urlscan.io logo urlscan.io
SecurityTrails logo

finans.mynet.com Open in urlscan Pro
135.148.122.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://finans.mynet.com/
Submission: On November 01 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 176 IPs in 12 countries across 157 domains to perform 859 HTTP transactions. The main IP is 135.148.122.134, located in United States and belongs to OVH, FR. The main domain is finans.mynet.com. The Cisco Umbrella rank of the primary domain is 139690.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 12th 2023. Valid for: a year.
This is the only time finans.mynet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 135.148.122.134 16276 (OVH)
11 2620:100:a001::4 19750 (AS-CRITEO)
32 2607:f8b0:400... 15169 (GOOGLE)
17 195.142.105.15 199484 (SAGLAYICI)
8 51.81.107.96 16276 (OVH)
57 135.148.55.194 16276 (OVH)
15 2607:f8b0:402... 15169 (GOOGLE)
11 2607:f8b0:402... 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
5 8 2620:100:a001::c 19750 (AS-CRITEO)
9 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 13.35.77.44 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.44.203.22 20940 (AKAMAI-ASN1)
3 2a02:6ea0:c45... 60068 (CDN77 ^_^)
34 151.101.65.44 54113 (FASTLY)
1 212.101.122.30 199484 (SAGLAYICI)
1 35.241.45.217 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 74.119.119.139 19750 (AS-CRITEO)
2 34.160.111.29 396982 (GOOGLE-CL...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
10 54.235.112.177 14618 (AMAZON-AES)
1 141.95.98.64 16276 (OVH)
2 5 44.193.54.186 14618 (AMAZON-AES)
1 2 34.102.243.38 396982 (GOOGLE-CL...)
1 205.185.216.10 20446 (STACKPATH...)
4 16 34.98.64.218 396982 (GOOGLE-CL...)
5 151.101.129.44 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2602:803:c002... 26667 (RUBICONPR...)
12 2620:100:a001... 19750 (AS-CRITEO)
2 11 185.184.8.90 204995 (RTB-HOUSE...)
15 2607:f8b0:402... 15169 (GOOGLE)
17 18 3.33.220.150 16509 (AMAZON-02)
4 9 34.111.113.62 396982 (GOOGLE-CL...)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
2 19 52.46.155.104 16509 (AMAZON-02)
17 22 172.217.13.162 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
17 2607:f8b0:402... 15169 (GOOGLE)
12 65.8.197.6 16509 (AMAZON-02)
17 23.47.69.5 16625 (AKAMAI-AS)
13 2607:f8b0:402... 15169 (GOOGLE)
2 13.35.77.77 16509 (AMAZON-02)
2 18.161.31.77 16509 (AMAZON-02)
6 172.64.153.173 13335 (CLOUDFLAR...)
9 18.161.34.119 16509 (AMAZON-02)
10 68.71.249.118 46562 (PERFORMIVE)
2 8.28.7.92 62713 (AS-PUBMATIC)
2 2607:f8b0:402... 15169 (GOOGLE)
4 2607:f8b0:402... 15169 (GOOGLE)
2 5 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 67.202.105.31 32748 (STEADFAST)
3 2600:9000:24e... 16509 (AMAZON-02)
2 6 2620:116:800b... 14618 (AMAZON-AES)
14 39 68.67.160.184 29990 (ASN-APPNEX)
4 4 162.248.18.32 62713 (AS-PUBMATIC)
1 9 8.28.7.83 62713 (AS-PUBMATIC)
1 5 8.28.7.84 62713 (AS-PUBMATIC)
3 4 172.64.151.101 13335 (CLOUDFLAR...)
10 14 34.200.65.202 14618 (AMAZON-AES)
1 1 69.166.1.66 27630 (AS-XFERNET)
1 1 8.39.36.141 26667 (RUBICONPR...)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
1 1 8.2.110.161 46636 (NATCOWEB)
1 2 2600:9000:24e... 16509 (AMAZON-02)
4 4 35.194.66.159 396982 (GOOGLE-CL...)
2 2 35.208.249.213 19527 (GOOGLE-2)
1 1 23.56.220.66 16625 (AKAMAI-AS)
6 8 70.42.32.31 22075 (AS-OUTBRAIN)
2 3 69.173.151.100 26667 (RUBICONPR...)
3 67.202.105.34 32748 (STEADFAST)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
8 64.31.24.174 46475 (LIMESTONE...)
10 3.212.185.188 14618 (AMAZON-AES)
22 184.29.130.170 16625 (AKAMAI-AS)
3 4 23.105.12.171 30633 (LEASEWEB-...)
2 2600:9000:20e... 16509 (AMAZON-02)
8 34.149.20.76 15169 (GOOGLE)
5 8 74.119.119.150 19750 (AS-CRITEO)
2 2 3.229.12.239 14618 (AMAZON-AES)
2 80.77.87.161 46636 (NATCOWEB)
15 18 67.202.105.24 32748 (STEADFAST)
13 34.117.239.71 396982 (GOOGLE-CL...)
5 5 207.198.113.203 13768 (COGECO-PEER1)
4 4 54.165.64.233 14618 (AMAZON-AES)
13 151.101.129.108 54113 (FASTLY)
3 104.36.115.113 62713 (AS-PUBMATIC)
36 73 8.43.72.98 26667 (RUBICONPR...)
9 104.36.115.111 62713 (AS-PUBMATIC)
8 185.167.164.49 198622 (ADFORM)
9 216.22.16.0 30633 (LEASEWEB-...)
1 10 63.251.114.136 32475 (SINGLEHOP...)
1 208.115.232.150 46475 (LIMESTONE...)
3 5 50.16.174.192 14618 (AMAZON-AES)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.0.156.250 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
2 3 54.243.79.242 14618 (AMAZON-AES)
2 2 13.35.77.61 16509 (AMAZON-02)
4 4 199.38.167.131 54312 (ROCKETFUEL)
4 6 52.71.10.237 14618 (AMAZON-AES)
1 2 107.178.254.65 15169 (GOOGLE)
2 2 34.197.235.211 14618 (AMAZON-AES)
1 54.157.9.133 14618 (AMAZON-AES)
1 1 23.205.2.235 16625 (AKAMAI-AS)
11 12 35.211.178.172 19527 (GOOGLE-2)
10 10 2606:ae80:147... 25751 (VALUECLICK)
2 5 35.71.139.29 16509 (AMAZON-02)
3 2620:100:a001... 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
2 74.119.119.147 19750 (AS-CRITEO)
1 1 52.71.55.107 14618 (AMAZON-AES)
1 2 35.186.253.211 15169 (GOOGLE)
3 3 52.3.45.131 14618 (AMAZON-AES)
6 8 35.190.60.146 15169 (GOOGLE)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
3 4 151.101.194.49 54113 (FASTLY)
1 40.76.134.238 8075 (MICROSOFT...)
2 23 162.248.18.37 62713 (AS-PUBMATIC)
8 8 52.5.96.97 14618 (AMAZON-AES)
3 3 35.207.24.140 15169 (GOOGLE)
1 18.239.183.39 16509 (AMAZON-02)
1 52.95.125.22 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 63.251.86.49 10913 (INTERNAP-BLK)
1 147.28.129.37 54825 (PACKET)
2 2620:100:a001... 19750 (AS-CRITEO)
5 6 50.16.193.198 14618 (AMAZON-AES)
1 1 15.235.42.104 16276 (OVH)
1 3 23.105.14.106 30633 (LEASEWEB-...)
2 18 141.226.224.48 200478 (TABOOLA-AS)
1 184.29.129.73 16625 (AKAMAI-AS)
1 2 124.146.153.162 2514 (INFOSPHER...)
2 195.244.31.11 63140 (IGUANA-WO...)
2 23.72.185.28 16625 (AKAMAI-AS)
1 198.54.201.131 41690 (DAILYMOTI...)
1 2 63.251.28.233 13789 (INTERNAP-...)
1 2 34.200.174.91 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 54.235.123.154 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 3.220.156.61 14618 (AMAZON-AES)
1 54.85.98.164 14618 (AMAZON-AES)
2 23.40.179.59 20940 (AKAMAI-ASN1)
1 2 54.147.68.48 14618 (AMAZON-AES)
1 2 18.239.183.96 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
6 141.226.124.48 200478 (TABOOLA-AS)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
6 205.185.216.42 20446 (STACKPATH...)
5 168.119.146.39 24940 (HETZNER-AS)
4 5 198.148.27.131 19189 (PULSEPOINT)
1 2 8.18.47.7 398989 (DEEPINTENT)
3 3 173.231.184.20 32475 (SINGLEHOP...)
1 1 18.232.41.116 14618 (AMAZON-AES)
2 2 52.22.134.111 14618 (AMAZON-AES)
1 2 18.233.115.175 14618 (AMAZON-AES)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 2 35.214.168.108 15169 (GOOGLE)
1 35.186.193.173 15169 (GOOGLE)
1 1 172.104.70.67 63949 (AKAMAI-LI...)
8 9 199.127.204.171 26120 (RHYTHMONE)
1 195.5.165.20 44968 (IPROM-AS)
1 2 23.23.163.185 14618 (AMAZON-AES)
2 34.206.214.59 14618 (AMAZON-AES)
1 52.4.102.254 14618 (AMAZON-AES)
1 52.44.0.179 14618 (AMAZON-AES)
2 3 38.98.69.175 174 (COGENT-174)
3 3 185.167.164.43 198622 (ADFORM)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 162.55.120.196 24940 (HETZNER-AS)
2 2 23.36.85.188 16625 (AKAMAI-AS)
1 52.215.237.180 16509 (AMAZON-02)
2 2 64.227.64.62 14061 (DIGITALOC...)
2 15 51.222.39.186 16276 (OVH)
1 1 104.22.69.131 13335 (CLOUDFLAR...)
2 2 18.196.42.80 16509 (AMAZON-02)
1 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 2600:9000:26d... 16509 (AMAZON-02)
1 18.239.183.56 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.190.90.30 15169 (GOOGLE)
1 1 2600:9000:24e... 16509 (AMAZON-02)
1 64.19.224.208 14332 (SHOPZILLA)
2 2 141.94.171.215 16276 (OVH)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
2 2 143.244.208.184 14061 (DIGITALOC...)
1 54.209.96.121 14618 (AMAZON-AES)
2 2 5.161.92.137 213230 (HETZNER-C...)
1 1 216.200.232.249 30419 (MEDIAMATH...)
1 1 213.19.162.90 ()
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 1 192.132.33.68 18568 (BIDTELLECT)
1 34.149.50.64 ()
1 3.212.136.27 14618 (AMAZON-AES)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.232.190.217 ()
1 34.96.105.8 ()
1 96.46.186.182 ()
1 1 85.114.159.93 ()
1 18.161.34.107 ()
1 34.107.148.139 ()
1 54.208.192.0 ()
1 3.225.78.235 ()
1 2606:ae80:147... ()
1 159.89.246.130 ()
1 1 172.105.220.23 ()
859 176
8    135.148.122.134 (United States)

ASN16276 (OVH, FR)
PTR: ns1009180.ip-135-148-122.us
finans.mynet.com
11    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
32    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
17    195.142.105.15 (Istanbul, Turkey)

ASN199484 (SAGLAYICI, TR)
adl.mynetreklam.com
img7.mynet.com.tr
img7.mynet.com
8    51.81.107.96 (Warrenton, United States)

ASN16276 (OVH, FR)
PTR: ns1000014.ip-51-81-107.us
s.mynet.com.tr
57    135.148.55.194 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1007904.ip-135-148-55.us
imgrosetta.mynet.com.tr
15    2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
analytics.google.com
11    2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
9    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
cdn-sic.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    13.35.77.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-44.bos50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.44.203.22 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-22.deploy.static.akamaitechnologies.com
cdn.mookie1.com
3    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn.insurads.com
34    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
wf.taboola.com
imprchmp.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
match.taboola.com
1    212.101.122.30 (Turkey)

ASN199484 (SAGLAYICI, TR)
gethit.mynet.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    34.160.111.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.111.160.34.bc.googleusercontent.com
tr-gmtdmp.mookie1.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
10    54.235.112.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-112-177.compute-1.amazonaws.com
services.insurads.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
5    44.193.54.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-54-186.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
pandg.tapad.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
apv-launcher.minute.ly
16    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
underdogmedia-d.openx.net
5    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
pips.taboola.com
1    2606:4700:20::681a:658 (United States)

ASN13335 (CLOUDFLARENET, US)
mynet.rtb.pixad.com.tr
9    2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
11    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
15    2607:f8b0:4020:804::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
cdn.ampproject.org
a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com
18    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
5    2600:1f18:4e9:5a01:644d:6614:5b6b:ed06 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
19    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
22    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
cm.g.doubleclick.net
1    2606:4700:20::681a:ada (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
2    2606:4700:10::ac43:1b1a (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
17    2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
12    65.8.197.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-197-6.bos50.r.cloudfront.net
c.amazon-adsystem.com
17    23.47.69.5 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-5.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    13.35.77.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-77.bos50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.161.31.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-31-77.bos50.r.cloudfront.net
aax.amazon-adsystem.com
6    172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
9    18.161.34.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-119.bos50.r.cloudfront.net
windsplay.com
10    68.71.249.118 (United States)

ASN46562 (PERFORMIVE, US)
udmserve.net
2    8.28.7.92 (United States)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
2    2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
lexicon.33across.com
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
3    2600:9000:24ef:b600:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
6    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
39    68.67.160.184 (Fairfield, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
r.casalemedia.com
14    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
2    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
2    2600:9000:24ef:7600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    23.56.220.66 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com
cs.media.net
8    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
sync.outbrain.com
3    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
8    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
8    64.31.24.174 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 174-24-31-64.static.reverse.lstn.net
s.richaudience.com
10    3.212.185.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-185-188.compute-1.amazonaws.com
match.sharethrough.com
22    184.29.130.170 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-130-170.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
2    2600:9000:20ea:2c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
8    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
8    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
widget.va.us.criteo.com
2    3.229.12.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-12-239.compute-1.amazonaws.com
ssp.disqus.com
2    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
18    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
sic.33across.com
pixel.33across.com
dp1.33across.com
13    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
5    207.198.113.203 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    54.165.64.233 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-64-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
13    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
73    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
9    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
adx2.adform.net
9    216.22.16.0 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg.smartadserver.com
10    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    208.115.232.150 (Wilmington, United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
5    50.16.174.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com
ps.eyeota.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
loadm.exelator.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
3    54.243.79.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-79-242.compute-1.amazonaws.com
map.go.affec.tv
2    13.35.77.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-61.bos50.r.cloudfront.net
live.rezync.com
4    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    52.71.10.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-10-237.compute-1.amazonaws.com
i.liadm.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    34.197.235.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-235-211.compute-1.amazonaws.com
usermatch.krxd.net
1    54.157.9.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-9-133.compute-1.amazonaws.com
beacon.krxd.net
1    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
10    2606:ae80:1471:1c::2010 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
stx-match.dotomi.com
pubmatic-match.dotomi.com
prebid-match.dotomi.com
rubicon-match.dotomi.com
5    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
2    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    52.71.55.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-55-107.compute-1.amazonaws.com
aorta.clickagy.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    52.3.45.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-45-131.compute-1.amazonaws.com
sync.ipredictive.com
8    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
23    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
8    52.5.96.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-96-97.compute-1.amazonaws.com
match.prod.bidr.io
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    18.239.183.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-39.bos50.r.cloudfront.net
redcarpat.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
1    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
6    50.16.193.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-193-198.compute-1.amazonaws.com
partner.mediawallahscript.com
1    15.235.42.104 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
ws.rqtrk.eu
3    23.105.14.106 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.106.rdns.racklot.com
rtb-csync.smartadserver.com
18    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
sync.taboola.com
1    184.29.129.73 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-73.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
2    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
2    23.72.185.28 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-185-28.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    198.54.201.131 (United States)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-01-pub-prod-nyc.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
2    63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    34.200.174.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-174-91.compute-1.amazonaws.com
ad.360yield.com
1    2600:1f18:ed:550a:20d6:29ab:74:798c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    54.235.123.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-123-154.compute-1.amazonaws.com
exchange.mediavine.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    3.220.156.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-156-61.compute-1.amazonaws.com
jadserve.postrelease.com
1    54.85.98.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-98-164.compute-1.amazonaws.com
trends.revcontent.com
2    23.40.179.59 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-59.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    54.147.68.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-68-48.compute-1.amazonaws.com
dpm.demdex.net
2    18.239.183.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-96.bos50.r.cloudfront.net
aa.agkn.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
6    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-match.taboola.com
10    2606:4700:10::ac43:b0e (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.tldw.me
counter.tldw.me
6    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
apv-static.tldw.me
5    168.119.146.39 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
5    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
1    18.232.41.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-41-116.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    52.22.134.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-134-111.compute-1.amazonaws.com
pm.w55c.net
2    18.233.115.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-115-175.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    35.214.168.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.168.214.35.bc.googleusercontent.com
csync.loopme.me
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com
gocm.c.appier.net
9    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    23.23.163.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-163-185.compute-1.amazonaws.com
thrtle.com
2    34.206.214.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-214-59.compute-1.amazonaws.com
crb.kargo.com
1    52.4.102.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-102-254.compute-1.amazonaws.com
sync.bfmio.com
1    52.44.0.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-0-179.compute-1.amazonaws.com
rtb.adentifi.com
3    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
rbp.mxptint.net
3    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    23.36.85.188 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-85-188.deploy.static.akamaitechnologies.com
px.owneriq.net
1    52.215.237.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-237-180.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
15    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
2    18.196.42.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-42-80.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
2    2600:9000:26dc:6a00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.239.183.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-56.bos50.r.cloudfront.net
sync1.intentiq.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    2600:9000:24eb:a800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    64.19.224.208 (United States)

ASN14332 (SHOPZILLA, US)
pxl.connexity.net
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
2    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
1    54.209.96.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-96-121.compute-1.amazonaws.com
in.treasuredata.com
2    5.161.92.137 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.137.92.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    213.19.162.90 (None, )

ASN- ()
pixel-eu.rubiconproject.com
1    2600:9000:20ea:4400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 68.bidtellect.com
bttrack.com
1    34.149.50.64 (None, )

ASN- ()
s.seedtag.com
1    3.212.136.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-136-27.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.232.190.217 (None, )

ASN- ()
cs.yellowblue.io
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
1    96.46.186.182 (None, )

ASN- ()
sync.aniview.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    18.161.34.107 (None, )

ASN- ()
usr.undertone.com
1    34.107.148.139 (None, )

ASN- ()
prebid-s2s.media.net
1    54.208.192.0 (None, )

ASN- ()
ads.yieldmo.com
1    3.225.78.235 (None, )

ASN- ()
sync.ex.co
1    2606:ae80:1471:1b::1780 (None, )

ASN- ()
match.sync.ad.cpe.dotomi.com
1    159.89.246.130 (None, )

ASN- ()
e.serverbid.com
1    172.105.220.23 (None, )

