H3
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2STZXSFUtMVgtQlFVMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9B68 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CRS82YPZ0XT909K1MS3Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LR6I6WHU-1X-BQU3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR6I6WHU-1X-BQU3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6FZH0JM7WAA788FFYJD2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR6I6WHU-1X-BQU3&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9B68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7mOi_YtHwwp-BzBAyyRwc&google_cver=1
42 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7mOi_YtHwwp-BzBAyyRwc&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7mOi_YtHwwp-BzBAyyRwc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9B68
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W-6xijOSCaTTmbZgbiwV68n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JNN6qtpE2oJP1oif5wDhfEQFtYZsxvMCc8BeBw--~A
42 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JNN6qtpE2oJP1oif5wDhfEQFtYZsxvMCc8BeBw--~A
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 09 Jan 2024 15:25:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JNN6qtpE2oJP1oif5wDhfEQFtYZsxvMCc8BeBw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 9B68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB9Rk7LOssAABMMA-Yh3w&expires=30
42 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB9Rk7LOssAABMMA-Yh3w&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB9Rk7LOssAABMMA-Yh3w&expires=30
Date
Tue, 09 Jan 2024 15:25:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
842db14e1b83a24a-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LR6I6WHU-1X-BQU3&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
842db14dbacda24a-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6I6WHU-1X-BQU3&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6I6WHU-1X-BQU3&us_privacy=1---
Protocol
H2
Server
34.236.67.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6I6WHU-1X-BQU3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6I6WHU-1X-BQU3&us_privacy=1---
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Protocol
H2
Server
147.28.146.89 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:25:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
merge
ce.lijit.com/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LR6I6WHU-1X-BQU3&us_privacy=1---
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR6I6WHU-1X-BQU3&us_privacy=1---
Protocol
HTTP/1.1
Server
23.92.190.74 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 15:25:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR6I6WHU-1X-BQU3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
cksync
hb.yahoo.net/ Frame 9B68
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6I6WHU-1X-BQU3&redir=true&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6I6WHU-1X-BQU3&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OWDVfRUM1RTJ1R0Zia1ZyUVZVNVhWa1JDZUhpb2RFeH5B&ovsid=LR6I6WHU-1X-BQU3&dpid=58160&us_privacy=1---
57 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OWDVfRUM1RTJ1R0Zia1ZyUVZVNVhWa1JDZUhpb2RFeH5B&ovsid=LR6I6WHU-1X-BQU3&dpid=58160&us_privacy=1---
Protocol
H2
Server
23.55.235.227 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 09 Jan 2024 15:25:23 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 09 Jan 2024 15:25:23 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OWDVfRUM1RTJ1R0Zia1ZyUVZVNVhWa1JDZUhpb2RFeH5B&ovsid=LR6I6WHU-1X-BQU3&dpid=58160&us_privacy=1---
date
Tue, 09 Jan 2024 15:25:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 9B68
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6I6WHU-1X-BQU3&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Protocol
H2
Server
68.67.179.87 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
an-x-request-uuid
8218bb5d-a9b4-4ce8-b369-03c35b8ec29c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6I6WHU-1X-BQU3&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
liveView.php
live.primis.tech/live/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTpjNDtkMmxlMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MTI4JaN0YT0jJat9NTx2Jax9MmM1JaZcZF9jYXNmRG9gYWyhPWNzql53o3JmZWJirC5mnG9jJaN1YxyxPWNzql53o3JmZWJirC5mnG9jJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lNwAlJTNBZzZwOCUmQTIyM0EkMDQyM0EyM0E4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTI5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTyxNwU2MDY3YTuuJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0kJzNwpGFDo25mZW50PTEgLS0zY2J1p3Rypw0kNmA0ODEmOTImMTU0JaVcZD1TZWgcozRiU1BfYXyypwY1OWQ2NTYjOTNwNGYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGY2Z3LaqipaNyYz94LaNbo3AyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWykJaB4nWQ9ZDyuZDyzOTE4MmRwZDByYzY1NWZzNTE0YTZzNDE2MWM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23cb:e000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