ASN- ()
rcp.c.appier.net
Apex Domain
Subdomains		 Transfer
110 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4691
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-eu.rubiconproject.com
191 KB
78 mynet.com.tr
s.mynet.com.tr — Cisco Umbrella Rank: 167999
img7.mynet.com.tr — Cisco Umbrella Rank: 194072
imgrosetta.mynet.com.tr — Cisco Umbrella Rank: 143312
887 KB
72 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
ut.pubmatic.com — Cisco Umbrella Rank: 12156
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
image6.pubmatic.com — Cisco Umbrella Rank: 823
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
simage2.pubmatic.com — Cisco Umbrella Rank: 843
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
399 KB
64 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
pm-widget.taboola.com — Cisco Umbrella Rank: 3595
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3996
images.taboola.com — Cisco Umbrella Rank: 1923
wf.taboola.com — Cisco Umbrella Rank: 3148
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4931
imprchmp.taboola.com — Cisco Umbrella Rank: 5193
ch-match.taboola.com — Cisco Umbrella Rank: 5323
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
match.taboola.com — Cisco Umbrella Rank: 5178
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
670 KB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
904 KB
53 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
lexicon.33across.com — Cisco Umbrella Rank: 1497
cdn-sic.33across.com — Cisco Umbrella Rank: 17143
ssc.33across.com — Cisco Umbrella Rank: 3592
ssc-cms.33across.com — Cisco Umbrella Rank: 923
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 5430
events-ssc.33across.com — Cisco Umbrella Rank: 1543
sic.33across.com — Cisco Umbrella Rank: 15367
pixel.33across.com — Cisco Umbrella Rank: 4596
dp1.33across.com — Cisco Umbrella Rank: 8156
388 KB
52 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
304 KB
37 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
ads.us.criteo.com — Cisco Umbrella Rank: 2842
cat.va.us.criteo.com — Cisco Umbrella Rank: 3136
widget.va.us.criteo.com — Cisco Umbrella Rank: 5964
40 KB
36 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
360 KB
29 googlesyndication.com
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com
154 KB
20 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
underdogmedia-d.openx.net — Cisco Umbrella Rank: 33110
rtb.openx.net — Cisco Umbrella Rank: 695
4 KB
18 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
6 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
8 KB
17 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
117 KB
16 tldw.me
snippet.tldw.me — Cisco Umbrella Rank: 23526
counter.tldw.me — Cisco Umbrella Rank: 17005
apv-static.tldw.me — Cisco Umbrella Rank: 18308
521 KB
16 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6263
prg.smartadserver.com — Cisco Umbrella Rank: 1611
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
5 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
7 KB
14 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 17151
shb.richaudience.com — Cisco Umbrella Rank: 3792
sync.richaudience.com — Cisco Umbrella Rank: 1851
17 KB
13 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 21212
services.insurads.com — Cisco Umbrella Rank: 17678
56 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
168 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.us.criteo.net — Cisco Umbrella Rank: 2920
145 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
6 KB
12 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7332
creativecdn.com — Cisco Umbrella Rank: 592
4 KB
11 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 3517
stx-match.dotomi.com — Cisco Umbrella Rank: 2265
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
prebid-match.dotomi.com — Cisco Umbrella Rank: 2253
rubicon-match.dotomi.com
match.sync.ad.cpe.dotomi.com
4 KB
11 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
6 KB
11 adform.net
adx2.adform.net — Cisco Umbrella Rank: 13158
c1.adform.net — Cisco Umbrella Rank: 599
6 KB
11 mynet.com
finans.mynet.com — Cisco Umbrella Rank: 139690
img7.mynet.com — Cisco Umbrella Rank: 252403
gethit.mynet.com — Cisco Umbrella Rank: 409925
363 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
207 KB
10 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3524
10 KB
10 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 12815
sc.tynt.com — Cisco Umbrella Rank: 15460
ic.tynt.com — Cisco Umbrella Rank: 5525
de.tynt.com — Cisco Umbrella Rank: 1605
37 KB
10 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 2180
pixel.tapad.com — Cisco Umbrella Rank: 487
3 KB
9 windsplay.com
windsplay.com — Cisco Umbrella Rank: 597629
46 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
5 KB
8 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 KB
8 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 33983
977 KB
7 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
4 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
6 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2780
4 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
20 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
355 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
14 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
4 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1011 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
4 KB
4 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1596
load77.exelator.com — Cisco Umbrella Rank: 4116
loadm.exelator.com — Cisco Umbrella Rank: 1743
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
r.casalemedia.com — Cisco Umbrella Rank: 1699
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
4 mookie1.com
cdn.mookie1.com — Cisco Umbrella Rank: 38741
tr-gmtdmp.mookie1.com — Cisco Umbrella Rank: 183371
odr.mookie1.com — Cisco Umbrella Rank: 1324
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
175 KB
3 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
3 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
rbp.mxptint.net
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
2 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
d.agkn.com — Cisco Umbrella Rank: 755
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1 KB
3 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1979
beacon.krxd.net — Cisco Umbrella Rank: 758
654 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 8594
2 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1513
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net Failed
prebid-s2s.media.net
3 KB
3 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 24235
163 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2315
547 B
2 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 1564
570 B
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
556 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3239
799 B
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3211
634 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
1 KB
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
717 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
rcp.c.appier.net
833 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
380 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
831 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
696 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
2 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
1 KB
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
1 KB
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
878 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
909 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
546 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
527 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 988
836 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
2 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
352 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1022 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
478 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
742 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
5 KB
2 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 6634
284 B
2 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 6283
snippet.minute.ly — Cisco Umbrella Rank: 8683
42 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1822
feed.pghub.io — Cisco Umbrella Rank: 2092
6 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
181 KB
2 mynetreklam.com
adl.mynetreklam.com — Cisco Umbrella Rank: 285819
122 KB
1 serverbid.com
e.serverbid.com
406 B
1 ex.co
sync.ex.co
365 B
1 yieldmo.com
ads.yieldmo.com
599 B
1 undertone.com
usr.undertone.com
294 B
1 adition.com
dsp.adfarm1.adition.com
471 B
1 aniview.com
sync.aniview.com
251 B
1 blismedia.com
tr.blismedia.com
173 B
1 yellowblue.io
cs.yellowblue.io
326 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1873
458 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1901
326 B
1 seedtag.com
s.seedtag.com
284 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
351 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
532 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
672 B
1 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 4529
448 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1733
294 B
1 connexity.net
pxl.connexity.net — Cisco Umbrella Rank: 5344
771 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2436
519 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2822
613 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
377 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
463 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
35 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
346 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2528
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
691 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2641
122 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2580
277 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
411 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 redcarpat.com
redcarpat.com — Cisco Umbrella Rank: 106277
36 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2013
652 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6847
561 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
642 B
1 pixad.com.tr
mynet.rtb.pixad.com.tr — Cisco Umbrella Rank: 227466
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
897 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
0 gnetwork.me Failed
gixel.gnetwork.me Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 yandex.ru Failed
bs.yandex.ru Failed
859 157
Domain Requested by
58 pixel.rubiconproject.com 28 redirects s.amazon-adsystem.com
ads.us.criteo.com
onetag-sys.com
57 imgrosetta.mynet.com.tr finans.mynet.com
32 securepubads.g.doubleclick.net finans.mynet.com
securepubads.g.doubleclick.net
cdn.insurads.com
www.googletagservices.com
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
cdn-sic.33across.com
30 ib.adnxs.com 6 redirects bid.underdog.media
hb.adpone.com
acdn.adnxs.com
s.amazon-adsystem.com
23 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.us.criteo.com
ads.pubmatic.com
22 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
de.tynt.com
hb.adpone.com
22 cm.g.doubleclick.net 17 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
onetag-sys.com
19 s.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
ads.pubmatic.com
onetag-sys.com
18 match.adsrvr.org 17 redirects bid.underdog.media
17 ads.pubmatic.com cdn.insurads.com
ads.pubmatic.com
s.amazon-adsystem.com
de.tynt.com
hb.adpone.com
sync.richaudience.com
15 onetag-sys.com 2 redirects sync.richaudience.com
onetag-sys.com
15 token.rubiconproject.com 8 redirects eus.rubiconproject.com
14 sync.taboola.com 2 redirects ch-match.taboola.com
14 trc.taboola.com cdn.taboola.com
ch-match.taboola.com
14 fundingchoicesmessages.google.com finans.mynet.com
securepubads.g.doubleclick.net
13 acdn.adnxs.com cdn-sic.33across.com
hb.adpone.com
acdn.adnxs.com
13 ssc-cms.33across.com 13 redirects
13 ups.analytics.yahoo.com 9 redirects us-u.openx.net
ads.us.criteo.com
bid.underdog.media
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
finans.mynet.com
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
13 img7.mynet.com.tr finans.mynet.com
12 x.bidswitch.net 11 redirects ads.us.criteo.com
12 events-ssc.33across.com us-u.openx.net
ads.pubmatic.com
12 c.amazon-adsystem.com finans.mynet.com
c.amazon-adsystem.com
cdn-sic.33across.com
12 us-u.openx.net 2 redirects google-bidout-d.openx.net
de.tynt.com
us-u.openx.net
12 bidder.criteo.com adl.mynetreklam.com
static.criteo.net
bid.underdog.media
hb.adpone.com
12 cdn.taboola.com finans.mynet.com
cdn.taboola.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 fonts.gstatic.com finans.mynet.com
fonts.googleapis.com
cdn.taboola.com
11 static.criteo.net finans.mynet.com
securepubads.g.doubleclick.net
ads.us.criteo.com
10 ap.lijit.com 1 redirects hb.adpone.com
ads.pubmatic.com
10 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
ads.us.criteo.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 udmserve.net securepubads.g.doubleclick.net
bid.underdog.media
10 services.insurads.com cdn.insurads.com
9 prg.smartadserver.com hb.adpone.com
ads.pubmatic.com
9 hbopenbid.pubmatic.com hb.adpone.com
ads.pubmatic.com
9 image2.pubmatic.com 1 redirects s.amazon-adsystem.com
ads.pubmatic.com
9 secure.adnxs.com 8 redirects
9 windsplay.com finans.mynet.com
windsplay.com
9 pixel.tapad.com 4 redirects pandg.tapad.com
us-u.openx.net
s.amazon-adsystem.com
9 prebid-eu.creativecdn.com adl.mynetreklam.com
hb.adpone.com
9 fastlane.rubiconproject.com adl.mynetreklam.com
hb.adpone.com
8 match.prod.bidr.io 8 redirects
8 adx2.adform.net hb.adpone.com
8 ssc.33across.com bid.underdog.media
cdn-sic.33across.com
8 s.richaudience.com windsplay.com
8 hb.adpone.com finans.mynet.com
windsplay.com
8 gum.criteo.com 5 redirects static.criteo.net
cdn.taboola.com
8 s.mynet.com.tr finans.mynet.com
s.mynet.com.tr
8 finans.mynet.com 1 redirects finans.mynet.com
s.mynet.com.tr
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
7 dis.criteo.com 5 redirects
6 sync.1rx.io 6 redirects
6 apv-static.tldw.me
6 partner.mediawallahscript.com 5 redirects
6 i.liadm.com 4 redirects
6 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
6 www.googletagservices.com securepubads.g.doubleclick.net
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
5 idsync.rlcdn.com 3 redirects
5 bh.contextweb.com 4 redirects
5 sync.richaudience.com hb.adpone.com
sync.richaudience.com
onetag-sys.com
5 counter.tldw.me snippet.tldw.me
5 snippet.tldw.me apv-launcher.minute.ly
snippet.tldw.me
5 eb2.3lift.com 2 redirects s.amazon-adsystem.com
ads.us.criteo.com
5 ps.eyeota.net 3 redirects
5 pixel-sync.sitescout.com 5 redirects
5 lexicon.33across.com 2 redirects bid.underdog.media
5 pr-bh.ybp.yahoo.com 3 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 sync-t1.taboola.com ads.us.criteo.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 ad.turn.com 4 redirects
4 p.rfihub.com 4 redirects
4 px.ads.linkedin.com 1 redirects us-u.openx.net
s.amazon-adsystem.com
4 sync.srv.stackadapt.com 4 redirects
4 sync.outbrain.com 2 redirects s.amazon-adsystem.com
ads.us.criteo.com
4 b1sync.zemanta.com 4 redirects
4 um.simpli.fi 4 redirects
4 image8.pubmatic.com 4 redirects
4 fonts.googleapis.com securepubads.g.doubleclick.net
client
4 f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 connect.facebook.net s.mynet.com.tr
finans.mynet.com
connect.facebook.net
3 c1.adform.net 3 redirects
3 sync.targeting.unrulymedia.com 2 redirects
3 cm.adgrx.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 ch-trc-events.taboola.com
3 rtb-csync.smartadserver.com 1 redirects ads.us.criteo.com
3 rtb.mfadsrvr.com 3 redirects
3 id.rlcdn.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 ssp-sync.criteo.com static.criteo.net
3 map.go.affec.tv 2 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 sic.33across.com cdn-sic.33across.com
3 sync.crwdcntrl.net 2 redirects
3 de.tynt.com cdn.tynt.com
3 pixel-us-east.rubiconproject.com 2 redirects s.amazon-adsystem.com
3 ssum-sec.casalemedia.com 3 redirects
3 bid.underdog.media udmserve.net
bid.underdog.media
3 sc.tynt.com cdn.tynt.com
3 cdn.tynt.com finans.mynet.com
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
3 mug.criteo.com finans.mynet.com
3 cdn.insurads.com www.googletagmanager.com
services.insurads.com
3 cdn-ima.33across.com securepubads.g.doubleclick.net
finans.mynet.com
2 rubicon-match.dotomi.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 creativecdn.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 sid.storygize.net 2 redirects
2 ml314.com 1 redirects
2 pixel.onaudience.com 2 redirects
2 mwzeom.zeotap.com
2 sync.intentiq.com 1 redirects
2 ssbsync.smartadserver.com 1 redirects
2 ih.adscale.de 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 px.owneriq.net 2 redirects
2 pmp.mxptint.net 1 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 crb.kargo.com
2 thrtle.com 1 redirects
2 csync.loopme.me 1 redirects
2 ums.acuityplatform.com 2 redirects
2 a.tribalfusion.com 1 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 2 redirects
2 match.deepintent.com 1 redirects ads.pubmatic.com
2 ch-vid-events.taboola.com
2 images.taboola.com
2 aa.agkn.com 1 redirects
2 dpm.demdex.net 1 redirects
2 hb.yahoo.net
2 jadserve.postrelease.com ads.us.criteo.com
2 exchange.mediavine.com ads.us.criteo.com
2 ad.360yield.com 1 redirects
2 ads.stickyadstv.com 1 redirects ads.us.criteo.com
2 tags.bluekai.com
2 visitor.omnitagjs.com ads.us.criteo.com
2 tg.socdm.com 1 redirects ads.us.criteo.com
2 csm.us.criteo.net ads.us.criteo.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 stx-match.dotomi.com 2 redirects
2 pixel.quantserve.com
2 rtb.openx.net 1 redirects us-u.openx.net
2 cat.va.us.criteo.com finans.mynet.com
ads.us.criteo.com
2 33across-match.dotomi.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 pippio.com 1 redirects
2 live.rezync.com 2 redirects
2 loadus.exelator.com 2 redirects
2 cs.admanmedia.com match.sharethrough.com
2 ssp.disqus.com 2 redirects
2 rules.quantcount.com secure.quantserve.com
2 u.openx.net 2 redirects
2 trace.mediago.io 2 redirects
2 s.ad.smaato.net 1 redirects ads.us.criteo.com
2 sync.technoratimedia.com 2 redirects
2 image4.pubmatic.com 1 redirects s.amazon-adsystem.com
2 secure.quantserve.com udmserve.net
2 www.google.com tpc.googlesyndication.com
finans.mynet.com
2 ut.pubmatic.com ads.pubmatic.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
2 counter.snackly.co snippet.minute.ly
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 oajs.openx.net 1 redirects finans.mynet.com
2 tr-gmtdmp.mookie1.com finans.mynet.com
2 www.googletagmanager.com s.mynet.com.tr
www.googletagmanager.com
2 www.gstatic.com finans.mynet.com
2 img7.mynet.com finans.mynet.com
2 adl.mynetreklam.com finans.mynet.com
1 rcp.c.appier.net 1 redirects
1 e.serverbid.com
1 rbp.mxptint.net 1 redirects
1 match.sync.ad.cpe.dotomi.com
1 sync.ex.co
1 ads.yieldmo.com
1 prebid-s2s.media.net
1 usr.undertone.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.aniview.com
1 tr.blismedia.com
1 cs.yellowblue.io
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 s2s.t13.io
1 cs.minutemedia-prebid.com
1 s.seedtag.com
1 bttrack.com 1 redirects
1 live.primis.tech 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 sync.mathtag.com 1 redirects
1 match.taboola.com
1 in.treasuredata.com
1 pixel.advertising.com 1 redirects
1 loadm.exelator.com
1 pxl.connexity.net
1 d.agkn.com 1 redirects
1 odr.mookie1.com
1 sync1.intentiq.com
1 fei.pro-market.net
1 csync.smilewanted.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 matching.truffle.bid ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 rtb.adentifi.com
1 sync.bfmio.com
1 core.iprom.net ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 vidstatb.taboola.com
1 ch-match.taboola.com vidstat.taboola.com
1 imprchmp.taboola.com
1 wf.taboola.com vidstat.taboola.com
1 a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.media.net ads.pubmatic.com
1 trends.revcontent.com ads.us.criteo.com
1 c.bing.com ads.us.criteo.com
1 i6.liadm.com
1 public-prod-dspcookiematching.dmxleo.com ads.us.criteo.com
1 r.casalemedia.com ads.us.criteo.com
1 criteo-sync.teads.tv ads.us.criteo.com
1 ws.rqtrk.eu 1 redirects
1 widget.va.us.criteo.com ads.us.criteo.com
1 prebid.a-mo.net s.amazon-adsystem.com
1 ce.lijit.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 redcarpat.com finans.mynet.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 aorta.clickagy.com 1 redirects
1 ads.us.criteo.com bid.underdog.media
1 secure-assets.rubiconproject.com 1 redirects
1 dp1.33across.com 1 redirects
1 beacon.krxd.net
1 load77.exelator.com
1 pixel.33across.com 1 redirects
1 shb.richaudience.com hb.adpone.com
1 cms-xch-chicago.33across.com
1 underdogmedia-d.openx.net bid.underdog.media
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 cm-x.mgid.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 ic.tynt.com
1 snippet.minute.ly apv-launcher.minute.ly
1 mynet.rtb.pixad.com.tr adl.mynetreklam.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 apv-launcher.minute.ly cdn.taboola.com
1 pandg.tapad.com pghub.io
1 feed.pghub.io 1 redirects
1 id5-sync.com cdn.id5-sync.com
1 www.facebook.com finans.mynet.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 pghub.io finans.mynet.com
1 gethit.mynet.com s.mynet.com.tr
1 cdn.mookie1.com finans.mynet.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
0 gixel.gnetwork.me Failed
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 contextual.media.net Failed ads.pubmatic.com
0 bs.yandex.ru Failed adl.mynetreklam.com
859 273
Subject Issuer Validity Valid
*.mynet.com
Go Daddy Secure Certificate Authority - G2		 2023-09-12 -
2024-10-13		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.mynetreklam.com
Go Daddy Secure Certificate Authority - G2		 2022-10-11 -
2023-11-12		 a year crt.sh
*.mynet.com.tr
Go Daddy Secure Certificate Authority - G2		 2023-09-12 -
2024-10-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
ak-dvsan01.mookie1.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2023-05-01 -
2024-06-01		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.minute.ly
Sectigo RSA Organization Validation Secure Server CA		 2023-05-30 -
2024-05-18		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
rtb.pixad.com.tr
E1		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2022-11-22 -
2023-12-23		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
windsplay.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-01 -
2023-12-02		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2023-12-17		 3 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-10-25 -
2024-01-23		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
redcarpat.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-01-18		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2023-05-31 -
2024-06-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-04-05 -
2024-05-03		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
tldw.me
GTS CA 1P5		 2023-10-14 -
2024-01-12		 3 months crt.sh
apv-static.tldw.me
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.pro-market.net
Gandi Standard SSL CA 2		 2023-08-06 -
2024-08-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.connexity.net
Sectigo RSA Domain Validation Secure Server CA		 2023-06-29 -
2024-07-29		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.treasuredata.com
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh

This page contains 123 frames:

Primary Page: https://finans.mynet.com/
Frame ID: 6DD25C30AAD813B728701CD45C4C01D5
Requests: 274 HTTP requests in this frame

Frame: https://finans.mynet.com/finanspopupform/
Frame ID: CC020BAD9811657B6D14004853184C67
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=finans.mynet.com
Frame ID: AA2797B9D1C7C9DC18A7894929551391
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D
Frame ID: 7CDDE04BC0D6ABC18C7C69E65641AABE
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 95E83F863BA2093D043BFA104DE43D55
Requests: 6 HTTP requests in this frame