server
nginx
age
0
x-amz-cf-pop
JFK50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9TK0rYkB2YO9Fu5V3YdZY_VZsOt-aNRfW3Xn8bSFlXd_eISQrdDMIA==
csi
csi.gstatic.com/ Frame 7330 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr6i6xm2&c=5317592403672&slotId=2658796201836&ghmsh_eids=44733246%2C44772139%2C44777649%2C44781409%2C44804291
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		388 KB
388 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5e1d0884bb00bbf0552880cec6c008504130ec16abd5ad800fa09eb4afb75152

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:00:25 GMT
via
1.1 90ac509e6263ee9fa7bb3f1ed1f46118.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
5100
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
397056
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"3fb6f12484ee89f0ca02e41d22830e0d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
6WtfDDC35pOAPq55XgqwnY70MRyW1IS0m2fayg3ujFWnxyOg54Ui7w==
expires
Tue, 23 Jan 2024 14:00:22 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67Aa,pingTime:1,time:1516,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:596,h:335,t:476%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1516,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:475,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1171~100%5D,as:%5B1171~596.335%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:88,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:477,sis:569%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67Ab,pingTime:1,time:1517,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:596,h:335,t:476%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1517,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:475,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1172~100%5D,as:%5B1172~596.335%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:88,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:477,sis:569,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=97f6949d-f9d5-0608-3994-0037e157efda&tv=%7Bc:M67Ab,pingTime:1,time:1517,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:596,h:335,t:476%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1517,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:475,wc:0.0.1600.1200,ac:430.286.596.335,am:a,cc:430.286.596.335,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1172~100%5D,as:%5B1172~596.335%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:88,fm:u0SBtDA+1*.931599%7C111%7C12%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c%7C13d%7C13e%7C13f%7C13g%7C13h%7C13i%7C14%7C15%7C16%7C17,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:477,sis:569,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f9e3:91a:8408:ef72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:23 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
212.json
id5-sync.com/g/v2/ Frame EE91 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f7e201376ea05e991954034d993532b35f4ed656bbf9ced2cfa7b92873f5d4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://cfw.worsebox.shop/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cfw.worsebox.shop
date
Tue, 09 Jan 2024 15:25:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		484 KB
485 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b29127ce9ae8b0ce73dcf71ed3950d43674063068df2ae515f8cfcec027a9a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:00:28 GMT
via
1.1 4ae0902ea4e10dc74700d1753a74440a.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
5099
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
495944
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"8c38c6fef30f0a5072dc4dc3fd0295e5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
i_zMzEqXSJq1B9bLpr3nLhS3S4bpuw6BdtlCmchjAzsPzxpA9njVLw==
expires
Tue, 23 Jan 2024 14:00:23 GMT
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		519 KB
520 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c9e570f954cad0238d32209fe96ee4fef17842d9c53fa996c97e4ff91dde669c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:00:33 GMT
via
1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
5099
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
531476
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"ccff3f1b237aeca4c1d3821a9087b0d0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
4MpsrWXNh7flAMGvg-JamxUZuCggyarhidxo-ScGiWRdNcdqbIZFYQ==
expires
Tue, 23 Jan 2024 14:00:23 GMT