Frame: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26004594E1E38338C54147671A15B1BA
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=757024&appId=1870&s=2243&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Ffinans.mynet.com%2F&sid=C32E2DC4C9A3B7BC&v=1.14.20&ts=1698863807468
Frame ID: F71EA8F4B831ED1C6EFCB5EACB2FEE4C
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=1424257&appId=1870&s=2243&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Ffinans.mynet.com%2F&sid=C32E2DC4C9A3B7BC&v=1.14.20&ts=1698863807478
Frame ID: 67F3A6F6F76557315E82785F2480B91E
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 11290DB39416E9C19943ED27AB9A5C35
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBuiSC3cVrRY0oDtE4I_px0HbSTuzNo6EbukkQA1Tx9geQWP4G1jhmRTpMeIKGCQ196rR9Yx_HSh4uVthK88P0De1P73bFV4C04NGeXyZM4dEjIVKwBJo4H-bG-BKf7Wuqnd_QLCL6iq1HM0gjWs-6Ams23Sk9DATwt4xlcFeraMf3g8VUKGEmKu5f7DOAYp5CTmkrv5_ooH9DVt0xHbqRKETRhBLSAdzi7pu4ftICb9bT7ziuXPyiS8YpFO8X_x0MBdmEkaFEB5OM8j3AP_CfTU0FIlBp-FfWFJxFp-25bnte9UZDcsJfwRW20ZmHpsZLWGj2hmfLeG5Olu0WJFgv4e9fwPZ5oYtZAS76XuXxQS5PZZ5TIEYueI-GuWVx9cvf&sai=AMfl-YRU3_goazlnslPBfGjAuH5XupfJkL3rRRmqYlcoo4_80Iu7YrxBLy0xhSGVdB5_1nwG41MDspXuEq8iIMCsijF0OnkEhkZF_it59jHQ3ZXSUKuZOlk031G4IeLhPpFIUPtQFXo32aLbtAjH5mNS&sig=Cg0ArKJSzGqsqKvbCbVrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D836AE69EB39D02F333879AD2E141131
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2oAfXgqk_zOfAt9hUo2xgNs8rEiMIpoUs8gQqBh1tEVg5f90Z15PVwRdVicA46UAvV9qXwW3JSmhs2atwXf3RZbXjyNyp70x62KfhNj71KvdWPFknXnQEWcq3TM4NKMMDOld4Ah4RFgIGeZy2h9rzG1IrxwWC65nFl74vxQKXSZqZiJhj-f0y7vm74anZFqQrt1ZUwdMDQS1mtr9L3kTKw3jrLV9IuvxREkuCLNKlQSOGO2tfdsqyBMCIQKaNgsaQ7f2iKh3uICUZzHzZ4ksAs8TBZfg9xovQDWAg4rzLeumvu_1FU9YavVk3CDEkiOuwDHxGwfvNLagr4leA__rRGvHpyco5bxaL7ihu6WJD1mC30X2Ai9h4zqf7-w0&sai=AMfl-YRtNnG9PUSC-M-Vfvp17wonNwcmx0PdnRzp0zZ1FWbZ8D_fhaMgktITeAiiRmho88tMS4RRFCiLzbT2Kfs_XNdGKlvSg144B_-OToMjjwhqTDNEEeLmq50oQjd9BqrmrN6pTRofxjymjXPfNg0E&sig=Cg0ArKJSzNNDpT0b4NmlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C1AE5BBC2F784DD689C1AE67F719524A
Requests: 15 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Frame ID: 8F79B4242EE3EA5164C83DCCEF5B109E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D487D46352F40AA39EEE4D75B72D4765
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4024A47A87BAFDD05B60A21A1D41D077
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibd0d2VDCgFvIPQWiW4JJrO3_50lLh-NSxBkVjhMqs_RCvNsFRF-0Y_DHeLN6q446xjJhoeFh77Qd4C5xFoyvSWGsrgabTujW2itNWTf6xgVlMvoqkPWX7YPZ08W15tj5UKuanNDb_ep1HM69OEcnRU5x2ub-9Giksi9x-qtcvcMxRtEi1G4D_jZwEZhc823YcEHttFmg_sHmD76B3YRylP9EXlyfPq53K8InikhOvRIt8cLB1UApby_XCQBqZNO-iAx2C7e0cmJ2MaymcemlruI_zhyHgeNwFbkDJfGYQemBUQFDLrq7TZ6KB1bS0kfTcPi9smTyZ_06VK8PbbbdBkaMkD26kv6dGaOUzQoubBpjFVH4dAHZklKBj_SV&sai=AMfl-YTUG-kB334ZUP1naLETAYIiG3zBZJLcuz5JqXSvSK7u05LdAsRKX8DthsJ5r1C9HOtICTU8_H_87_JPK34lgAgsFJTIyMjaW0y6-ags-Q3sGhFZtw0NPvR4ahxUPRwL5s7qZ-2E3bbSj-5NFZrW&sig=Cg0ArKJSzEPmTAvP-78TEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6EFA09DB093D9FD72D1E0C01759DFDC8
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 51349DFDE734FC0EA0C28C9A147EDE06
Requests: 15 HTTP requests in this frame

Frame: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 887F5C4596166AD676AFDA9732B040C5
Requests: 8 HTTP requests in this frame

Frame: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 43FBC80FC17904EF6EA53600886EE153
Requests: 8 HTTP requests in this frame

Frame: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26B2A83F9CCF2169372081633D2A7F15
Requests: 13 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/masthead_970x250%22,%22eoId%22:2647267620,%22eolId%22:5753320270,%22advId%22:4829257103,%22ecId%22:138358269119,%22w%22:728,%22h%22:90,%22eId%22:%22main_mynet_finans_masthead_970x250_0%22},{%22eaUp%22:%22/28687765/mynet/finans/pageskin_sol_120x600%22,%22eoId%22:460502205,%22eolId%22:4367746458,%22advId%22:125764365,%22ecId%22:138208325154,%22w%22:120,%22h%22:600,%22eId%22:%22main_mynet_finans_pageskin_sol_120x600_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863808076
Frame ID: 916B95C934AADD7B602381F103288B56
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Frame ID: CD9FB5F9A3F839AF103DEF04446FDA6E
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:460502205,%22eolId%22:4389476089,%22advId%22:125764365,%22ecId%22:138314957789,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_1%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:2239286350,%22eolId%22:5653713517,%22advId%22:50486805,%22ecId%22:138359151113,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_3%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:2239286350,%22eolId%22:5653713517,%22advId%22:50486805,%22ecId%22:138359140718,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_2%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:460955805,%22advId%22:50487405,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_0%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_2%22,%22eoId%22:460502205,%22eolId%22:4389476089,%22advId%22:125764365,%22ecId%22:138208642207,%22w%22:300,%22h%22:600,%22eId%22:%22main_mynet_finans_sidebar_300x250_2_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863808447
Frame ID: 8B1912F2FD31921A9A2E3F5F3E9B2E52
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: EB4224ED37B31DFBE9AD634F9E266AC1
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 9F72A6BFDFBB7AA9562A1C0392F12DE6
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=sxjbhtuoer&e=1054109728935
Frame ID: 645FF96E42A9B10804B00198250075EA
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=zhjdhvwvsh&e=1054109728935
Frame ID: 92A3FFC33486DABD508E74DD062BD465
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=ffpkd&e=1054109728935
Frame ID: 3BB23A3DD90249C483D40C559D838BCD
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=sthrrp&e=1054109728935
Frame ID: F0DBCEF416322CA4ADE41F06BF7B3BAE
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=lsbjrbnd&e=1054109728935
Frame ID: 8F1E1D3D853B26ED554948B731E60681
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=vkhlmwwqr&e=1054109728935
Frame ID: 9114DA081E92C0E105A08132330134DE
Requests: 10 HTTP requests in this frame

Frame: https://windsplay.com/r/p.html?f=jjeunqqsy&e=1054109728935
Frame ID: 79DF183224BC24606C5B5ADB6966805A
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: B0A5A471181EB14178BB0403E4C372B0
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 961475D1894E1A6F281FBA8A6C6EAB55
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: D2BAC15E3EE830AE614597B1454CE6E5
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8102726937115843756&gdpr=0&gdpr_consent=
Frame ID: C9BFA590D274B020369C4880BC44F3F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 7B7BDDC33400187D3909F21AC46C0775
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Frame ID: C1FFFD6C7F13FB5C6D0F9150555F1B41
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 91FA0C176EFFA4F0E80A5E05BFE51172
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 5C0FAD6FA34AE9E5359530797A42F6F7
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: C5E3D3EDB091C7684EFBC11A40BC6C64
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 80B694414204FF229852519DFDF9672D
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 68715043214E2E8BB13C8E7082746E62
Requests: 2 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%2228687765/mynet/finans/kule_sag_120x600%22,%22eoId%22:460955805,%22advId%22:50487405,%22w%22:160,%22h%22:600,%22eId%22:%22main_mynet_finans_kule_sag_120x600_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863809524
Frame ID: 00B809036B58C04B18147BC9787433E0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 8D21F637040724AD752051BD4EB6DC73
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 4187676572874FC522DD1F315B4B56D4
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: EE41F0F97F22F000B2070A6466EE3E82
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14018;tid=2;dt=7;p=1;rri=1698863808336_273629_96.9.249.40;mid=48164;zzz=%5B48164%2C1698863808%2C%22HhAgpMCP%2Fe4sIu73hzSUCw%22%5D;version=v2.22.3;cb=0.6683716325592741;qqq=12.401695346550023;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Frame ID: 76D7FFEEBD7D58529086313D3649DD47
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Frame ID: FC8BE7477DC0EF95EA0977F74FC0EA84
Requests: 11 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 63C9157E0A3E6CD1C9D561601F22E394
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 33B4FDD697204535113678E7F12DFB40
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: DBAB507DB1AFF6EBBF8AD036381587FB
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C4303124DE838761AFBBA172F64B09D3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 60A70A0AD42826D9BC502AD955304FD4
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&redir=true&gdpr=0&gdpr_consent=
Frame ID: F854B6CA9364AAB5056B8BD0EE547EEE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Frame ID: CBB980AD50F11B711DE7C53FB29CF6BD
Requests: 1 HTTP requests in this frame

Frame: https://redcarpat.com/a/728x90.png
Frame ID: 91B24C4259C4B642AFDFBBA468A97182
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 079A679BDB1C6FC08A7D91267822FA6D
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 143CF48B2694AE659AE0E20DD1EC169C
Requests: 2 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=192011&cb=65429ac15d322d4558d7b40a7b2f7b22&r=https%3a%2f%2ffinans.mynet.com%2f&crossorigin=false
Frame ID: A1669F893006125ABF229A02EA4D8ED3
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/interstitial_oop%22,%22eoId%22:2647267620,%22eolId%22:5383714757,%22advId%22:4829257103,%22ecId%22:138427522541,%22w%22:1,%22h%22:1,%22eId%22:%22main_mynet_finans_interstitial_oop_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863810581
Frame ID: AD4B4D37E1652A4B36695A3547824D88
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A53FF70B1F78FAA292641E841AE24630
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_gid=CAESEMljQuRjOLuvsUtMBOIx1UA&google_cver=1&google_ula=913071,0
Frame ID: DAB1E7D2522C4C311492D592A609D6EB
Requests: 30 HTTP requests in this frame

Frame: https://a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 94B1D61B550C5D0A382AC22CA5E1ECEC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162930
Frame ID: F4E688D887C3B31F2A230EA3F4CF0AEC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 560F1966DB2DC1AB4B729F01AD623E46
Requests: 1 HTTP requests in this frame

Frame: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Frame ID: EA59407AA16E0A32DCBBCA27198F0CB0
Requests: 21 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 21BE5B65D1B2638913731A8B1F83A614
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1F8335A556A16E0F6927C6DD3073BE93
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A6EA4367F256F5389E25BE1F2F2FE28B
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 19795B75AEAE7AD6F7EC3D334600D8FA
Requests: 2 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Frame ID: 2BDE7712C758282E1C13539D8AB4DA2D
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E3FE9210EC3D414551C3B433F63A9808
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAPVk7KhTYAABiwBT8Rtw&gdpr=0&gdpr_consent=
Frame ID: 999663839E0447E7214C2644FC4C1B5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081728085481991200&gdpr=0&gdpr_consent=
Frame ID: 132FDECBE6A7489C29D7D44D6BA99FAD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: AFF46829800FEF4B201D8268201D9305
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0FA1A2243B2C80B9656F36551A03206D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a0dd2d92-78e5-11ee-bebf-6e5179533f8c
Frame ID: B03DBD22AA2F8D1104716EF74BB7A14D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
Frame ID: 52B78ACC7745D486180567074FAA6703
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 90E83A11A97E9B26E9BA8FDCD8F78AEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Frame ID: 6E1F461F0E36C56D00C95677B71C7FF9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567025533345
Frame ID: E7D075D616FFEAE7A98153ABB1E92FD1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:114uNdiQ1QYg5f5&gdpr=0&gdpr_consent=
Frame ID: 603D355289170853CB4B53BD4612338E
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Frame ID: 44DC0DF8937B2BFDC18BB1957201253C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 56DF47EDCDE5D45E4CE803ADF9F81FD6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0A5025237AA0E17CF71A8901FB41EB14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:JRGHLFp1m5yWjqBkUI_1&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 0524A364E3AC5383990B8D35194311CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9638ec07599c4b9ba58ae1d251bf0cb1
Frame ID: 5F4353A95C3EF051FF86897663845217
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 5007AE5E120565920E6FEAB2918042E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=847523361694
Frame ID: B177A1FA272D4BB6730682CAF5CC2B6F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 420598FCF1F5A1DEFDE87D62C401A092
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: C5EE342CB02E6D0D3AC102F82BB58C94
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n2jWs8pcBwmBUG8sxppCZQ
Frame ID: A3AD680B9607AC4B55F5BFEBCB936941
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Frame ID: 648A95D377FCA5B9ED11F28D7B63CD3D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 32E9969E67B6E74D132B4182B7746E62
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: F4FBE6C663763565E7D970C219191377
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D&gdpr=0&gdpr_consent=
Frame ID: 081D4F370B40A113D955572205B23FED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7521502131361552728
Frame ID: 86AF94EB1E8D11577C9CD80BEB92FA85
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Frame ID: 8C53941E6A85EBE97A627E0D6709C17B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 47C46F01D64F719693EF33A7102017C1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B35F3E684D52A82B64B7960DC97CD8F3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 88184D84D2F1653DAA67FB551A1921EE
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 14991D172CBAAF97468D3FC26E4CC978
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9069E38DF5C2E37D123453E623C223F3
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4FD9F969AAC330210B6D266CC170166
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B8211B399181D4622543AB750964A7D3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D1946F36A29E0DC40281266BD7DF68F5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: FDD738685B3335D6AD833773B241023B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A4CE41070EA0EDAE01A1556643E56E0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 925682883BE4347A68CA0B090483A2AE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: A9DD1D03DD0444C041408065E2146525
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FD38C0F765F79EC1FA5647C265BC2951
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2DFD10586306A2A04EEA24E23AB59A2E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 5B294800E6991B47357E19C243919A89
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5C5B453053EEB754AA6AEEDD0E160166
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6FC8AF2B081A5A6A93F70F4BF0EE75BC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A3103BDD9F0FD1ADE243ABB0B558A399
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: EFFDAEC78697B9249B166628C051D40A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: 5C77F01E85E5A160B7DAF79D8735150D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: 57E5447051547904A7352A4F9ABC1FCC
Requests: 17 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZUKaw8Co8YsAAKnTFt0AAAAA
Frame ID: DFCE63C1E4819E09650371B011EF8328
Requests: 40 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D4B72FD5341AB4F31360E62E685CEBA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 896F714C6AB090D98B160C0ACCE373E0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: E506FBEB7F80052F974870D02061E9FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mynet Finans Haberleri | Ekonomi Haberleri

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

859
Requests

76 %
HTTPS

22 %
IPv6

157
Domains

273
Subdomains

176
IPs

12
Countries

8132 kB
Transfer

24252 kB
Size

309
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://finans.mynet.com/finanspopupform HTTP 301
  • https://finans.mynet.com/finanspopupform/
Request Chain 121
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mynet.com&sn=ChromeSyncframe&so=0&topUrl=finans.mynet.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=0Dyq1HwybGNoSHlLRjIvVlBWQkZ3dTRxS05yOG9nbWppYXZDR1RXSDVRQTR1bzNuTmZFUitUODkwTks3TE16UkZXNVZwVjZDNjl4VnErZmt1UXdyRDIraVdKaTBkeUNOV3M5NVJ4bG1tbytvZWFFeWt2c3pxYitDVlF4ZUZ0MXFHMktpcm9aSDdDMXcwSmVwcXNPOEZTUUlVc0xYeGx3RDRxRzREbVdsWDVrUUptZTZ0ZXpldjVsb0VWSC9xb3lqMlJDTzJONGU2NGt1cXFpQ2tBTmlYejdQTkV1dWZNWHNJUHdTSGlzK2tMYU9NMkNyUXFtaEgvcUx5alVtS2d1bUZxK2s4Zkc1QkdBdlBLWFRyWElVMXZQZjJjZz09fA&cppv=2
Request Chain 124
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp&cc=1
Request Chain 132
  • https://feed.pghub.io/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D
Request Chain 156
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Request Chain 158
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67&dcc=t
Request Chain 159
  • https://match.adsrvr.org/track/cmf/openx?oxid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0&gdpr_consent=
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3&google_tc=
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE6pGgVcG3PSl3gyibjvfDA&google_cver=1
Request Chain 169
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffinans.mynet.com%2F&domain=finans.mynet.com&bundle=w0_j6l9jU2ZuRGNZWVJKTWQzUnNYcmY1U2IlMkJGTmZmcTJqa0Z4Um54UXVBVkU1S2oyeFhoZ0xBeGolMkJKWm1hNnN6UyUyRnl5NmZTOWE0M0hma0pQb2ZYWlpyQWdMWkI1eHlDUENNdEZOSHFQVnFHR3M5N0VsSTV4Nkxxb0YzTTJLSEtBNGVvS3NrSGZMNEJuWGVGYUY2Q2dGMmx0WFElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iLQUx3w5Rzl3bXdwd2Q2b083bUhSajJDUzlZanRBU01TdTg2c3Z0UTJrd0ZtY3BvM2xnSFdKOVVNMUNxTmI3S3Q1NG5wYk9YMVJuQUtNbmNjVmxyMWg5WE10d1dqOFRrOFllM2dtZndXSVBTMFRUNExDajV1dnJqRnlSQ3lMdlZUTXlUVGVFd3VLbU9Uc1doVmFrdG9sTThDTTIyZ2Y2TnJOL3lzOG5nb2ExdGJlTU8vTGxYUkdkT1RvdUpCUjYyaW5BbHV2VHlKMDh5ekdpNWRsNmVNQlRSeE5ZYkdzTkJwV2Z5WFNwK0Z1Y1RGcGRlclZza0pxdnFpd0JNWit3UWhwbFVLMzVMR05ZRkNRaUlFcDFxT3FUNXdCVHVQWDU0ZnY0THVMUUtnZTZIZUxFRT18&cppv=2
Request Chain 232
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=D8KFEiCd2B%2FOOGQOBDXK8RHetzxvK8FZuqSD4w2i270%3D
Request Chain 241
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=LHwsLQtmpSA6arMUTQToP4KADmSqfbtMosFAZoz1dI0%3D
Request Chain 254
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.85770774 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.85770774 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7081728085481991200;cb=0.85770774
Request Chain 255
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.85770774 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.85770774&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI0NEQ2QjYtQ0ZBQi00QTkwLUE1RTUtRUI2OTA4MkQyRERG&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.85770774&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DD244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Request Chain 256
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bindx%3D&s=199174&C=1 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;indx=ZUKawDK-TRds0rU7ur19jwAABZcAAAIB
Request Chain 257
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.85770774 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-uy4BfKZE2uLRY6TnjKxKhej8umS1VkeU~A
Request Chain 258
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bsonobi%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;sonobi=303b087c-cde9-45aa-8a17-dbb86e6d13f1
Request Chain 259
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.85770774 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LOG3NB0A-E-2RSZ
Request Chain 260
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D HTTP 307
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
Request Chain 261
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=78da4519-7068-4644-93a5-ec56127063a8
Request Chain 276
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2bca8c55ec
Request Chain 277
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3B0BD726E5DF48818E605A6E7F99D71D&ex=simpli.fi&status=ok
Request Chain 278
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=2a46ab3495f9a8282fty3400log3ncks
Request Chain 279
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3418654096634453000V10
Request Chain 280
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=yJVikJH2IfNeZTqVVYNo&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA%26p%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DPHcaG2VLKoFCODcjZCPpBzXMUN5u1Rozkw0SYA3C40anvzOUCvC4r9OkWOv0J_JQ%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA&p=openx&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=PHcaG2VLKoFCODcjZCPpBzXMUN5u1Rozkw0SYA3C40anvzOUCvC4r9OkWOv0J_JQ&uid=ec9188fb-7a49-4337-8642-47df2d66c3ac HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA&p=15268&obUid=PHcaG2VLKoFCODcjZCPpBzXMUN5u1Rozkw0SYA3C40anvzOUCvC4r9OkWOv0J_JQ&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Request Chain 306
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8102726937115843756&gdpr=0&gdpr_consent=
Request Chain 343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGI5YjU1YWItMTI4Yi00OTFmLWI0NDgtMTExNjAzMDdjZWI5 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 345
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0YyVlPbk5VUDGAjAjfq4uHNknqJzZf52DzXNKw&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 346
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
Request Chain 347
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 348
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1701455809%26external_user_id%3D2ea68917-cfbf-4385-824d-28009b967746 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1701455809&external_user_id=2ea68917-cfbf-4385-824d-28009b967746
Request Chain 349
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZUKawDK.TRds0rU7ur19jwAA%261431
Request Chain 350
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dcbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253Dcbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3Dcbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 351
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=CoW8UMfBUSNUXv9jpxnClmAJ-Sg HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 352
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7081728085481991200
Request Chain 382
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Economy&us_privacy=&random=1698863809018.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Economy&us_privacy=&random=1698863809018.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MldiQk9LLUl5bTRKT25WRHRCc3pPa2lGNEJJaFdTWDdHWTFJckhQbnQzVFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPmdqZs1e6eq5xH0p8PKLoU&google_cver=1
Request Chain 383
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2&expected_cookie=5f1e54dc-d96f-4b5e-8365-d330c38dc637
Request Chain 384
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&us_privacy=&random=1698863809018.3 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&buid=0&buid2=212330338063484&random=1698863809 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&buid=0&buid2=212330338063484&random=1698863809&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif?UID=15ed04f149c3c739af77e6e46816018a
Request Chain 385
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&ts=1698863809018.4 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65429ac122e23100018f0cc4%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/an/7081728085481991200?ch=65429ac122e23100018f0cc4&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/2ea68917-cfbf-4385-824d-28009b967746?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 386
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&pcat=Economy&pdev=&pctry=US&referrer=https%3A%2F%2Ffinans.mynet.com%2F&us_privacy=&cache_buster=1698863809018.5 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D20212f60-3090-4066-ba12-9907ff511e0c%253A1698863810.178902%26pid%3D500040%26it%3D1%26iv%3D20212f60-3090-4066-ba12-9907ff511e0c%253A1698863810.178902%26_%3D1698863810.1809328&cb=1698863810.1809802 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316567025533345&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D20212f60-3090-4066-ba12-9907ff511e0c%253A1698863810.178902%26pid%3D500040%26it%3D1%26iv%3D20212f60-3090-4066-ba12-9907ff511e0c%253A1698863810.178902%26_%3D1698863810.1809328 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&pid=500040&it=1&iv=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&_=1698863810.1809328 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902&pid=500040&_li_chk=true&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902&previous_uuid=2c9fb33e7648466a9d56007ab3acbeaa HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902
Request Chain 387
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&random=1698863809018.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcd4d6cd0-d133-41ed-95ce-4459e909b2d6%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 388
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&random=1698863809018.7&pu=https%3A%2F%2Ffinans.mynet.com%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212330338063484&seg_code=33x&random=1698863809
Request Chain 389
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 390
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863809033.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 391
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2f563103-0c1f-4c62-9f7b-4f469acb0125 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr%7EA&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 393
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=12b0ec8e1dee04c2&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMzWd-H6meeQNu_K7tAAAAAAA&expiration=1698950210&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMzWd-H6meeQNu_K7tAAAAAAA&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 394
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=132091664134189312048 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=132091664134189312048&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 411
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=430e9519-57dd-4285-93b8-8e3371ef0ab6&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZUKawpvqYhA8ClhACcBne1ob
Request Chain 412
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=g9YrwKwhx-UDWVnFRsQ-PQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 413
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=ec13e11d-fd99-437c-bc7d-26cefe5834b6
Request Chain 414
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
Request Chain 417
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMDk0NmRlOWEtYzhlMC00OGFiLWJhNTQtOTU4MWFjNDY2NTVmEAAaDQjCtYqqBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&rand=08654148
Request Chain 418
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7081728085481991200
Request Chain 419
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 420
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZUKawgAAiz1TOgAU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUKawgAAiz1TOgAU&_test=ZUKawgAAiz1TOgAU
Request Chain 422
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=JRGHLFp1m5yWjqBkUI_1&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPKKKJDUQTCGOAYW2NLZK5VHCQTLKVEV6MI
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0kTWts-rSpCl5etpCC0t3w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 439
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH36tXgCq2h_s4B970pucpM&google_cver=1
Request Chain 443
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D
Request Chain 444
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Request Chain 446
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ekn1w95E2uVGS6fgGM6IyMKnjalHIVA-~A&gdpr=0
Request Chain 448
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LOG3NB0A-E-2RSZ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LOG3NB0A-E-2RSZ&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 457
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3D8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA%26u%3D%24%7BUSER_ID%7D&gdpr=&consent=&us_privacy=&_bee_ppp=1 HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA&u=AAAPVk7KhTYAABiwBT8Rtw
Request Chain 458
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=ZKhc8F8xMjJCb3pKbk1sWTNsMVh5Y2JoYUtRNFdsVkVzQXMlMkZhZTFvZjFJTzJacmslM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-KoKQZfbk5VUDGAjAjfq4uHNknqKlNkHD9F9Y8w HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=228b581f-144d-494c-bdd8-71fc6775964c&ssp=criteo HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=2f563103-0c1f-4c62-9f7b-4f469acb0125
Request Chain 461
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGI5YjU1YWItMTI4Yi00OTFmLWI0NDgtMTExNjAzMDdjZWI5 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 463
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=18b38ed2fadf2409&is_secure=true&networkId=44410&version=1&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAMzWd-H6mefgNyjpw_AAAAAAA&expiration=1698950210&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 464
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
Request Chain 488
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjExOWExMTUwNDhhZWMzNGFlYjIyNTIxYjY2ZTZiNjU0YjJkZWQ2OA&gdpr=0
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEChWMr83IKQj2S0kDnZC2D0&google_cver=1
Request Chain 491
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=&expires=30
Request Chain 492
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9HM05CMEEtRS0yUlNa&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOHt2NoMMcN2Oy4oITLOSzw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HM05CMEEtRS0yUlNa&google_push=&gdpr=0
Request Chain 493
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ofVg-tsPhT6GD19zcQIWbA?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CtPvUBJE2oL3eUv0wV5pKqArxA8jt7jrW.tdSQ--~A
Request Chain 494
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GIIV1QVEQ2C4VvqnGVYIUA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GIIV1QVEQ2C4VvqnGVYIUA&gdpr=0
Request Chain 495
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 496
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAPVk7KhTYAABiwBT8Rtw&expires=30&gdpr=0
Request Chain 497
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 498
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 499
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 500
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 501
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 502
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ec13e11d-fd99-437c-bc7d-26cefe5834b6&expires=30&gdpr=0
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_cm&google_hm=ay1oQnFjb1BiazVWVURHQWpBamZxNHVITmtucUlZTUt6VVM1NTZRZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_gid=CAESEMljQuRjOLuvsUtMBOIx1UA&google_cver=1&google_ula=913071,0
Request Chain 559
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7081728085481991200
Request Chain 560
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&custom=&tag_format=img&tag_action=sync&custom=&cb=fd2316d7-3f2f-4618-8364-d07aab420205 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=fd2316d7-3f2f-4618-8364-d07aab420205&final=true&reqid=9f4d47f0-78e5-11ee-9e69-8f1574a29fd6&timestamp=2023-11-01T18%3A36%3A51.055Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=7081728085481991200&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=9f551020-78e5-11ee-9114-754cbae26fc0?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=3aaf53616af7e0a0473fc65708a297be&tag_format=img&tag_action=sync&cb=680079742 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=2ea68917-cfbf-4385-824d-28009b967746&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=9f551020-78e5-11ee-9114-754cbae26fc0&cb=1698863811467&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1698863811467 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=0d49804e-88e1-491f-aa46-15c8b602106a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1698863811467
Request Chain 569
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=KWic8s9lWD4l8PuMrkAW9iBuIdiPHcNv
Request Chain 573
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ
Request Chain 574
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
Request Chain 584
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&dpid=58301
Request Chain 591
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm
Request Chain 592
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LOG3NB0A-E-2RSZ HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG3NB0A-E-2RSZ HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863811&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 594
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=W1T57OolNOWut5rXF1GZWyLVgQzCZf6K
Request Chain 651
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
Request Chain 652
  • https://pr-bh.ybp.yahoo.com/sync/taboola/df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
Request Chain 653
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A9zlfrNE2uGymE2VbPH_R_SIeyv.GlMu~A&gdpr_in_effect=0
Request Chain 666
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBUFZrN0toVFlBQUJpd0JUOFJ0dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAPVk7KhTYAABiwBT8Rtw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAPVk7KhTYAABiwBT8Rtw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAPVk7KhTYAABiwBT8Rtw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8102726937115843756&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAAPVk7KhTYAABiwBT8Rtw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8102726937115843756%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8102726937115843756&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAPVk7KhTYAABiwBT8Rtw&gdpr=0&gdpr_consent=
Request Chain 667
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081728085481991200&gdpr=0&gdpr_consent=
Request Chain 670
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a0dd2d92-78e5-11ee-bebf-6e5179533f8c
Request Chain 671
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
Request Chain 672
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_af8c400b-fefb-4c38-96ff-536516d87cfc&bsw_param=2f563103-0c1f-4c62-9f7b-4f469acb0125&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 673
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Request Chain 674
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567025533345
Request Chain 675
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:114uNdiQ1QYg5f5&gdpr=0&gdpr_consent=
Request Chain 676
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=08570027-32eb-4c40-9d76-c1e5924bc40c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Request Chain 677
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 678
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 679
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:JRGHLFp1m5yWjqBkUI_1&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 680
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9638ec07599c4b9ba58ae1d251bf0cb1
Request Chain 682
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=847523361694
Request Chain 683
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 685
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n2jWs8pcBwmBUG8sxppCZQ
Request Chain 686
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698863813679 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1456599807 HTTP 302
  • https://sync.1rx.io/usersync/turn/3122232386686183181?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e4c2eda9-3348-421f-a826-59e66031b2ba-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Request Chain 688
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=94e8a1fa-1e5d-4a5f-a4fc-4a0c2e0b0771
Request Chain 692
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent=
Request Chain 693
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=714af3cc0e162409&is_secure=true&networkId=17100&version=1&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACpBt41ob6NANkkI0pAAAAAAA&expiration=1698950213&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 695
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
Request Chain 696
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10B7A5111_6C454A54&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 697
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 698
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4978319480049069945
Request Chain 699
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081728085481991200
Request Chain 709
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D&gdpr=0&gdpr_consent=
Request Chain 710
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7521502131361552728&uid=Q7521502131361552728&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7521502131361552728
Request Chain 713
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f
Request Chain 716
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:74559447-8dd9-43d7-a2be-9d320f1b460e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 743
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HlbcdBZHBgn1_7qYR6GvAvRY
Request Chain 744
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=2ea68917-cfbf-4385-824d-28009b967746
Request Chain 745
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=f9794e9a6bdc7990d9f6696e54e51d6d
Request Chain 752
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZUKaw8Co8YsAAKnTFt0AAAAA
Request Chain 753
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=b48ad48155ff48ec824435cf1d526db7 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=b48ad48155ff48ec824435cf1d526db7
Request Chain 756
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LOG3NB0A-E-2RSZ
Request Chain 757
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=l6C5vXmxhja9&ev=1&orig=trc&pid=562107
Request Chain 758
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false&ckls=true&ci=bKSiOMSxN7&nc=false&trid=2108127203
Request Chain 759
  • https://pr-bh.ybp.yahoo.com/sync/taboola/df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
Request Chain 760
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab3495f9a8282fty3400log3ncks
Request Chain 764
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1698863814168&ip=96.9.249.40&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D214700604687009727552 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=214700604687009727552
Request Chain 766
  • https://pixel.onaudience.com/?partner=137085097&mapped=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=46e8c9e3fcaefc4f HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=2ea68917-cfbf-4385-824d-28009b967746&bid=1e2n4ou
Request Chain 767
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=7081728085481991200&orig=trc
Request Chain 768
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEI_u2PqQ3jho4DQnO-AEVLc&google_cver=1
Request Chain 769
  • https://idsync.rlcdn.com/382399.gif?partner_uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEINCdo-lcc7IbpVlOUUXdz4&google_cver=1
Request Chain 772
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639635123206357020 HTTP 307
  • https://ml314.com/csync.ashx?fp=4d53065043e6b5352f350a18fa460335ea04ffe743357de87a35cfe61d54e2e0f4cb09cee1a4f8eb&person_id=3639635123206357020&eid=50082
Request Chain 773
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Request Chain 774
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
Request Chain 776
  • https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstorygize-network%2F1%2Frtb-h%3Ftaboola_hm%3D41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c HTTP 302
  • https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
Request Chain 778
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 780
  • https://id5-sync.com/s/464/9.gif?puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F6%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/203/6/2.gif?puid=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=2ea68917-cfbf-4385-824d-28009b967746&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/4/4.gif?puid=303b087c-cde9-45aa-8a17-dbb86e6d13f1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F796%2F3%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/796/3/5.gif?puid=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/2/6.gif?puid=7081728085481991200&gdpr=0&gdpr_consent=
Request Chain 781
  • https://pixel.advertising.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1 HTTP 301
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
Request Chain 784
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=2f563103-0c1f-4c62-9f7b-4f469acb0125 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=2f563103-0c1f-4c62-9f7b-4f469acb0125&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=OTRkY2Y0ZGM3MjBhYzQy&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=2f563103-0c1f-4c62-9f7b-4f469acb0125 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 786
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c&tbid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&query=taboola_hm%3D228b581f-144d-494c-bdd8-71fc6775964c&isDirect=0
Request Chain 787
  • https://usermatch.krxd.net/um/v2?partner=taboola HTTP 302
  • https://trc.taboola.com/sg/salesforce/1/cm?taboola_hm=P4-w6nWt
Request Chain 790
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=DfQmfKyCUNjIWZLNKMvn&pi=taboola&tc=1
Request Chain 791
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dbba42df-efa6-4f9c-9783-14f434a0a033
Request Chain 801
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=fbb86542-9ac6-4700-bd4b-aaa10c0881a4&gdpr=0&gdpr_consent=
Request Chain 802
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOG3NB0A-E-2RSZ&gdpr=0
Request Chain 803
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7081728085481991200
Request Chain 804
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=75527e5ee3c4a273825829902549ed&gdpr_consent=&gdpr=0
Request Chain 806
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4wsllpyaqQaw5Vf80kzdLl-fSBj3LgmDA
Request Chain 807
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8102726937115843756
Request Chain 808
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
Request Chain 809
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Request Chain 810
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKzyZ8grTC5CgSQDt4wqgfw&google_cver=1
Request Chain 811
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=l6C5vXmxhja9&ev=1&us_privacy=&pid=562985
Request Chain 812
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=53ecef42e6112409&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMzWd-H6me3QM7j1mHAAAAAAA&expiration=1698950214
Request Chain 813
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-MKhZLERE2uHCRj8iySDB.j8t.8GQ72mYN.clcCg-~A
Request Chain 814
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Request Chain 815
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2810316567025533345&expires=30&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
Request Chain 819
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG3NB0A-E-2RSZ&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG3NB0A-E-2RSZ&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=LOG3NB0A-E-2RSZ&dpid=58160
Request Chain 820
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG3NB0A-E-2RSZ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOG3NB0A-E-2RSZ
Request Chain 821
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=091fbef4-0606-49f1-9543-0aa647a63ab7
Request Chain 822
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4978319480049069945
Request Chain 823
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=74a7c137-edb2-4cba-9830-5340de3649b8
Request Chain 824
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Request Chain 825
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOG3NB0A-E-2RSZ
Request Chain 826
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7081728085481991200&expires=30
Request Chain 827
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3122232386686183181&expires=60&gdpr=0&gdpr_consent=
Request Chain 828
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6230504512 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2ea68917-cfbf-4385-824d-28009b967746 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Request Chain 829
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 830
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LOG3NB0A-E-2RSZ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-e4c2eda9-3348-421f-a826-59e66031b2ba-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005&expires=30
Request Chain 831
  • https://match.deepintent.com/usersync/143 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_66bb61ecc3374ad5a3b55
Request Chain 832
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LOG3NB0A-E-2RSZ
Request Chain 833
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Request Chain 834
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG3NB0A-E-2RSZ HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863814&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 842
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG3NB0A-E-2RSZ&obUid=&initiator=
Request Chain 843
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG3NB0A-E-2RSZ&name=RUBICON
Request Chain 844
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOG3NB0A-E-2RSZ
Request Chain 845
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LOG3NB0A-E-2RSZ
Request Chain 846
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LOG3NB0A-E-2RSZ
Request Chain 847
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&expires=360&gdpr=0&gdpr_consent=
Request Chain 848
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZUKawgAAiz1TOgAU
Request Chain 849
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=a0dd2d92-78e5-11ee-bebf-6e5179533f8c&expires=60
Request Chain 850
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3B0BD726E5DF48818E605A6E7F99D71D&expires=365
Request Chain 851
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=OqmQotReTlksHds9aVDTkQ HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=243494afab8b06a9&is_secure=true&networkId=12783&version=1&nuid=OqmQotReTlksHds9aVDTkQ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAABsL8Vy-glswMTv3_JAAAAAAA&expiration=1698950214&nuid=OqmQotReTlksHds9aVDTkQ&is_secure=true
Request Chain 853
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LOG3NB0A-E-2RSZ
Request Chain 854
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LOG3NB0A-E-2RSZ
Request Chain 855
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG3NB0A-E-2RSZ
Request Chain 857
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296564521511483533&expires=730
Request Chain 858
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LOG3NB0A-E-2RSZ
Request Chain 859
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Request Chain 860
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOG3NB0A-E-2RSZ
Request Chain 861
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=l6C5vXmxhja9&ev=1&pid=560687
Request Chain 862
  • https://b1sync.zemanta.com/usersync/rubicon/ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=JRGHLFp1m5yWjqBkUI_1
Request Chain 863
  • https://ums.acuityplatform.com/tum?umid=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=847523361694&expires=30&us_privacy=1---
Request Chain 864
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17136_2 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LOG3NB0A-E-2RSZ
Request Chain 865
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LOG3NB0A-E-2RSZ
Request Chain 866
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LOG3NB0A-E-2RSZ
Request Chain 867
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33645_10B7A5111_6C454A54&expires=60
Request Chain 868
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=VRyGl1pI0ZdOGYSXVkufnAFIh5ZOStSTBxBUe4oi
Request Chain 869
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856 HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LOG3NB0A-E-2RSZ
Request Chain 870
  • https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=74559447-8dd9-43d7-a2be-9d320f1b460e
Request Chain 871
  • https://ssbsync.smartadserver.com/api/sync?callerId=87 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=8102726937115843756&gdpr=0&gdpr_consent=
Request Chain 872
  • https://rcp.c.appier.net/rbcm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=n2jWs8pcBwmBUG8sxppCZQ&expires=365
Request Chain 873
  • https://p.rfihub.com/cm?in=1&pub=64 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2810316567025533345&expires=30