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/ 		123 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/30836/video_6417224d1e4fb576888104/vid659aa20a5c112252205068.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2511:e00:1:6448:6d00:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ed382ccc527c02533d8b900f80dbe32494020c1d09109f4dcd31878ef4d0b9c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cfw.worsebox.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:00:34 GMT
via
1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront), 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
age
5099
x-amz-cf-pop
IAD55-P3, JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
125960
last-modified
Sun, 07 Jan 2024 13:09:09 GMT
server
nginx
etag
"b23739daf6a0fc193823b8b7655b5dba"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
EHqxpPe8OOpdTdTNOyiZUcncoDPysI_BRxscrFtjwNIbDDhdRdjH0A==
expires
Tue, 23 Jan 2024 14:00:23 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E851 		0
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 04:39:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame E851 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81806938&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7f9448f7f7d44ea172a8cf037d5957c3409139bff949bf53bf1c3b97b23b789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 15:25:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8D07
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80a1659d-6564-4d00-80d0-2f1145ad7f20&gdpr=0&gdpr_consent=
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80a1659d-6564-4d00-80d0-2f1145ad7f20&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 09 Jan 2024 15:25:24 GMT
Expires
Tue, 09 Jan 2024 15:25:23 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x56 config_version:"1604"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:80a1659d-6564-4d00-80d0-2f1145ad7f20&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 3B16
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=8rG9Hmw1DsSyD2FcZWWdZQ
42 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=8rG9Hmw1DsSyD2FcZWWdZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 04:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:25 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=8rG9Hmw1DsSyD2FcZWWdZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame DE49
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8684363748
  • https://sync.1rx.io/usersync/tradedesk/1806720e-a05f-4a86-aa00-7e1e77d0234b
  • https://sync.targeting.unrulymedia.com/csync/RX-63666236-8a18-4052-895a-7bba62bb80af-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-63666236-8a18-4052-895a-7bba62bb80af-005
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-63666236-8a18-4052-895a-7bba62bb80af-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 09 Jan 2024 15:25:24 GMT
etag
RX636662368a184052895a7bba62bb80af005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-63666236-8a18-4052-895a-7bba62bb80af-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pubmatic
ad.mrtnsvr.com/sync/ Frame 37BD 		0
0
cm
ipac.ctnsnet.com/int/ Frame D056 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 2060 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 15:25:25 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-0c85096a5aa8@version_1.579v2
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 31F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 09 Jan 2024 15:25:25 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame F54E
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7581003241959651180&uid=Q758100324195965...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581003241959651180
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581003241959651180
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=57995
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Tue, 09 Jan 2024 15:25:24 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581003241959651180
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 6725
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 04:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 09 Jan 2024 15:25:24 GMT
expires
Mon, 08 Jan 2024 15:25:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:89AE7F0EB9C74984A9C0D6D9ED78EC4E&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame C52F
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=E0380376-CB3D-473E-A4B4-770C743C62A2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
43 B
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:26fa:8a00:1b:6b7d:2300:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 15:25:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