859 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
finans.mynet.com/ 		428 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
3d0660498ab0d1bd836663fdd30c5d4fe210309f729de28b27d57aafa2fb56de
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
accept, authorization
access-control-allow-origin
*
age
-6
allow
GET, HEAD, POST
cache-control
max-age=30
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 18:36:38 GMT
server
MerlinCDN
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
x-cache
HIT 139
x-cache-status
EXPIRED
x-edge
us-vga-ovc-s02
x-host
finans.mynet.com
x-midtier
de-fra-lea-s01
x-no-session
yeah
x-powered-by
Mynet Team
x-url
/
x-xss-protection
1
publishertag.js
static.criteo.net/js/ld/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-20336"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:36:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13588785ca151c7d5c44da515b61af335f758c9dbefcacc92503c692a94da69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30451
x-xss-protection
0
server
cafe
etag
907 / 19662 / m202310250101 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:45 GMT
ads-manager.js
adl.mynetreklam.com/mynetads/ads-manager/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adl.mynetreklam.com/mynetads/ads-manager/ads-manager.js?id=fc0fba2078f399f92e0085d1096a5d6e
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
964d7eead413c7ace594bbf3c3d36f2e8951fd2b398bd547324d2a0ca0901ba6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
cteonnt-length
75087
date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
expires
Wed, 23 Oct 2024 11:14:43 GMT
last-modified
Tue, 24 Oct 2023 10:51:13 GMT
server
nginx
x-rocket-node
edge129.ist.tr.eu.rocketcdn.com
etag
"6537a1a1-1254f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
x-rocket-mastercachestatus
MISS
prebid.js
adl.mynetreklam.com/mynetads/ads-manager/ 		289 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=90e62d270c45c8c5c005aac81369135e
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
3c8a5ccf28d1a56b704a5a22f9ec235a4443affa442b9e5cb818b2c1dfb0e276

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
cteonnt-length
295729
date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
expires
Wed, 23 Oct 2024 11:00:14 GMT
last-modified
Tue, 24 Oct 2023 10:51:13 GMT
server
nginx
x-rocket-node
edge129.ist.tr.eu.rocketcdn.com
etag
"6537a1a1-48331"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
x-rocket-mastercachestatus
HIT
highchart-lib.js
s.mynet.com.tr/rosetta/services/finans/production/build/js/ 		436 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/finans/production/build/js/highchart-lib.js?id=b96194a58d42ad99efd3
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
5abfd8ab46a4e86711cb174b6d104b0ff139b26d11602ac3176fa82372cbc06c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
2532644
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 181
x-url
/rosetta/services/finans/production/build/js/highchart-lib.js?id=b96194a58d42ad99efd3
x-midtier
tr-ist-shy-s01
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 03 Oct 2023 08:40:05 GMT
server
MerlinCDN
etag
W/"651bd365-6d14c"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
mynet-logo.png
img7.mynet.com.tr/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/mynet-logo.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a5440147c494bb87fa48e4591f10c8ab73e6bde14482823a8cc14f3743e88cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Wed, 20 May 2015 12:09:33 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"555c797d-12fe"
content-type
image/png
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4862
x-rocket-mastercachestatus
HIT
16502184-182x182.png
imgrosetta.mynet.com.tr/file/16502184/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16502184/16502184-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
8a7948d5993a97547ff1e87dadc06eb1ef153c5670a9156f99665c238f82a4e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Mon, 06 Feb 2023 10:15:23 GMT
server
MerlinCDN
age
23010240
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2008
16525024-182x182.png
imgrosetta.mynet.com.tr/file/16525024/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525024/16525024-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
eed5901fd5955a29a7afdd078852c9819ee51c76dcd5450c67a39d7338859143

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
xurl
/file/16525024/16525024-182x182.png
content-length
1608
last-modified
Wed, 08 Feb 2023 09:08:44 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525035-182x182.png
imgrosetta.mynet.com.tr/file/16525035/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525035/16525035-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
07080db4a60b13090f06061aa2383d4aa43bd283c3c113e557a0454fa2e2edc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/16525035/16525035-182x182.png
content-length
2178
last-modified
Wed, 08 Feb 2023 09:08:44 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525126-182x182.png
imgrosetta.mynet.com.tr/file/16525126/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525126/16525126-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
a0015fc7791128b4c046015c2f3946f64f7f7c534f456f0f300c7d48feb396b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
xurl
/file/16525126/16525126-182x182.png
content-length
4376
last-modified
Mon, 06 Feb 2023 10:15:23 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
17129883-182x182.png
imgrosetta.mynet.com.tr/file/17129883/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17129883/17129883-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
b7a4d576dd59da934fee65cb3c69ff0906f0f4d7ed5ea148d4e674166283dc40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 31 May 2023 07:58:05 GMT
server
MerlinCDN
age
13326236
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7712
17334086-182x182.png
imgrosetta.mynet.com.tr/file/17334086/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17334086/17334086-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
c2011cfd63bee587e8f983468db059a65a45a38ea47423b5032fdb899292feaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Mon, 10 Jul 2023 11:09:02 GMT
server
MerlinCDN
age
9876138
x-midtier
tr-izm-nt-s12
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5182
17405721-182x182.png
imgrosetta.mynet.com.tr/file/17405721/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17405721/17405721-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
56367325de85b2e06b638bc4da34d5f7a0d481e6884c99e04e6453cf51b6c2fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
8672141
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/17405721/17405721-182x182.png
content-length
4588
last-modified
Mon, 24 Jul 2023 09:40:32 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525134-182x182.png
imgrosetta.mynet.com.tr/file/16525134/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525134/16525134-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
fc0733663ef32c5ad20c46f55ebe690e71fd61c9ac3ce725a607c1bb24d7d263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 08 Feb 2023 10:48:49 GMT
server
MerlinCDN
age
23010240
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4434
16610245-182x182.jpg
imgrosetta.mynet.com.tr/file/16610245/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16610245/16610245-182x182.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
81b8017abe5da96be9135b4cfd6553bb4649aeb9ef4d2a9a4b99166819aa30d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
22228567
x-midtier
de-fra-dp-s02
x-cache-status
HIT
xurl
/file/16610245/16610245-182x182.jpg
content-length
4628
last-modified
Fri, 17 Feb 2023 11:32:03 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525419-182x182.png
imgrosetta.mynet.com.tr/file/16525419/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525419/16525419-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
08fb945ecff3080d5c4b244ba0b1d40287098115d9ab3e76d00365a6ca2dca6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-lea-s01
x-cache-status
HIT
xurl
/file/16525419/16525419-182x182.png
content-length
9172
last-modified
Wed, 08 Feb 2023 09:08:53 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525233-182x182.png
imgrosetta.mynet.com.tr/file/16525233/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525233/16525233-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
880c0eabf03f4fec614a19bb0dcb8ea745b4c5afc974ecf1a100cf8f0cbdee0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010230
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/16525233/16525233-182x182.png
content-length
5902
last-modified
Mon, 06 Feb 2023 10:15:24 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525218-182x182.png
imgrosetta.mynet.com.tr/file/16525218/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525218/16525218-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
8f5c4dd25ffd23e474d2c19e35830f0a9301487863571af94e72cf683df02294

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-lea-s01
x-cache-status
HIT
xurl
/file/16525218/16525218-182x182.png
content-length
5486
last-modified
Wed, 08 Feb 2023 09:08:53 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525201-182x182.png
imgrosetta.mynet.com.tr/file/16525201/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525201/16525201-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
171e1152112aa644b26e522490fac6d7af8fbfe84026f57e84643a0a9f89597f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-dp-s02
x-cache-status
HIT
xurl
/file/16525201/16525201-182x182.png
content-length
7756
last-modified
Wed, 08 Feb 2023 10:48:08 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525156-182x182.png
imgrosetta.mynet.com.tr/file/16525156/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525156/16525156-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
5e42c2be34effffcf1c1e633b88e56641256dec07d2399ebe499382943aaf144

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-dp-s02
x-cache-status
HIT
xurl
/file/16525156/16525156-182x182.png
content-length
6124
last-modified
Wed, 08 Feb 2023 08:53:45 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525157-182x182.png
imgrosetta.mynet.com.tr/file/16525157/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525157/16525157-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
30e6acbc0b4e4df291f8288427a382443c33df34af7ddf6cb74ac23052de7e35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-dp-s02
x-cache-status
HIT
xurl
/file/16525157/16525157-182x182.png
content-length
968
last-modified
Wed, 08 Feb 2023 09:04:57 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525225-182x182.png
imgrosetta.mynet.com.tr/file/16525225/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525225/16525225-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
8a24a013d0d51ec949db155f205e63c2c27ffc44431173bf8efece138fe3eb0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
xurl
/file/16525225/16525225-182x182.png
content-length
5332
last-modified
Wed, 08 Feb 2023 08:53:46 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
16525170-182x182.png
imgrosetta.mynet.com.tr/file/16525170/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525170/16525170-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
e911bc233973fac136f8ae6d13d39feb3fbf1d48832fc54c79bfd708ec59dfce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 08 Feb 2023 09:08:53 GMT
server
MerlinCDN
age
23010240
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10202
16525219-182x182.png
imgrosetta.mynet.com.tr/file/16525219/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525219/16525219-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
1aa99e3703ee6004253234af79780b3a442c9f8d815db8af63339a7e087371aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 08 Feb 2023 09:04:57 GMT
server
MerlinCDN
age
23010240
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4544
16525228-182x182.png
imgrosetta.mynet.com.tr/file/16525228/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525228/16525228-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
0fbed36f1d5bbc3152724c9164f2083415b4b55e27162fdd9918b4b6addef0d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 08 Feb 2023 09:08:53 GMT
server
MerlinCDN
age
23010258
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5080
16525234-182x182.png
imgrosetta.mynet.com.tr/file/16525234/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16525234/16525234-182x182.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
d87b4b821657af7b82c1b628e6a434f3f5a7229deb0a53cb896ff97c1063faa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
age
23010240
x-midtier
de-fra-lea-s01
x-cache-status
HIT
xurl
/file/16525234/16525234-182x182.png
content-length
5082
last-modified
Wed, 08 Feb 2023 09:08:53 GMT
server
MerlinCDN
allow
GET, HEAD
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
swiper.js
s.mynet.com.tr/rosetta/services/finans/production/build/js/ 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/finans/production/build/js/swiper.js?id=10ad6473484630a85272
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
e79ea1660891c1fa8fdfa06807f426ce708da4734ab373dbc83cc54bd88d7c46

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
2522012
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
HIT 181
x-url
/rosetta/services/finans/production/build/js/swiper.js?id=10ad6473484630a85272
x-midtier
tr-ist-sh-s03
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 03 Oct 2023 08:40:05 GMT
server
MerlinCDN
etag
W/"651bd365-2244d"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
17913999-640x360.jpg
imgrosetta.mynet.com.tr/file/17913999/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17913999/17913999-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
562b0f723956e54741572d4c30312c7d950e898ac951870c238f781f32cbc229

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 17:25:09 GMT
server
MerlinCDN
age
0
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26882
17912217-640x360.jpg
imgrosetta.mynet.com.tr/file/17912217/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17912217/17912217-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
fafd3623f0910824163053e42b2ea632f66c10cd6fd1989ab96378d3a0daae85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 11:53:10 GMT
server
MerlinCDN
age
22722
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9420
16691962-640x360.jpg
imgrosetta.mynet.com.tr/file/16691962/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16691962/16691962-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
45336f6501dea8588209c08e7b1361357e55806390b64f9e0c6180924fab3591

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 07 Mar 2023 07:08:09 GMT
server
MerlinCDN
age
31970
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
nncoection
close
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37304
17762269-640x360.jpg
imgrosetta.mynet.com.tr/file/17762269/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17762269/17762269-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
aa8a55ad091507039c0b325a8774cf3ec969feedc32f6fe3fe4325e7f65c5257

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 04 Oct 2023 11:47:15 GMT
server
MerlinCDN
age
30926
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17718
17345389-640x360.jpg
imgrosetta.mynet.com.tr/file/17345389/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17345389/17345389-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
0bd543e7dbeb25e340c1acc4648c7b82d5301765f110cd34b15475c049d8eb4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 12 Jul 2023 10:29:12 GMT
server
MerlinCDN
age
34081
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29378
17910614-640x360.jpg
imgrosetta.mynet.com.tr/file/17910614/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910614/17910614-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
11b76b0a3deef2926813d8398baf2c1c525e5b77a294331dde62aa3a73191ecf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 08:27:10 GMT
server
MerlinCDN
age
35083
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17158
17910072-640x360.jpg
imgrosetta.mynet.com.tr/file/17910072/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910072/17910072-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
5352598de66410b75bcd02c874b7c4a6e3ce6fc31dcfa9def8be08700d615c9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 07:34:09 GMT
server
MerlinCDN
age
37845
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13910
17910076-640x360.jpg
imgrosetta.mynet.com.tr/file/17910076/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910076/17910076-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
bde19f4a3fa16cd6de5aa9e7881ab84d9832ab6875b811f41969f51951abedcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 07:36:09 GMT
server
MerlinCDN
age
37844
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
36232
16918669-640x360.jpg
imgrosetta.mynet.com.tr/file/16918669/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16918669/16918669-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
97ec8317eca94aee1e1b14950a33b74a6ea8ab93671d4192b0b29caa2a0caf85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Fri, 21 Apr 2023 04:40:10 GMT
server
MerlinCDN
age
40771
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15252
17776007-640x360.jpg
imgrosetta.mynet.com.tr/file/17776007/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17776007/17776007-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
a468ea1ed5ef12c1121e7349c9da833f2f83252c8e07135d12b04560e706317e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Sat, 07 Oct 2023 05:21:10 GMT
server
MerlinCDN
age
44006
x-midtier
tr-ist-sh-s10
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23926
17832300-640x360.jpg
imgrosetta.mynet.com.tr/file/17832300/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17832300/17832300-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
9f06561abd3e08c6308ebb38f79c912c04a096b5e33205b3012726af83b80f91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 18 Oct 2023 10:19:12 GMT
server
MerlinCDN
age
46903
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16900
17909274-640x360.jpg
imgrosetta.mynet.com.tr/file/17909274/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17909274/17909274-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
c6a64a5398b9ba6931d60744d3191c11ff3a1815eea04f668a9ae91ccb4f5f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 05:25:10 GMT
server
MerlinCDN
age
40771
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32050
16510380-640x360.jpg
imgrosetta.mynet.com.tr/file/16510380/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16510380/16510380-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
dd7287c9b0bc593bb61c5713d6a45d36567ea792a4633a37dd117084dd2e96b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Feb 2023 08:02:19 GMT
server
MerlinCDN
age
44655
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15572
17326756-640x360.jpg
imgrosetta.mynet.com.tr/file/17326756/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17326756/17326756-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
28bae386c7312f92e3acce044e2a365106c821fe057069e65de0c33dca5986a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Sun, 09 Jul 2023 06:36:10 GMT
server
MerlinCDN
age
87236
x-midtier
tr-ist-sh-s10
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11180
17906480-640x360.jpg
imgrosetta.mynet.com.tr/file/17906480/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17906480/17906480-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
2665b1f56bade8919ab8e7b65767a5a6019890ca0d9eb2283346f81668053fcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 31 Oct 2023 11:03:19 GMT
server
MerlinCDN
age
112424
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11918
17913999-80x40.jpg
imgrosetta.mynet.com.tr/file/17913999/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17913999/17913999-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
6e31acf63e434886817895a03fe632f38ace76c3cdc14d7e0111bc8b0f3a33ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 17:25:08 GMT
server
MerlinCDN
age
0
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1344
17912217-80x40.jpg
imgrosetta.mynet.com.tr/file/17912217/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17912217/17912217-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
3e418e2ce87928e65184bcf57615049c15660e06d71f0ca13d4d6e7049d2aa42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 11:53:09 GMT
server
MerlinCDN
age
22722
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
832
16691962-80x40.jpg
imgrosetta.mynet.com.tr/file/16691962/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16691962/16691962-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
1b04761b52e03384f43756054b6373f9be5d3d4259eac47a740a105ae6ae6b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 07 Mar 2023 07:08:08 GMT
server
MerlinCDN
age
30926
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1064
17762269-80x40.jpg
imgrosetta.mynet.com.tr/file/17762269/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17762269/17762269-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
4c6cfc5416af0b5713e19d15318350026765867eed1af21a3bf9a05513bd725e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 04 Oct 2023 11:47:14 GMT
server
MerlinCDN
age
30925
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
936
17345389-80x40.jpg
imgrosetta.mynet.com.tr/file/17345389/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17345389/17345389-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
0164ce509803fc6210f597581b66a4734c39bdf4f4cde617282acf437752551c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 12 Jul 2023 10:29:13 GMT
server
MerlinCDN
age
30925
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1268
17910614-80x40.jpg
imgrosetta.mynet.com.tr/file/17910614/ 		922 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910614/17910614-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
0804922375443bb3c6e692891b49bd60d3a010eb710719a29070f9eed4ca4f37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 08:27:08 GMT
server
MerlinCDN
age
35083
x-midtier
tr-ist-sh-s10
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
922
17910072-80x40.jpg
imgrosetta.mynet.com.tr/file/17910072/ 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910072/17910072-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
6ff2915e0b128eb70b843aa092a6d2b0701fd8c22a72d0fa5a0d984ccce0ae00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 07:34:09 GMT
server
MerlinCDN
age
37844
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
892
17910076-80x40.jpg
imgrosetta.mynet.com.tr/file/17910076/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17910076/17910076-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
ae1c06e52b4d644ef0c94459ad52801198fcc8f6be120e731cfb3abbda776bb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 07:36:09 GMT
server
MerlinCDN
age
37844
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1438
16918669-80x40.jpg
imgrosetta.mynet.com.tr/file/16918669/ 		762 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16918669/16918669-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
161d1a13deadbef3346b3a0a22dab97771fadb50fd158f5937c489f5084b1881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Fri, 21 Apr 2023 04:40:09 GMT
server
MerlinCDN
age
40771
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
762
17776007-80x40.jpg
imgrosetta.mynet.com.tr/file/17776007/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17776007/17776007-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
c6bfac501387b5db779c443e722e2b0a8dc9476046807b0630eccdfbd2847896

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Sat, 07 Oct 2023 05:21:09 GMT
server
MerlinCDN
age
37845
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1200
17832300-80x40.jpg
imgrosetta.mynet.com.tr/file/17832300/ 		630 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17832300/17832300-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
879b12ebd3812760d99e96559d4889748fd4b3a9626e724450514fcd5f3c8de3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 18 Oct 2023 10:19:12 GMT
server
MerlinCDN
age
40771
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
630
17909274-80x40.jpg
imgrosetta.mynet.com.tr/file/17909274/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17909274/17909274-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
886c9e9c1ce436b961a3b3faeb4b450f0e4b93d8f6e5486d4d89c10143dfb24b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 05:25:09 GMT
server
MerlinCDN
age
40771
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1252
16510380-80x40.jpg
imgrosetta.mynet.com.tr/file/16510380/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/16510380/16510380-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
82d68919ac4dd04350f90d87e73b41f8322e2d41788399a09d39e3297eb6d795

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Feb 2023 08:02:17 GMT
server
MerlinCDN
age
44654
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1094
17326756-80x40.jpg
imgrosetta.mynet.com.tr/file/17326756/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17326756/17326756-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
239c0404f41b8ecfabfc27e304f56c551de955bb3444aae3059f197326f36eaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Sun, 09 Jul 2023 06:36:09 GMT
server
MerlinCDN
age
87236
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
858
17906480-80x40.jpg
imgrosetta.mynet.com.tr/file/17906480/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17906480/17906480-80x40.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
52d3aa3b6beb711662fa7a9ef0cd1bb8a1a97078d99d6eedcdddc41235bc4646