x-amz-cf-id
4qUPJU0thxmN3PW0E5wNmgffPdF_TD9nqW-iEMlGyEA26fqt814bhg==
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 15:25:23 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=E0380376-CB3D-473E-A4B4-770C743C62A2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-id
pZ5go-pxr8TquRHMYpX8HEaN-5IZTsPm3SGZO_0nBmXkBdJPsvrK3A==
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
insync
thrtle.com/ Frame E851
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a05fbbe-8181-48a2-b341-6c000a3c7ae8
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a05fbbe-8181-48a2-b341-6c000a3c7ae8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
34.234.194.189 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 09 Jan 2024 15:25:24 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=E0380376-CB3D-473E-A4B4-770C743C62A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a05fbbe-8181-48a2-b341-6c000a3c7ae8
date
Tue, 09 Jan 2024 15:25:24 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame E851 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame E851 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 15:25:24 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame E851 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=E0380376-CB3D-473E-A4B4-770C743C62A2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.29.135 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 09 Jan 2024 15:25:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E851
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8ac1c7ae-7472-4074-97c4-9b3a70386b6b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8ac1c7ae-7472-4074-97c4-9b3a70386b6b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 15:25:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8ac1c7ae-7472-4074-97c4-9b3a70386b6b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 09 Jan 2024 15:25:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.indianhealthyrecipes.com
URL
https://www.indianhealthyrecipes.com/wp-content/plugins/kadence-blocks/includes/assets/images/masks/circle.svg
Domain
www.indianhealthyrecipes.com
URL
https://www.indianhealthyrecipes.com/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture undefined| href function| __h82AlnkH6D91__ object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| RocketPreloadLinksConfig object| kadenceConfig object| MailPoetForm function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive string| ai_recaptcha_threshold string| ai_recaptcha_site_key number| ai_lazy_loading_offset string| ai_ajax_url object| ai_rotation_triggers boolean| ai_lists object| host_regexp boolean| ai_ip string| ai_data_id function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| u function| y function| v function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_load_blocks function| ai_process_wait_for_interaction function| ai_process_check_recaptcha_score function| ai_process_delayed_blocks function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_process_ip_addresses boolean| ai_js_code object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe number| ai_interaction_timeout number| ai_delay_tracking boolean| ai_ip_data_requested function| __p4qa8r1lb17__ string| cHViLTc3MjkxNzQzNDkzNjg1NDk= function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent687 function| arrive function| unbindArrive function| leave function| unbindLeave

1 Cookies

Domain/Path Name / Value
.primis.tech/ Name: csuuid
Value: 659d656067a8a

8 Console Messages

Source Level URL
Text
javascript error URL: https://cfw.worsebox.shop/
Message:
Access to image at 'https://www.indianhealthyrecipes.com/wp-content/plugins/kadence-blocks/includes/assets/images/masks/circle.svg' from origin 'https://cfw.worsebox.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.indianhealthyrecipes.com/wp-content/plugins/kadence-blocks/includes/assets/images/masks/circle.svg
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://cfw.worsebox.shop/
Message:
Access to fetch at 'https://www.indianhealthyrecipes.com/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city' from origin 'https://cfw.worsebox.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.indianhealthyrecipes.com/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20E0380376-CB3D-473E-A4B4-770C743C62A2&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://cfw.worsebox.shop/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://cfw.worsebox.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ap.lijit.com
api.intentiq.com
api.rlcdn.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cdn.indexww.com
ce.lijit.com
cfw.worsebox.shop