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 31 Oct 2023 11:03:10 GMT
server
MerlinCDN
age
112424
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
952
finans-2023-banner-min-v2.png
img7.mynet.com/finans/anlikborsa/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com/finans/anlikborsa/finans-2023-banner-min-v2.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
8d59dde90e75aa683a3d3bcfbd2396c5bb9a4f66ec1047cd264ee73f2ccbe0aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Tue, 05 Sep 2023 08:55:55 GMT
server
nginx
x-rocket-node
edge125.ist.tr.eu.rocketcdn.com
etag
"64f6ed1b-21766"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
137062
x-rocket-mastercachestatus
HIT
bulten-img-min.jpg
img7.mynet.com.tr/rosetta/services/finans/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/rosetta/services/finans/bulten-img-min.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
c6c3e99115a5d17592224f646b18b5911bb7e8268873309da05ef3c914c63f4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Wed, 09 Oct 2019 13:51:35 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"5d9de5e7-1820"
content-type
image/jpeg
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6176
x-rocket-mastercachestatus
HIT
myheadjs.js
s.mynet.com.tr/rosetta/services/plugins/production/js/ 		124 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
85ceeb932710968444775a17888188e82c20e7181e7f6a75504f9a7ac98ecfdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
2547448
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
x-midtier
tr-ist-sh-s10
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 26 Sep 2023 12:28:45 GMT
server
MerlinCDN
etag
W/"6512ce7d-1ef49"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
pub-5363230075630845
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-5363230075630845?ers=1
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
918c55ecf036a1faf033a52b2b9c04981b8721bc0acd6f3cccc0c3984e2bb096
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k5xnKl9_z8ih-zLT9GbQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-k5xnKl9_z8ih-zLT9GbQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:29:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
40014
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135100
x-xss-protection
0
server
cafe
etag
11278338207436733902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 07:29:51 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4fd9ad329677ab75a20d16e52912e93faec9b6ef732e8a1fcfd4cca8bd6085

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
bebeveyn-hamburger.png
img7.mynet.com.tr/rosetta/kadin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/rosetta/kadin/bebeveyn-hamburger.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
e734001f9b5dc5f853731ea8a8381412114a462fc3149bd17ff090613b4bbca1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Mon, 10 Jul 2023 11:33:31 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"64abec8b-e10"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3600
x-rocket-mastercachestatus
HIT
tatil-bulucu-menu.png
img7.mynet.com.tr/trend/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/trend/tatil-bulucu-menu.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
83cb0e8355d2618914eda65af8c01f53b193104076a7dab600740eca88fd33f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Mon, 24 Jul 2023 11:16:46 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"64be5d9e-b71"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2929
x-rocket-mastercachestatus
HIT
search.png
img7.mynet.com.tr/finans/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/finans/search.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
b921e908d6ce4ef392ea9dcccb81979ecabff1b270efc6cb64154154af56f3fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Mon, 30 May 2016 06:57:06 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"574be442-3b1"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
945
x-rocket-mastercachestatus
HIT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95acaa393a26bd1c5d32e38f928f4f5454e81901bcd52ad9d54076c8dd63b30d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v9/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:20:21 GMT
x-content-type-options
nosniff
age
494184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11404
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 01:20:21 GMT
fontello.woff2
s.mynet.com.tr/font/fontello/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/font/fontello/fontello.woff2?59298931=
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
6f7cf69e3239becc6e1d07a5794bad6cd73b3de3bc9eba298075e3bbec454de6

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
11232
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/font/fontello/fontello.woff2?59298931=
x-midtier
tr-izm-nt-s16
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Thu, 21 Jan 2021 09:55:28 GMT
server
MerlinCDN
etag
W/"60094f90-1730"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=86400
access-control-allow-headers
accept, authorization
jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
fonts.gstatic.com/s/ptsans/v9/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fea8fa6cca374bef06530e25207876800c809a84666bfca794929bff87db6619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:08:49 GMT
x-content-type-options
nosniff
age
448076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:08:49 GMT
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v9/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d613ba0e478b9a0db3481d87caff8cb0bd479ab81cb6e8e3283905ce639a924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:20:21 GMT
x-content-type-options
nosniff
age
494184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11248
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:27:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 01:20:21 GMT
jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
fonts.gstatic.com/s/ptsans/v9/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2376b3c5ed9934fd8f2bd7a3700d3c2acfc9c7e6c56ef138763cd14c0af7f8f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:20:21 GMT
x-content-type-options
nosniff
age
494184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7100
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 01:20:21 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 18:36:45 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Oct 2024 18:36:45 GMT
truncated
/ 		108 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8021127d464e3b21afcacb688d79b4ff96886e70c0ccb68d70943fdce862f6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		109 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
065798c3743052bb3a8dafa210a39b6faa6292906c17c3b187f58726e97b8cd3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
17913999-640x360.jpg
imgrosetta.mynet.com.tr/file/17913999/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17913999/17913999-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
562b0f723956e54741572d4c30312c7d950e898ac951870c238f781f32cbc229

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 17:25:09 GMT
server
MerlinCDN
age
1
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26882
17906480-640x360.jpg
imgrosetta.mynet.com.tr/file/17906480/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17906480/17906480-640x360.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
2665b1f56bade8919ab8e7b65767a5a6019890ca0d9eb2283346f81668053fcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 31 Oct 2023 11:03:19 GMT
server
MerlinCDN
age
112424
x-midtier
tr-izm-nt-s16
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11918
truncated
/ 		531 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b1dd19a266505184096d44355e0b3e77198a752a48a26abeedc9c9a5e88c937

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ede5464d17d6a88a7718024b167033dab8c60ee61041b6857846ccab737fdcef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61157c7be31c8bc5b8b78f1edd9c3e94e00814731572ad7fa8a26adc2e9f7db1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
finans.mynet.com/finanspopupform/ Frame CC02
Redirect Chain
  • https://finans.mynet.com/finanspopupform
  • https://finans.mynet.com/finanspopupform/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/finanspopupform/
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
bc11ef7a188e884688451232534f8a4f12e50517ce9fd36eface7fed07d95bdc
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
accept, authorization
access-control-allow-origin
*
age
-6
allow
GET, HEAD, POST
cache-control
max-age=30
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 18:36:40 GMT
server
MerlinCDN
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
x-cache
HIT 140
x-cache-status
EXPIRED
x-edge
us-vga-ovc-s02
x-host
finans.mynet.com
x-midtier
tr-ist-shy-s03
x-no-session
yeah
x-powered-by
Mynet Team
x-url
/finanspopupform/
x-xss-protection
1

Redirect headers

access-control-allow-headers
accept, authorization
access-control-allow-origin
*
age
-6
allow
GET, HEAD, POST
cache-control
max-age=30
content-length
408
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 18:36:40 GMT
location
https://finans.mynet.com/finanspopupform/
server
MerlinCDN
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
x-cache
HIT 140
x-cache-status
EXPIRED
x-edge
us-vga-ovc-s02
x-host
finans.mynet.com
x-midtier
de-fra-dp-s02
x-powered-by
Mynet Team
x-url
/finanspopupform
x-xss-protection
1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27e6044195f80348486dfa4eaddfa2d36e35251885fb3796f442b3227377cb3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
mynet-logo.png
img7.mynet.com.tr/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/mynet-logo.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a5440147c494bb87fa48e4591f10c8ab73e6bde14482823a8cc14f3743e88cba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Wed, 20 May 2015 12:09:33 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"555c797d-12fe"
content-type
image/png
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4862
x-rocket-mastercachestatus
HIT
firebase-app.js
www.gstatic.com/firebasejs/9.10.0/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.10.0/firebase-app.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19579
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:21:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 04:58:37 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/9.10.0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.10.0/firebase-messaging.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1afb6f415fd545753fdb37277ae67733cd31f7ce1991b0c20f0df10278b28fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 21:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:21:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 21:21:17 GMT
gtm.js
www.googletagmanager.com/ 		297 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90c6f0173af209a738ef4a31e1168a7ffdbb259928673dbe1beb88ee65e80407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93384
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 18:36:46 GMT
sdk.js
connect.facebook.net/tr_TR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ffca9f8126574f59ca85f998efbd8ac2829fb31970f80122f7dc2a6fc76194b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 18:36:46 GMT
content-md5
YMstP+B/2jRvQYbnbF7qiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
x-fb-debug
iavRQKMCFsXm+vINLVsvzd8Lp4krCihlEbY2XLxC1noPUBysMn8Uzr+Yzas6ajZY/ZRq5oDxHoKGSCaGzLrCNA==
x-fb-content-md5
b2f79023a730ce65fbb38330d6f7f2ef
cross-origin-opener-policy
same-origin-allow-popups
etag
"f94a01e269eb0112d1cf98355f1a0935"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:55:50 GMT
responsive-category.js
s.mynet.com.tr/rosetta/services/finans/production/build/js/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/rosetta/services/finans/production/build/js/responsive-category.js?id=722dec534a3ae81323d5
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
6d649e51ff53a388135f4abc549dde7dc2ce7490f76132ebc37eddb329c45e4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:45 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
187625
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/rosetta/services/finans/production/build/js/responsive-category.js?id=722dec534a3ae81323d5
x-midtier
nl-naw-ws-s08
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Mon, 30 Oct 2023 14:28:45 GMT
server
MerlinCDN
etag
W/"653fbd9d-1b502"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=31536000
access-control-allow-headers
accept, authorization
28687765
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/28687765?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
474b07dd5c2ac6e79a970223fb68ea782ee1e8397322fb9e29438203d089e564
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ab4r7eqnDH64AfTkMztlfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Ab4r7eqnDH64AfTkMztlfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Nov 2023 18:36:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hbboplc9z7qYYSm5Og8eORyrkpwajEcbIWVmk2EKgiyXKa/ZA2kBINd7fBzJadWEkJvPAIgpW7yp6HK0JpNNHQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
most-shares-live-user-data.json
finans.mynet.com/static/ 		827 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/static/most-shares-live-user-data.json
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
a721a8b2b5e9834c6fb1bff6153558a3aa182bf17d35dbcad400bd188ce5bec1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://finans.mynet.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:39 GMT
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
17
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
HIT 140
x-url
/static/most-shares-live-user-data.json
x-midtier
nl-naw-ws-s08
x-host
finans.mynet.com
x-xss-protection
1
last-modified
Wed, 01 Nov 2023 18:30:02 GMT
server
MerlinCDN
etag
W/"33b-6091b75a59330"
allow
GET, HEAD, POST
content-type
application/json
access-control-allow-origin
*
x-edge
us-vga-ovc-s02
cache-control
max-age=30
access-control-allow-headers
accept, authorization
sdk.js
connect.facebook.net/tr_TR/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=8a1e5dfd863ea2fcbab6e08a0222bab3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ccf95b7ae6f7e251fdc3b4169e7d2641dfcc9f40264432c4da036d131e12fd70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 18:36:46 GMT
content-md5
FplgeRI89tERiPh4GWGWWQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86986
reporting-endpoints
x-fb-debug
PacoUiN/Mb1DGvHegUgA4u6hCnx4LZNjrz1B3f7B61PyDNFrGF9CxlFFhFIQRYYFxi2o2X0dm/rXrqplcNuVpg==
x-fb-content-md5
7dc6bdd7bc93f6c5440b2f12788db67a
cross-origin-opener-policy
same-origin-allow-popups
etag
"d8d04a65d52ee591188dc8366fad27e4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 31 Oct 2024 16:50:21 GMT
syncframe
gum.criteo.com/ Frame AA27 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=finans.mynet.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:46 GMT
server
Kestrel
server-processing-duration-in-ticks
482300
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
AGSKWxUZAY_kfImRQYLl-IYA9BnRdpBOeCIN8FfB_7J_38-DRNZ2onNNgPbinWUEeijo6Xd7YULRK746jiITQRPSXz-mzUuRwUw2tCsgr9ORv989TN6ib5AjSsSm9CtCkc_hHgSyLyKs2Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUZAY_kfImRQYLl-IYA9BnRdpBOeCIN8FfB_7J_38-DRNZ2onNNgPbinWUEeijo6Xd7YULRK746jiITQRPSXz-mzUuRwUw2tCsgr9ORv989TN6ib5AjSsSm9CtCkc_hHgSyLyKs2Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODYzODA2LDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9maW5hbnMubXluZXQuY29tLyIsbnVsbCxbWzgsIlZ1Y2xrU05EanpRIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8b41c81ad84d05d870268e9ef73c1b560b9e6a2b24e5eb15dbabae5f51b7105
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1uZEW0x_hvMIILw2oPOmIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-1uZEW0x_hvMIILw2oPOmIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:36:46 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
4431
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ec62beba1ec-YYZ
expires
Sat, 04 Nov 2023 18:36:46 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:19:40 GMT
content-encoding
gzip
age
670626
x-guploader-uploadid
ADPycdunjzoC_5kd_pcklt_k9IQ-RNVYXtjSu5R3pnAafvoAMuEvC0zFznsCdUVAbDdBg1Es79cW-0rDweMYtaXlWiJXKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 24 Oct 2024 00:19:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-44.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:14:45 GMT
content-encoding
gzip
via
1.1 624af3183ce1b00cf50f6784c9133fb2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C1
age
44522
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
u_wbYIOwxr550GTW1S0PKtfyHXTIzUBgzR2TB8Me-pO0nd0vMqNjtA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
6a3e5530506fbb54c7f540f445e21846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 18:36:46 GMT
x-content-type-options
nosniff
content-encoding
br
age
17105
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-ewr18182-EWR
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
84AH53BZ72ED6XT6
age
1717
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81f63ec62e014bcf-BUF
x-amz-id-2
FmItWHcw0k7L9tm2HzeJzE+86ZFBsu6Bg7jZTbDMIB+76HpLgvvlmomjLJQIaVDUXtqki7y/dX1hFk/0eiQPLQ==
925116257506425
connect.facebook.net/signals/config/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/925116257506425?v=2.9.138&r=stable&domain=finans.mynet.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7d286e7d9000db83b87acf32f08541994c71d5f9eae651aac7cb6904edb342d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Nov 2023 18:36:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33693
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
4Ro5lbor7U46Lut6W3nBs2sy4XRgvX0Mvw+uUiMXtTqjGIaL8mewtvME2No+KW+E9QHnQHg8QxPsz6nzX9cIaw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
goolgle-play-icon.png
img7.mynet.com.tr/footer/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/goolgle-play-icon.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
acb947e2eebaa33f79022a4f09c62a2aa2fe66d14bbe5b3e526496e79e2e7bc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c42456-1c4a"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7242
x-rocket-mastercachestatus
HIT
app-store-icon.png
img7.mynet.com.tr/footer/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/app-store-icon.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
b811bba243402dd0f4e387efc1134be758728283b481cce3deb139d868245010

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c42456-1282"
content-type
image/png
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4738
x-rocket-mastercachestatus
HIT
huawei-app-gallery-icon.png
img7.mynet.com.tr/footer/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/huawei-app-gallery-icon.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
4b13b8918cbdfebdbc7727fdb82a83fdd77465b002501f6d718ee871b16fe9c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Tue, 05 Jul 2022 11:45:26 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c42456-2e3e"
content-type
image/png
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11838
x-rocket-mastercachestatus
HIT
footer-icon-youtube.svg
img7.mynet.com.tr/footer/ 		642 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-youtube.svg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
16519f02cd04c7d61dd738385238629dd5d90a7137468c88bfd31c4ea8c77fb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
Thu, 31 Oct 2024 18:36:46 GMT
last-modified
Tue, 05 Jul 2022 11:45:17 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c4244d-282"
content-type
image/svg+xml
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
642
x-rocket-mastercachestatus
HIT
17904792-300x170.jpg
imgrosetta.mynet.com.tr/file/17904792/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17904792/17904792-300x170.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
227583e6c4104eed39454068496455b1f28c7dae55c5970e8d92b75d4503bc10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 31 Oct 2023 08:03:35 GMT
server
MerlinCDN
age
124105
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10156
17617044-300x170.jpg
imgrosetta.mynet.com.tr/file/17617044/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17617044/17617044-300x170.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
4e712aa485451a3407001e95d95162361525022095acd9ee56ed0e22a77ddde7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 06 Sep 2023 04:44:05 GMT
server
MerlinCDN
age
221698
x-midtier
tr-ist-sh-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6046
17891767-300x170.jpg
imgrosetta.mynet.com.tr/file/17891767/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17891767/17891767-300x170.jpg
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
ade9b56bb11495aa59ce69c1ac3a4867c2314a0ae1c506041cc67f0c356f18d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Sun, 29 Oct 2023 05:56:57 GMT
server
MerlinCDN
age
303659
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9832
js
www.googletagmanager.com/gtag/ 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b878826767db4ddd4320d17440d1209000c5de9617beb8af048ee96f4dd6aa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91688
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 18:36:46 GMT
containr.js
cdn.mookie1.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.22 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-22.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
59bf69bcb73a067dc5a15f87f4d1236bf10b7eb558ab5697286d3f4419b604fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:46 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
1177
Last-Modified
Thu, 28 May 2020 09:27:37 GMT
Server
AkamaiNetStorage
ETag
"b48b8b10a8dae52dda97f6860932dcc0:1590658057.20858"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 01 Nov 2023 18:37:46 GMT
AZX0YAIM.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/AZX0YAIM.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQ2B72
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
3acc4b97d2bf93f371f191dc5fa85a1da8259718ff09cb8f5bb06b479c4b19f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
ERRAEY2MWEJZR6D9
cdn-cachedat
07/01/2022 15:31:48
cdn-pullzone
55316
x-amz-id-2
NYtBHPPB37jcd8SvzHReM6NbVzkiNfLJBDPXcxNBwOZMFU8aR2Svkjs0+DciTSAnoT8LrWT+7lE=
last-modified
Tue, 01 Feb 2022 19:20:27 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"0879409a6baf07081f84f6484958c67d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
7ccae14039870ae1e72517ed1797ec34
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
loader.js
cdn.taboola.com/libtrc/mynetnewtr-mynet/ 		616 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf5a59a057964558cefa9f827a5efdc6dabc613bbca58a4631bd0ac906e16005

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
cTbv4rb.Vfz_S8yvGWFuzMOSzbl4GE_4
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:46 GMT
x-amz-request-id
93PQWENJ2D4R68ES
age
22465
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
41692
x-amz-id-2
7gHFQ648aEXlHvjLKkyx2mbl6fgcRzuYyo3kOE24uz9Z/krVyEiCY85OhXLe+LtxOTr8AB/PPb0=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 01 Nov 2023 12:12:05 GMT
server
AmazonS3
x-timer
S1698863807.601290,VS0,VE0
etag
"a346c8c21bb2927acab4dc57eb899383"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
107
/
gethit.mynet.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gethit.mynet.com/?callback=cb&_=1698863805838
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
212.101.122.30 , Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:40:18 GMT
content-encoding
gzip
age
3388
x-guploader-uploadid
ABPtcPr-Y_7-Z7F2pI3hgrxaYp5mlfxq0QU4lPL3WSaik-CQLqluHY9YCLgKpUulpi-_kq6e4nL41nzGSUU98hx7pHDAxy0UPCP5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
AGSKWxUT4-pAq_F0c9UK6HtpJCQ5y6fgYj-pLFlhIJdUlSPpCfp8wPRbvQgCno59-xbjc87c0kB0YiLHikD3clJbPhWU2SX74xIotoIbju6b9DgsoLMRT4kOAr3i8_sQFwhxn8ZtSQiVkw==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUT4-pAq_F0c9UK6HtpJCQ5y6fgYj-pLFlhIJdUlSPpCfp8wPRbvQgCno59-xbjc87c0kB0YiLHikD3clJbPhWU2SX74xIotoIbju6b9DgsoLMRT4kOAr3i8_sQFwhxn8ZtSQiVkw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODYzODA2LDM5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly9maW5hbnMubXluZXQuY29tLyIsbnVsbCxbWzgsIlZ1Y2xrU05EanpRIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b081ec38d7c0ebdef59b1baf2e7193806196d1ffa51dad41474222000b81347e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZoXmJRVowuytrecVsA2gaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZoXmJRVowuytrecVsA2gaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4SD1QQV4KB&gtm=45je3au1v880594548z876712499&_p=1900464849&_gaz=1&gcd=11l1l1l1l1&cid=1924489594.1698863807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698863806&sct=1&seg=0&dl=https%3A%2F%2Ffinans.mynet.com%2F&dt=Mynet%20Finans%20Haberleri%20%7C%20Ekonomi%20Haberleri&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Service=finans&ep.content_id=&ep.content_type=&ep.content_title=&ep.content_tags=&ep.content_created_at=&ep.content_updated_at=&ep.content_level1_category=&ep.content_level2_category=&ep.content_author_type=&ep.content_author_username=&ep.content_page_type=homepage&ep.visitor_username=false&ep.visitor_products=&ep.visitor_login=1&ep.visitor_cookie_sizesegment=%3C500&ep.referer_site=direct&ep.content_affiliate=&ep.content_evergreen=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4SD1QQV4KB&cid=1924489594.1698863807&gtm=45je3au1v880594548z876712499&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SD1QQV4KB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=925116257506425&ev=PageView&dl=https%3A%2F%2Ffinans.mynet.com%2F&rl=&if=false&ts=1698863806584&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=30&ler=empty&it=1698863806175&coo=false&rqm=GET
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Nov 2023 18:36:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sid
mug.criteo.com/ Frame AA27
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mynet.com&sn=ChromeSyncframe&so=0&topUrl=finans.mynet.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=0Dyq1HwybGNoSHlLRjIvVlBWQkZ3dTRxS05yOG9nbWppYXZDR1RXSDVRQTR1bzNuTmZFUitUODkwTks3TE16UkZXNVZwVjZDNjl4VnErZmt1UXdyRDIraVdKaTBkeUNOV3M5NVJ4bG1tbytvZWFFeWt2c3pxYitDVlF4ZU...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0Dyq1HwybGNoSHlLRjIvVlBWQkZ3dTRxS05yOG9nbWppYXZDR1RXSDVRQTR1bzNuTmZFUitUODkwTks3TE16UkZXNVZwVjZDNjl4VnErZmt1UXdyRDIraVdKaTBkeUNOV3M5NVJ4bG1tbytvZWFFeWt2c3pxYitDVlF4ZUZ0MXFHMktpcm9aSDdDMXcwSmVwcXNPOEZTUUlVc0xYeGx3RDRxRzREbVdsWDVrUUptZTZ0ZXpldjVsb0VWSC9xb3lqMlJDTzJONGU2NGt1cXFpQ2tBTmlYejdQTkV1dWZNWHNJUHdTSGlzK2tMYU9NMkNyUXFtaEgvcUx5alVtS2d1bUZxK2s4Zkc1QkdBdlBLWFRyWElVMXZQZjJjZz09fA&cppv=2
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
946734d47a8f34328d5b91ff5db2aeff627ac73062477305cc1bc090d46e4c6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2893730
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0Dyq1HwybGNoSHlLRjIvVlBWQkZ3dTRxS05yOG9nbWppYXZDR1RXSDVRQTR1bzNuTmZFUitUODkwTks3TE16UkZXNVZwVjZDNjl4VnErZmt1UXdyRDIraVdKaTBkeUNOV3M5NVJ4bG1tbytvZWFFeWt2c3pxYitDVlF4ZUZ0MXFHMktpcm9aSDdDMXcwSmVwcXNPOEZTUUlVc0xYeGx3RDRxRzREbVdsWDVrUUptZTZ0ZXpldjVsb0VWSC9xb3lqMlJDTzJONGU2NGt1cXFpQ2tBTmlYejdQTkV1dWZNWHNJUHdTSGlzK2tMYU9NMkNyUXFtaEgvcUx5alVtS2d1bUZxK2s4Zkc1QkdBdlBLWFRyWElVMXZQZjJjZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
509896
content-length
0
expires
0
learn
tr-gmtdmp.mookie1.com/t/v2/ 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_726797&src.rand=1043803335&depp=6.3.2-7
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.111.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.111.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
activity
tr-gmtdmp.mookie1.com/t/v2/ 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_726832&src.rand=940881483&depp=6.3.2-7
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.111.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.111.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp&cc=1
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
640ba2c4b6a52fb19d78486d2c38a0dc7a0b6cd7eba077c41989b7b4bcd7b8c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-RVAwsHGfYa8g6Mqxja/oSvkpr/8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://finans.mynet.com
location
/esp?url=https%3A%2F%2Ffinans.mynet.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=AZX0YAIM&h=https%3A%2F%2Ffinans.mynet.com%2F&tcfc=1&t=1698863806620
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/AZX0YAIM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7c0d9b475133f1eed1996d69fe390776e490045a8accbe491d2158372bfb15ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		156 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b2341b9f495b3a3d812ca1ec7568c120b71c593657ff8e97fd7f11ba8c17e372

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache
x-server
10.40.61.198
access-control-allow-credentials
true
content-length
156
expires
0
normalize.css
s.mynet.com.tr/popover/bulten/css/ Frame CC02 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/popover/bulten/css/normalize.css
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/finanspopupform/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
52643
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
HIT 182
x-url
/popover/bulten/css/normalize.css
x-midtier
nl-naw-ws-s08
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Tue, 17 Feb 2015 07:10:10 GMT
server
MerlinCDN
etag
W/"54e2e952-1e76"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=86400
access-control-allow-headers
accept, authorization
emailwidget.css
s.mynet.com.tr/widgetemail/ Frame CC02 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/widgetemail/emailwidget.css?v=1
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/finanspopupform/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
bfe27df2acb78baf3b832ac6308d3b9b6549785f422bb3b0c2af242e1d90bb7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
5018
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
HIT 182
x-url
/widgetemail/emailwidget.css?v=1
x-midtier
tr-ist-sh-s03
x-host
s.mynet.com.tr
cip
192.168.42.1
last-modified
Fri, 11 Jun 2021 07:06:55 GMT
server
MerlinCDN
etag
W/"60c30b8f-5e8"
vary
Accept-Encoding, Accept-Encoding
allow
GET, HEAD, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=86400
access-control-allow-headers
accept, authorization
load.js
pm-widget.taboola.com/mynetnewtr-mynet/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/mynetnewtr-mynet/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
075c19e8bfd08072fcfe14dddd4fde1d69737880192e0ef05ab111105c72c9aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
upeBjmqn6v71ZVS6X3bfCVvgGtmsZqS9
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:46 GMT
x-amz-request-id
0CX3DVGZN315KMVG
age
0
x-cache
HIT
content-length
1133
x-amz-id-2
3txaBFMBFnwF1ZJ1zE+A0RfZx8GdEZRD5ZHPnuH4z7VKEyjXz37dQZufSsFpmkwTX4TO2XtG8JA=
x-served-by
cache-yyz4569-YYZ
last-modified
Fri, 29 Sep 2023 05:11:04 GMT
server
AmazonS3
x-timer
S1698863807.718127,VS0,VE152
etag
"35bf1e27cd4f19d64021ecffa2600f54"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231101-5-RELEASE.js
cdn.taboola.com/libtrc/ 		816 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
43260b3e830dc7e16eaf0554d00f15020357d9c13e553978034d878850cb763e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
Ue0v9oXRWcKpSMc7zNMS9p_qfLSU1fty
content-encoding
br
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:46 GMT
x-amz-request-id
RACAPPPJ9B1X61B0
age
1618
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172851
x-amz-id-2
Z9C3/iWdEf8USEWNe+Dpbq2goWL3zOa0//uvNMWlNhPwtWNz1/1ZvbGBpd2jS0gMVqmAtXEj1bk=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 01 Nov 2023 10:00:44 GMT
server
AmazonS3-br
x-timer
S1698863807.706278,VS0,VE0
etag
"f765887f860a79098a8980da5a30f3fd"
vary
Accept-Encoding
content-type
application/javascript
abp
86
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1186
tag
pandg.tapad.com/ Frame 7CDD
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%...
  • https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5...
592 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
0f6de6cbf854fc545bbbbc22a610e4f4fb706ab87641a5202af212d083ede94d
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Wed, 01 Nov 2023 18:36:46 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Wed, 01 Nov 2023 18:36:46 GMT
location
https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
gotham-fonts.css
s.mynet.com.tr/front/fonts/ Frame CC02 		0
424 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.mynet.com.tr/front/fonts/gotham-fonts.css
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/widgetemail/emailwidget.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN / Mynet Team
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.mynet.com.tr/widgetemail/emailwidget.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
via
HTTP/2.0 Merlin CDN
age
57411
x-powered-by
Mynet Team
x-cache-status
HIT
x-cache
MISS 182
x-url
/front/fonts/gotham-fonts.css?tmpl=mobile
x-midtier
de-fra-dp-s02
x-host
s.mynet.com.tr
cip
192.168.42.1
content-length
0
last-modified
Tue, 23 May 2023 14:06:30 GMT
server
MerlinCDN
etag
"646cc866-0"
allow
GET, HEAD, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
accept, authorization
iat-realtime-7.0.11-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=AZX0YAIM&h=https%3A%2F%2Ffinans.mynet.com%2F&tcfc=1&t=1698863806620
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
4797SKN03JWGPYQT
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 18:53:12
cdn-pullzone
55316
x-amz-id-2
621zPJZX5cWmI8P5+EIKfUPbjXRWbCZA7+2vRSrD9761TsI4EgAs21QfJYwVsmHlpRJ/D8rfOF4=
last-modified
Tue, 19 Sep 2023 08:22:46 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"75857c4fac071c7c848bbe0f76263cf8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
b60c298803dd42da70e4502bc947bf65
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
iat-1.14.20.js
cdn.insurads.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.14.20.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=AZX0YAIM&h=https%3A%2F%2Ffinans.mynet.com%2F&tcfc=1&t=1698863806620
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
RC5HFK3YWHB9JMRE
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 18:52:20
cdn-pullzone
55316
x-amz-id-2
/8VitTzHSKfXGIvnhEzXxzcffDhED9wIAwFNcsLbW3E5S9nkvRgeRdW2Dy4ZlsWeJwdSQ2f7Big=
last-modified
Tue, 24 Oct 2023 14:38:13 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"2b9d33be45a640fc410b9057606a5237"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
e3a61bdbed53288ab73113daf44b4cff
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		138 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=1870&vId=C32E2DC4C9A3B7BC&s=2243&fpc=1&nv=1&h=https%3A%2F%2Ffinans.mynet.com%2F&tcfc=1&lts=0&ts=1698863806778&iatId=296abd68389dbd337db4085c8dc9b57c&iatIdB=073a8a0f4289d45fd414bd6b0d9748cb&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=MJOZZIBREM
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/AZX0YAIM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
MIN-516360.js
apv-launcher.minute.ly/api/launcher/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-516360.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
18e403b4ef714f789598459b3586725a50a2309c7029719ffa6312ed8d2ffcc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:46 GMT
Content-Encoding
gzip
X-HW
1698863806.dop227.ch4.t,1698863806.cds082.ch4.shn,1698863806.dop227.ch4.t,1698863806.cds211.ch4.c
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
14128
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=&gdpr=0&gdpr_consent=undefined&gdpr_pd=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bb55cc7dbdf5b209ce3feea51a79225d52a7299f1cf0e1c67840c0d6c3868899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1145236
expires
60
pd
google-bidout-d.openx.net/w/1.0/ Frame 95E8 		594 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0dcfa455e01770d3e10fc8c77d2a191c7b9ad950f7ef4a021bfb807cd75d86bf

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
383
content-type
text/html
date
Wed, 01 Nov 2023 18:36:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pmk-20220605.7.js
pm-widget.taboola.com/mynetnewtr-mynet/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/mynetnewtr-mynet/pmk-20220605.7.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/mynetnewtr-mynet/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e5aeadecb57dfeb8fa94fd8fb3b7feda13d73a4c0a7663ca1626cf7e879edd9

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
afF7YmLUTNtYtYnTk3jvoviw0fkUHU3O
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:47 GMT
x-amz-request-id
QD70RDDDZ7JP3SRD
age
1319581
x-cache
HIT
content-length
28796
x-amz-id-2
fN1NkIfBfSCVy4i0zQQvUtDkT/RDqTIVaJ1dY9o/b9nclq2BoGrHsptuR1M1hsPX7iyiQELZmIk=
x-served-by
cache-yyz4535-YYZ
last-modified
Fri, 29 Sep 2023 05:11:03 GMT
server
AmazonS3
x-timer
S1698863807.016080,VS0,VE0
etag
"a0830c1c5ecc64291104d91fb45346a1"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2
pb
mynet.rtb.pixad.com.tr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mynet.rtb.pixad.com.tr/pb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad-k8s
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://finans.mynet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST
access-control-allow-origin
https://finans.mynet.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81f63eca5a236aee-BUF
date
Wed, 01 Nov 2023 18:36:47 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mADttCjPMx0ROR4f1JsR%2FB9fCvu8J4%2FimctKKx4gYQ%2FFmrquk6yhB5Q3EbbDf2Q6NHNJ0hD813lIh%2Bq%2FeAGpEGEGIu2jb8h9FFW%2B2ND%2BgoFEdoghvoH%2BVM%2BpKWKPNpoUwdDIdlGzH4h9ytKYnmMfD0k%2Blk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Pixad-k8s
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24266&site_id=409966&zone_id=2298308&size_id=2%3B9%3B15%3B15%3B15%3B15%3B15%3B2&alt_size_ids=55%2C57%3B8%3B%3B%3B%3B%3B10%2C67%2C159%2C159%3B43%2C55%2C57&gdpr=0&rf=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tk_flint=pbjs_lite_v7.54.4&x_source.tid=9e3b6760-9abc-4f21-a8aa-e7590192ab8e%3B4f311f9d-e16a-4456-b913-6c2bdcbd15bb%3Bc2b44aff-be83-438a-a52d-06684f157dd8%3Bf6ce0566-1f7c-4719-b041-c9afb28e34bd%3B7ef465ce-9511-44bf-b8f4-175adb74b9a7%3Bfdc51a14-2cc8-441f-a607-16174401e6bf%3B1932ca30-0967-4faa-bae7-8c81a9631538%3B138ed85d-e7e2-4bde-9116-03d56051c071&l_pb_bid_id=2cee37fa39a7af%3B331342e4576f48%3B4a3edacb875057%3B5d9aae896e6465%3B6cd7b4b6e7864a%3B7ac5b39711521a%3B86cd96e1bf2597%3B996dbeaacb3bb3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9e3b6760-9abc-4f21-a8aa-e7590192ab8e%3B4f311f9d-e16a-4456-b913-6c2bdcbd15bb%3Bc2b44aff-be83-438a-a52d-06684f157dd8%3Bf6ce0566-1f7c-4719-b041-c9afb28e34bd%3B7ef465ce-9511-44bf-b8f4-175adb74b9a7%3Bfdc51a14-2cc8-441f-a607-16174401e6bf%3B1932ca30-0967-4faa-bae7-8c81a9631538%3B138ed85d-e7e2-4bde-9116-03d56051c071&rp_maxbids=1&slots=8&rand=0.12725982508853306
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=90e62d270c45c8c5c005aac81369135e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
39def6e32642775fae66a946b5ffad5534d61f1bd605e035638aed11750981a2

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pb
mynet.rtb.pixad.com.tr/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
2362216
bs.yandex.ru/prebid/ 		0
0
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=7.54.4&cb=16614932963
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=90e62d270c45c8c5c005aac81369135e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adl.mynetreklam.com
URL: https://adl.mynetreklam.com/mynetads/ads-manager/prebid.js?id=90e62d270c45c8c5c005aac81369135e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:47 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
ads
securepubads.g.doubleclick.net/gampad/ 		320 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1533834957665798&correlator=1472992664854856&eid=31079299%2C31079300%2C31078659&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fifs&gdpr=0&iu_parts=28687765%2Cmynet%2Cfinans%2Cinterstitial_oop%2Cmasthead_970x250%2Cpageskin_sol_120x600%2Csidebar_300x250_1%2Csidebar_300x250_2%2Cfooter_970x250&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%2C160x600%7C120x600%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600%7C320x250%7C320x480%7C320x250%2C728x90%7C970x250%7C970x90%7C320x50&ifi=1&didk=2827414106~1727165214~591555728~2717725685~432122413~432180039~432417823~2717725684~3925205849&sfv=1-0-40&ists=256&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698863807014&lmt=1698899807&adxs=0%2C436%2C0%2C998%2C986%2C986%2C986%2C986%2C290&adys=0%2C261%2C130%2C587%2C1207%2C1909%2C2409%2C3414%2C4013&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffinans.mynet.com%2F&vis=1&psz=1600x5087%7C1600x250%7C1600x5087%7C324x250%7C324x2952%7C324x2952%7C324x2952%7C324x2952%7C1040x3551&msz=1600x-1%7C728x0%7C160x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C324x0%7C1020x0&fws=0%2C128%2C512%2C128%2C128%2C128%2C128%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1924489594.1698863807&ga_sid=1698863807&ga_hid=1900464849&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjy8rHhuDFIABIZCgpwdWJjaWQub3JnGJTxseG4MUgAUgIIahIXCghydGJob3VzZRis8bHhuDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YyO2x4bgxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFubDVaWEJoZDJkUlZIa3ZLemt5WVRobWJ6TmxaejA5SW4wPRj38rHhuDFIABIbCgxpZDUtc3luYy5jb20Yye2x4bgxSABSAghk&dlt=1698863804799&idt=1101&prev_scp=%7C%7C%7Cslot_index%3D1%7Cslot_index%3D2%7Cslot_index%3D3%7Cslot_index%3D4%7C%7C&cust_params=mynet_servis%3Dfinans%26mynet_kategori%3Danasayfa%26keywords%3Dnonloginuser&adks=1418154650%2C293310478%2C686434309%2C1792028448%2C3597773470%2C3598459149%2C3597846538%2C1104482905%2C4001092362&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71999c775efee0d90ecc5e5ce4830c9f1f025b6e380314e0d97276f56f146e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43324
x-xss-protection
0
google-lineitem-id
5383714757,5753320270,4367746458,-1,4389476089,5653713517,5653713517,4389476089,4389476089
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138427522541,138358269119,138208325154,-1,138314957789,138359140718,138359151113,138208642207,138386043624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2600 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
receive
pixel.tapad.com/idsync/ex/ Frame 7CDD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C%257B%2522architecture%2522%253A%...
95 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&referrer_url=&page_url=https%3A%2F%2Ffinans.mynet.com%2F&owner=P%26G&bp_id=mynet&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22finans%22%2C%22sub_category%22%3A%22%22%7D
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
date
Wed, 01 Nov 2023 18:36:47 GMT
server
Kestrel
content-length
987
c847c7b8-950b-ec82-d4fa-03876a8ac9ce
pr-bh.ybp.yahoo.com/sync/openx/ Frame 95E8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c847c7b8-950b-ec82-d4fa-03876a8ac9ce?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:644d:6614:5b6b:ed06 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 95E8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SD633YG4EDNXFPSJSV5R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QBY0RM0H35G2WVJ7BGNR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0456dd81-190d-c531-2523-97e5fdeecf67&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 95E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0&gdpr_consent=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ea68917-cfbf-4385-824d-28009b967746&ttd_puid=5c80a1fc-05a7-7ecb-e52d-157295dd0487&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:47 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 95E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzBlZjcyMzYtY2NkMC0yMDZmLWYwY2QtNGZjYjVmM2ZjYWU3&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 95E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE6pGgVcG3PSl3gyibjvfDA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE6pGgVcG3PSl3gyibjvfDA&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE6pGgVcG3PSl3gyibjvfDA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mi-scraper-1.17.0.99.js
snippet.minute.ly/publishers/516360/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e25add94195047c4d04eb063f97e308db44b32093cc19010a71e3acb234e81c