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.turn.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gocm.c.appier.net
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mb9eo.publishers.tremorhub.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
swasthis-d.openx.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
syncv4.intentiq.com
t.adx.opera.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
video.primis.tech
www.indianhealthyrecipes.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cs.admanmedia.com
csync.loopme.me
www.indianhealthyrecipes.com
104.18.41.104
104.36.115.111
108.139.54.29
141.95.33.120
142.250.65.226
147.28.146.89
15.197.193.217
151.101.130.49
162.19.138.116
162.55.120.196
172.105.199.172
172.64.149.180
172.64.151.101
173.231.178.85
18.173.132.21
18.173.132.98
18.173.219.124
18.215.116.242
18.238.64.130
185.167.164.39
185.184.8.90
188.166.17.21
195.5.165.20
198.148.27.131
199.38.167.131
2001:4860:4802:32::3
207.198.113.88
209.54.182.161
216.200.232.253
23.105.12.137
23.195.76.23
23.47.170.102
23.55.235.227
23.73.245.216
23.83.76.101
23.83.76.84
23.92.190.68
23.92.190.74
2600:141b:1c00:26::17ce:acb7
2600:1f18:1aca:4282:f9e3:91a:8408:ef72
2600:1f18:4e9:5a02:bfa:a46e:1266:8631
2600:1f18:612b:4264:b711:868:5175:f82d
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2600:9000:23cb:e000:1a:5235:f980:93a1
2600:9000:247b:3200:8:48e:53c0:93a1
2600:9000:2511:e00:1:6448:6d00:93a1
2600:9000:26fa:8a00:1b:6b7d:2300:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:3034::6815:2392
2606:4700::6812:18ad
2606:ae80:1471:12::440
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2002
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
3.225.218.10
3.229.81.23
34.111.113.62
34.225.109.145
34.234.194.189
34.236.67.173
35.186.193.173
35.210.53.219
35.211.178.172
35.236.220.17
35.244.159.8
35.71.139.29
37.157.5.133
38.98.69.175
40.76.134.238
52.2.10.131
52.2.41.65
52.20.53.186
52.45.176.159
52.73.29.135
52.95.115.255
54.165.177.33
54.211.17.237
54.225.192.239
54.227.205.3
54.243.90.71
63.251.28.133
68.67.179.87
69.173.151.96
69.192.109.53
69.194.240.13
69.90.254.78
74.119.119.150
8.18.47.7
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
82.145.213.8
008c07066f24a38a6bb02377be457fcfc6c7fd4f4e5a7044fdbb3f65fcfb7d48
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
020409f518592fdc3cbcaaadaaa97c6e65974990f4fd3fdf931dd2713ebbb55b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
0903c47e44202c72ad2ee0563b2a05b063bf3cacfe050a4ce5775658e680cab9
0a6b42bba7d76621b60cf6557976c1479e387d3378b400bc822645b7132fd1d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10119abe59256e7cf44039cdf30a4ab9952fdcdab36b30d4842c0cd788c9fc31
153e0313d97fa05688d7fcf2a4e9ed9142f0ac752b725507b6fe4e03154fea24
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ae19446fb60464f752f8709526ae55bcefd00f54dd4259ff32db4225018dc1a
1dbce60a6099959e03fb3def860ba18aad0c8e274eb92586be64f382c4c872aa
1e08428899aa0ab4f1bd4f27b9f76aca4390fa99da13caa2ab5dedfbde4fe165
1efc21318732172389b2ad55bb658a4938e10359ca6e6c752f74a8be68510b3a
1f11f25b77a04d6590d6574a8fd8d793cef8e56d245e01225471b1b64dc2df47
1f4556acf5ba2fa4e11a9055c033388701569aa68ead27d5cdc6020d74a0126c
215757f2e9abef94921bcde5a790b8a95f3ef7b7d6425319ca8ebd35a8aeed37
25097605cc60ccc9922f45d79022e75caa9ea094545417a4418ea800c053dfae
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
287f8fbfed38508f4db2e8971e73409f263ce229e7ad4ea80f0e3733888eafa9
28b0cc559b2f9255b9f5988e248af9c82a3e9889e21dd99bfead52fe84703797
2cad94a55b854c2153240c20d52d9510f32e23a7ab6bb76f821a8c33dda1d68a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7e201376ea05e991954034d993532b35f4ed656bbf9ced2cfa7b92873f5d4f
319000e77741715152e6c1e3fd0e54bff48eac116350ff33e995bff914fea535
32029d6e16d526738d92228efb0c40f1527a59075c9272c331602c3d977e1c01
333b5a28762aa06e8ad9a7a0dbc1d4f4f4bd021392a58819596fbcab40db1401
34274ae3d1935bf5d55cd8f174a95f6d5e8c5a7919debc3e044b4ca95abfdf13
35f4e5a014aa2d6c72b9e6ea5371ef127c6d898324306d62b998698b4907bb30
36200b68d370cfd4dd9495b4fd5d1332b376b929db2b970af6360c71f1950813
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b9edcb298afc43600f6134ebcc91806d5edc5eedc986b59b745b57d3fcebda
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
3dd456bad80811f7d0cb8dc18b998d9dc5dd305fb53b2d0802a02425c7a04bac
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
40b211a9e539c17ad65f8dccf4257e0af53acf230d3ca5fc5722d2fea313e307
41fc3840f3a3b2aaa7e00b1c6f004badca25baa1f9a0af679df5fed657332e77
43c5e9a6ce3274a3780cd2420679d9397f8d68eb76acaae6b1b7c960096fc082
445c133ef666ae3c22cf175a80fc8a854081c221b935aa361719280faf201b71
4873536e372f230c946244af86c3762f9f8b5635cc384e29f66c394a99636ed7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a5f2fff965747e91c1219cfbf3858091028b3ffb1b03cb80bb54bdf0d239573
4aa45dc8488f421b48890e9c830c53655f71492d6738509ed69a3783815177f1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bda402e279d970104a9b09ee8571b5fb56e74ce606c0cd1fcc3a3cbd0e7fe1e
4c214c57dfbe0d7a146c91040e7407bff6a5757b7adc7c35c0560b578aa68ba6
4d779a57500f376991cd9a31647ee9ccfd3c597d0a992ad0fe1ea1e55d7f759f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8
5cb7577e8688a4e7ed1e41d816d401ddcbe1348aa4319844abb67ddbd940b540
5da5d7a7f9ba6e780472cbd07af5caab487cd660409aafd1f6020f6c6e4b271b
5e1d0884bb00bbf0552880cec6c008504130ec16abd5ad800fa09eb4afb75152
5e95ede81bbddf1b3f573c8ab7d4cdc859b560adbc5eb0f5afd4030ddc02b697
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
68859a83063cceda0ecd9582f2ede0343153cb0e490287ac9590433d5eb05d05
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73a14346159939236624d7fe4f0edba3d96ae501f69dc0dd776bb4e03202afc1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7ab8820126f70048a8e4ec0d8e002047d020fc906e28b06880c27e7453910873
7d0293baad4290303d2e3bf4763c73f9a655a86b689eff091d209472ecb6037b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
850da7f4c84bb8d9b29b9f2e58104f56ed75912499e9a774d20386e6375b2e56
85c54b99ae035c48b6975fd662d37aba12bd92d225ca040fdbba958c9ab2dbd2
86f263b2649413a341b71b2e6dd0251a97e42d298cf355e7994a295a46bfd097
88f6f4a883bef778ddd80d476bdf323e8ff1fa8617e45f14ffad0257e9bb1778
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f3b7c7108296ce9322f9f9d99621333185afbb5ce836a70198cdc1a9428c71e
91a490566c8666fabb0f6273f0e9a75dd1fb15ad4d0793aa1c1cdb8787e2cd01
95028f7c7c5a364bebcc6d03836395344246227c6dd75a30fad00b87d473c6fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46
9da5b00be45970e714b4badc1b721c324fded3cbd0340a11a73df7a7dc63843c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a2facaf6dae2d5feb7fc52e6ebd4c34b3161e79034a567212af4b2864ccfb606
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
aa0ee5f3b92a7d98d18df3a77b9f32c8f501371dad2c728dee44a250f73af861
aaf4f5918ce280896a8e019f869f7b56237e7599b892f802871b4833b9f12eb4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29127ce9ae8b0ce73dcf71ed3950d43674063068df2ae515f8cfcec027a9a77
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b735324cd34c9c013413a2a953ce5756e83e8c2535ed5c1fa545f3b8783c5606
b77b46d5c51115538995a11cc38fad6f6bb5bfcf42c80420360b3ccf2f8f2252
b7f9448f7f7d44ea172a8cf037d5957c3409139bff949bf53bf1c3b97b23b789
b9aa43571cb07d1612af573ee331a416d6671b7fcbc55d37352ed2e3cf109280
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be76662e7b110cfe5c3b530cea232ebe2afbeb11336e17e0f197187fb711298b
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a8050e843065e7e005b43d5d248d781a0d8f703dd123c17f48fb6b23030754
c57918796429689eb261e8438f5edec56be35b3ed63d2b7d3d31db19741e1122
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9e570f954cad0238d32209fe96ee4fef17842d9c53fa996c97e4ff91dde669c
ca5a13618227cf8e51c00f12e054bf9fcc6f0323b307469d0db4bb72de803cfc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbba0c613af3356697dbba64c51106a1c0921c28754623e866a1220bab68859f
ccef816cd54fcf5008d9ea688cd69d93a12ace2a2b4f65df9c4b5418ea7c7107
cda3ccc5c88e73caa5fd409ed1af6a15ab9bfe9afa517421f680ccaf6b553645
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c428471f546056d81be7a3828dbcbe8ec620d974f7af9c22b30840c271f0d7
d74ff686b312df2e7fd68cff8ec16cecd089d1e176346b14ebcaf1bba1033bc9
d834bd13fb05ce21405cab931bea2d9cc7d65e6b551d0a0b84d45c0407e73dd1
d8b9ee0b22aefc8bd860464401701957a2f9a7703881c4f39314f30bcfc52590
d9be3e54cf64fa767b71946bb28e8725d5bb85d8a6b579ab724b13491ee9c35f
dda82e2e250c8a1a9ee6b1e9ce3dcad8b70085977b660c2b12205491a54935ea
e0e1e61ea37783350d2b5811ed3728e88261ca70721a414ebb60e4208d1702c8
e3382df05aaf3d2b850bc412e99dbc85f12ad478afe7a4495c9f7819c8f1d994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb
e7b9007043cbb1fa860a5ffd0652b5640ecb011cf17829daaf2d4a520c5253bc
eb04d083f74e4683409d96bb239bf76e349c1d59733e87bee0d556a0791b99bd
eb8960767c07a91f5338afc8b5c0caea319f510a322f5f9adbdb4db6ecf03d43
ec2f950525260f1968ecc3abaab171db71c87414cef3d8e3570db5b2608b7cd1
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed382ccc527c02533d8b900f80dbe32494020c1d09109f4dcd31878ef4d0b9c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff789b9056b609b3320534e88c32ddf72b4d1ba813e8544b50ac9a240a25216
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc57187158affe131d50764437b8373ad3c475fc7cd488777c2a3660446d3293
fd3dd8a7e699c9b0c41905888dcb8ad521747b0223a1d5bf924687af4e620238
ffbf9d2a933d9dcb0f7ee68d389676f2799446d4d74dead0bd4ce495cfe5612b