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Sep 2023 09:09:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1695805780"
x-hw
1698863807.dop213.ny3.t,1698863807.cds230.ny3.c
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNKbzfEH%2B5CrUlwSITEb2ybnzyat3A5USd0kQ%2F3xG%2BfyJdSPRuinWJ2rMno%2FqbxAPKR45f79YdNqrtGbcFBKSo6oqtP75ut37KdM1cumlmGCd1MwhmExvLep16JIYIV7DEwecPoDV0ASoOHEXfgG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=28479839
access-control-allow-credentials
true
cf-ray
81f63ecafb0b4bc1-BUF
access-control-allow-headers
Content-Type
events
bidder.criteo.com/csm/ 		0
85 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-length
0
_.gif
counter.snackly.co/ 		0
38 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63ecc88074bc3-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:47 GMT
_.gif
counter.snackly.co/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/516360/mi-scraper-1.17.0.99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63ecc88064bc3-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:47 GMT
real-time
finans.mynet.com/api/ 		27 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/api/real-time?_cb=2311012136-5
Requested by
Host: s.mynet.com.tr
URL: https://s.mynet.com.tr/rosetta/services/plugins/production/js/myheadjs.js?id=e5a556888973eb9e00c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
cce705bad8159ee0388f7cb6870602d80e6f3c435beb75777d9b648457c53e8b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://finans.mynet.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:41 GMT
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
1
x-powered-by
Mynet Team
x-midtier
de-fra-lea-s01
x-cache-status
HIT
x-cache
MISS 139
x-url
/api/real-time?_cb=2311012136-5
x-host
finans.mynet.com
x-xss-protection
1
server
MerlinCDN
allow
GET, HEAD, POST
content-type
application/json
access-control-allow-origin
*
x-edge
us-vga-ovc-s02
cache-control
max-age=60
x-robots-tag
no-index
access-control-allow-headers
accept, authorization
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d27290658bb98c032f524c8275aadb26d405bb10388d41d0925b76e4539b94e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12047
x-xss-protection
0
ad
services.insurads.com/ Frame F71E 		479 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=757024&appId=1870&s=2243&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Ffinans.mynet.com%2F&sid=C32E2DC4C9A3B7BC&v=1.14.20&ts=1698863807468
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0c952f5b29b19b2413156632302a2fb8a637f162c0d617e115726faac49b2829

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffinans.mynet.com%2F&domain=finans.mynet.com&bundle=w0_j6l9jU2ZuRGNZWVJKTWQzUnNYcmY1U2IlMkJGTmZmcTJqa0Z4Um54UXVBVkU1S2oyeFhoZ0xBeGo...
  • https://mug.criteo.com/sid?cpp=iLQUx3w5Rzl3bXdwd2Q2b083bUhSajJDUzlZanRBU01TdTg2c3Z0UTJrd0ZtY3BvM2xnSFdKOVVNMUNxTmI3S3Q1NG5wYk9YMVJuQUtNbmNjVmxyMWg5WE10d1dqOFRrOFllM2dtZndXSVBTMFRUNExDajV1dnJqRnlSQ3...
426 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iLQUx3w5Rzl3bXdwd2Q2b083bUhSajJDUzlZanRBU01TdTg2c3Z0UTJrd0ZtY3BvM2xnSFdKOVVNMUNxTmI3S3Q1NG5wYk9YMVJuQUtNbmNjVmxyMWg5WE10d1dqOFRrOFllM2dtZndXSVBTMFRUNExDajV1dnJqRnlSQ3lMdlZUTXlUVGVFd3VLbU9Uc1doVmFrdG9sTThDTTIyZ2Y2TnJOL3lzOG5nb2ExdGJlTU8vTGxYUkdkT1RvdUpCUjYyaW5BbHV2VHlKMDh5ekdpNWRsNmVNQlRSeE5ZYkdzTkJwV2Z5WFNwK0Z1Y1RGcGRlclZza0pxdnFpd0JNWit3UWhwbFVLMzVMR05ZRkNRaUlFcDFxT3FUNXdCVHVQWDU0ZnY0THVMUUtnZTZIZUxFRT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5289c6bdfecd2abcaceff21310ea74a1b07d4607108642f46a35d73e02dc3dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1440153
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://finans.mynet.com
location
https://mug.criteo.com/sid?cpp=iLQUx3w5Rzl3bXdwd2Q2b083bUhSajJDUzlZanRBU01TdTg2c3Z0UTJrd0ZtY3BvM2xnSFdKOVVNMUNxTmI3S3Q1NG5wYk9YMVJuQUtNbmNjVmxyMWg5WE10d1dqOFRrOFllM2dtZndXSVBTMFRUNExDajV1dnJqRnlSQ3lMdlZUTXlUVGVFd3VLbU9Uc1doVmFrdG9sTThDTTIyZ2Y2TnJOL3lzOG5nb2ExdGJlTU8vTGxYUkdkT1RvdUpCUjYyaW5BbHV2VHlKMDh5ekdpNWRsNmVNQlRSeE5ZYkdzTkJwV2Z5WFNwK0Z1Y1RGcGRlclZza0pxdnFpd0JNWit3UWhwbFVLMzVMR05ZRkNRaUlFcDFxT3FUNXdCVHVQWDU0ZnY0THVMUUtnZTZIZUxFRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
338046
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffinans.mynet.com%2F&domain=finans.mynet.com&bundle=w0_j6l9jU2ZuRGNZWVJKTWQzUnNYcmY1U2IlMkJGTmZmcTJqa0Z4Um54UXVBVkU1S2oyeFhoZ0xBeGolMkJKWm1hNnN6UyUyRnl5NmZTOWE0M0hma0pQb2ZYWlpyQWdMWkI1eHlDUENNdEZOSHFQVnFHR3M5N0VsSTV4Nkxxb0YzTTJLSEtBNGVvS3NrSGZMNEJuWGVGYUY2Q2dGMmx0WFElM0QlM0Q&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://finans.mynet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Nov 2023 18:36:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
492360
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ad
services.insurads.com/ Frame 67F3 		479 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=1424257&appId=1870&s=2243&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Ffinans.mynet.com%2F&sid=C32E2DC4C9A3B7BC&v=1.14.20&ts=1698863807478
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
65751200ea89a1e5d6d8db461a2280ef7bfc56087d2e475b4f428037b3d7d6f3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
footer-icon-facebook.svg
img7.mynet.com.tr/footer/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-facebook.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a1a635df2e37f2e83ef80aab643358014182d71b79a676edbc0f8e8b9074033b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Tue, 05 Jul 2022 11:45:16 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c4244c-4a7"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1191
x-rocket-mastercachestatus
HIT
icon-twitter.svg
img7.mynet.com/rosetta/services/static/ 		486 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com/rosetta/services/static/icon-twitter.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
a41680bcdd579f2172bb0fdc6a88245a9b0e6330941d3544f5cf1975d1123bdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Thu, 12 Oct 2023 06:42:29 GMT
server
nginx
x-rocket-node
edge125.ist.tr.eu.rocketcdn.com
etag
"65279555-1e6"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
486
x-rocket-mastercachestatus
HIT
footer-icon-instagram.svg
img7.mynet.com.tr/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-instagram.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
b652c7af4cda3d8395a637b1b9f615ef6ec3c6dea7c73cd70393ab5a054eb69b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Tue, 05 Jul 2022 11:45:17 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c4244d-62d"
content-type
image/svg+xml
x-rocket-masternode
cache116.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1581
x-rocket-mastercachestatus
HIT
footer-icon-linkedin.svg
img7.mynet.com.tr/footer/ 		582 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.mynet.com.tr/footer/footer-icon-linkedin.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.142.105.15 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS
Software
nginx /
Resource Hash
85ed4284f4265536d1ee7cf85771a133ee662fa6d3b8654f72cae4ed7c3efd42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-rocket-cachestatus
HIT
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Tue, 05 Jul 2022 11:45:16 GMT
server
nginx
x-rocket-node
edge132.ist.tr.eu.rocketcdn.com
etag
"62c4244c-246"
content-type
image/svg+xml
x-rocket-masternode
cache117.ist.tr.eu.rocketcdn.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
582
x-rocket-mastercachestatus
HIT
apstag.js
c.amazon-adsystem.com/aax2/ 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:12:18 GMT
content-encoding
gzip
via
1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-C3
age
1470
x-amz-server-side-encryption
AES256
etag
W/"9c6e4dbac06587ca3b19dfd46a63b2e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
9dTwtBRHChxLvuRvSlXGe3fp9WaCZnpYovHlzTNc5MqsPVW-x7yI0Q==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/ 		478 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e450109b1306817cb914db65e6781e931fa5f820efd06c14faaa37a77e53d4ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 12:43:05 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60092
accept-ranges
bytes
content-length
147591
expires
Thu, 02 Nov 2023 11:18:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 1129 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:12:18 GMT
content-encoding
gzip
via
1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-C3
age
1470
x-amz-server-side-encryption
AES256
etag
W/"9c6e4dbac06587ca3b19dfd46a63b2e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
CwX6WH6v_lq8gPFjrlJq1o9n-ER7RLxKSIjMGpSXBBVme-alHQdQ_g==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/ Frame 1129 		478 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e450109b1306817cb914db65e6781e931fa5f820efd06c14faaa37a77e53d4ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 12:43:05 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=60092
accept-ranges
bytes
content-length
147591
expires
Thu, 02 Nov 2023 11:18:19 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.596188312330058
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-vIsul840Fb8c163B8CQ6wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-vIsul840Fb8c163B8CQ6wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.887576592110839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-KQDJNs4KjxK3xS-ZSTZ_cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-KQDJNs4KjxK3xS-ZSTZ_cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iLQUx3w5Rzl3bXdwd2Q2b083bUhSajJDUzlZanRBU01TdTg2c3Z0UTJrd0ZtY3BvM2xnSFdKOVVNMUNxTmI3S3Q1NG5wYk9YMVJuQUtNbmNjVmxyMWg5WE10d1dqOFRrOFllM2dtZndXSVBTMFRUNExDajV1dnJqRnlSQ3lMdlZUTXlUVGVFd3VLbU9Uc1doVmFrdG9sTThDTTIyZ2Y2TnJOL3lzOG5nb2ExdGJlTU8vTGxYUkdkT1RvdUpCUjYyaW5BbHV2VHlKMDh5ekdpNWRsNmVNQlRSeE5ZYkdzTkJwV2Z5WFNwK0Z1Y1RGcGRlclZza0pxdnFpd0JNWit3UWhwbFVLMzVMR05ZRkNRaUlFcDFxT3FUNXdCVHVQWDU0ZnY0THVMUUtnZTZIZUxFRT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
323408
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 18:36:47 GMT
AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s_5N34yKrq-UNu5Yd8yKnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-s_5N34yKrq-UNu5Yd8yKnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
6f354287-be81-4032-bf64-3a62262fb72f
config.aps.amazon-adsystem.com/configs/ 		537 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6f354287-be81-4032-bf64-3a62262fb72f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-77.bos50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fb62f19a5a2a5b2925ccd50bf9857225200af91641aec8c57397616dd03943f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:42:30 GMT
via
1.1 55816cf05e8d81696f2f421e217d6204.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-C1
age
3258
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
RZVnP9MIF5F5K-vvSX-qCLLYCkNHc1vbGtunWA1Sv7nJlOOEuWFM5Q==
config
c.amazon-adsystem.com/cdn/prod/ 		806 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffinans.mynet.com&pubid=6f354287-be81-4032-bf64-3a62262fb72f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
Server /
Resource Hash
14e380b29683177b367a8ef4356b17111b367c5396d0e5077730d0c2f79e0df9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 15:23:59 GMT
via
1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-C3
age
11568
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
806
x-amz-cf-id
3avb35LwD_f4CLYBJcOsR3vsE-LKSkpacy3GlMSmcsZ-7WOVYvE9nQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		183 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffinans.mynet.com%2F&pid=S18CjGkcouFqT&cb=0&ws=1600x1200&v=23.1020.1619&t=1000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F22954957514%2Fmynet%2FIAT_0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F22954957514%2Fmynet%2FIAT%22%7D%5D&pubid=6f354287-be81-4032-bf64-3a62262fb72f&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-31-77.bos50.r.cloudfront.net
Software
Server /
Resource Hash
2c31e0440721be289db43c010e82e597edefd55990c3ee3b064fa839ab1ca7bc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a9415b590b759977d54fa124c942d384.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-P2
x-amz-rid
82B3GDF2EBEVSPG51X1R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
183
x-amz-cf-id
5AfiRVlNw4tYXafeuVqclGn_EMOY6H_NpgA6BH8SikLGdtMAqQlbaw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 00:52:54 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
63834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0jwjoZJ7kU7rvp8JNs0mHtmdqtro1tC_ZjxYE421xJe2Ezv0MzpNCQ==
6f354287-be81-4032-bf64-3a62262fb72f
config.aps.amazon-adsystem.com/configs/ Frame 1129 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6f354287-be81-4032-bf64-3a62262fb72f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.77.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-77-77.bos50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fb62f19a5a2a5b2925ccd50bf9857225200af91641aec8c57397616dd03943f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:42:30 GMT
via
1.1 55816cf05e8d81696f2f421e217d6204.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-C1
age
3258
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
_WSMYbQdFWSof4YdJCHYwnYTckodv_3duVXDpmmqpHL879XP-4CwOw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 1129 		806 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffinans.mynet.com&pubid=6f354287-be81-4032-bf64-3a62262fb72f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
Server /
Resource Hash
14e380b29683177b367a8ef4356b17111b367c5396d0e5077730d0c2f79e0df9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 15:23:59 GMT
via
1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-C3
age
11568
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
806
x-amz-cf-id
OykpRJvn1bKCp1HFMao_aihS2Te59QVWyEPmkuxidvQatlWYsUC7vg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1129 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 00:52:54 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
63834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
HbyANODxilRIgzlU5d8bVjg9pdVllnKlvf_Fo8NaWt-1Ht5jjFrG5Q==
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
4432
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ecf883ea1ec-YYZ
expires
Sat, 04 Nov 2023 18:36:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D836 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBuiSC3cVrRY0oDtE4I_px0HbSTuzNo6EbukkQA1Tx9geQWP4G1jhmRTpMeIKGCQ196rR9Yx_HSh4uVthK88P0De1P73bFV4C04NGeXyZM4dEjIVKwBJo4H-bG-BKf7Wuqnd_QLCL6iq1HM0gjWs-6Ams23Sk9DATwt4xlcFeraMf3g8VUKGEmKu5f7DOAYp5CTmkrv5_ooH9DVt0xHbqRKETRhBLSAdzi7pu4ftICb9bT7ziuXPyiS8YpFO8X_x0MBdmEkaFEB5OM8j3AP_CfTU0FIlBp-FfWFJxFp-25bnte9UZDcsJfwRW20ZmHpsZLWGj2hmfLeG5Olu0WJFgv4e9fwPZ5oYtZAS76XuXxQS5PZZ5TIEYueI-GuWVx9cvf&sai=AMfl-YRU3_goazlnslPBfGjAuH5XupfJkL3rRRmqYlcoo4_80Iu7YrxBLy0xhSGVdB5_1nwG41MDspXuEq8iIMCsijF0OnkEhkZF_it59jHQ3ZXSUKuZOlk031G4IeLhPpFIUPtQFXo32aLbtAjH5mNS&sig=Cg0ArKJSzGqsqKvbCbVrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rciv.js
cdn.tynt.com/ Frame D836 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a356ae7ad51af25f41e9529ed11b1da27f59c8de35ba04c7d66aa2146fbdfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
10424
etag
W/"651ed18d-6133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ed0a8e136a8-YYZ
expires
Sat, 04 Nov 2023 18:36:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D836 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D836 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBuiSC3cVrRY0oDtE4I_px0HbSTuzNo6EbukkQA1Tx9geQWP4G1jhmRTpMeIKGCQ196rR9Yx_HSh4uVthK88P0De1P73bFV4C04NGeXyZM4dEjIVKwBJo4H-bG-BKf7Wuqnd_QLCL6iq1HM0gjWs-6Ams23Sk9DATwt4xlcFeraMf3g8VUKGEmKu5f7DOAYp5CTmkrv5_ooH9DVt0xHbqRKETRhBLSAdzi7pu4ftICb9bT7ziuXPyiS8YpFO8X_x0MBdmEkaFEB5OM8j3AP_CfTU0FIlBp-FfWFJxFp-25bnte9UZDcsJfwRW20ZmHpsZLWGj2hmfLeG5Olu0WJFgv4e9fwPZ5oYtZAS76XuXxQS5PZZ5TIEYueI-GuWVx9cvf&sai=AMfl-YRU3_goazlnslPBfGjAuH5XupfJkL3rRRmqYlcoo4_80Iu7YrxBLy0xhSGVdB5_1nwG41MDspXuEq8iIMCsijF0OnkEhkZF_it59jHQ3ZXSUKuZOlk031G4IeLhPpFIUPtQFXo32aLbtAjH5mNS&sig=Cg0ArKJSzGqsqKvbCbVrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C1AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2oAfXgqk_zOfAt9hUo2xgNs8rEiMIpoUs8gQqBh1tEVg5f90Z15PVwRdVicA46UAvV9qXwW3JSmhs2atwXf3RZbXjyNyp70x62KfhNj71KvdWPFknXnQEWcq3TM4NKMMDOld4Ah4RFgIGeZy2h9rzG1IrxwWC65nFl74vxQKXSZqZiJhj-f0y7vm74anZFqQrt1ZUwdMDQS1mtr9L3kTKw3jrLV9IuvxREkuCLNKlQSOGO2tfdsqyBMCIQKaNgsaQ7f2iKh3uICUZzHzZ4ksAs8TBZfg9xovQDWAg4rzLeumvu_1FU9YavVk3CDEkiOuwDHxGwfvNLagr4leA__rRGvHpyco5bxaL7ihu6WJD1mC30X2Ai9h4zqf7-w0&sai=AMfl-YRtNnG9PUSC-M-Vfvp17wonNwcmx0PdnRzp0zZ1FWbZ8D_fhaMgktITeAiiRmho88tMS4RRFCiLzbT2Kfs_XNdGKlvSg144B_-OToMjjwhqTDNEEeLmq50oQjd9BqrmrN6pTRofxjymjXPfNg0E&sig=Cg0ArKJSzNNDpT0b4NmlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
windsplay.com/ Frame C1AE 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
zAASV.4z32iPmUPUngToYNRiJrw_Lfiu
content-encoding
br
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
date
Wed, 01 Nov 2023 08:08:40 GMT
last-modified
Wed, 18 Oct 2023 08:11:55 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
44206
x-amz-server-side-encryption
AES256
etag
W/"4d77129a9a8dbf884a160882c80217ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
n6-FBjq8-_m4gyVyJSfZVOmAlULl4Jt2PH1moDzV4YvDVdM7AFoBIw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1AE 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
img.fetch
udmserve.net/udm/ Frame 8F79 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
c35f7063ada521375d370bb614f556d48d09c69fb0d85f6d1dbc26d40a4327df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
truncated
/ Frame 8F79 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c9ec0366f8c6525f0227429debe2fc6de836c8b50d1ab8d1fa72238cddc353d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8F79 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzVMam3UpCIJE1L-4urHOrRocNASeU_I4T7iGfKeqQfDb6WJAw3B-r1R8_JmIYVhXQO0JVxjILi8TwH6d6ad0Buus-Qz9sFKdQSGCwfG0vAEdYbZHWN6UNUabLSycTpWng8vKvRKLk_3BviGKC6oJnG8C5LNtixDcodYGgdKsnW2ns5qJG_bXOWtHkoMfygK74t03zwGFBAx-teFxskCrSY5yFpRBALYS7_8LdeGKb8v1MV8U1zrbI-6dOW3zDh7jJgcOGNrZBkePWWg4meWvtTjOAyNYqXKszTQ1UpwW4HpnfOYuwTzDYxBlVIeD1BwkRpQex4awg8fMC-8n509IhPhR93OnkCOjFPpHlGIpCQ19t&sai=AMfl-YSS4CJyREDveuWPpa-kZRh7uY9864O5b_VR9sny6zB6wWB3nADHQZSJn0nWtF26WsQmrngtM_nYAGxzU19g33v4QWGJxL8l0gT8kghjCkRFrKfiaqnNTQcm4nQfIgPZCjh1hcQpj59n0e0uW-z8&sig=Cg0ArKJSzEIOcKmAZcjFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a38c824236b07f6db0bbd9932502de8c53dace44997f64c615b74136a68fa6b6

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 13:36:23 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=9319
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1631
expires
Wed, 01 Nov 2023 21:12:07 GMT
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=162930
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd62fdb47c5864853af3824151c917e6bdab6a93a801df8fb717a02748886596

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67b831d7c5ec56a828e6bd749b73f3c10b14851324a42d600021ffcda5149f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31349
x-xss-protection
0
server
cafe
etag
549 / 19662 / 31079321 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
ima.js
cdn-ima.33across.com/ Frame 1129 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
4433
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ed07abea1ec-YYZ
expires
Sat, 04 Nov 2023 18:36:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D487 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
20514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 12:54:54 GMT
expires
Thu, 31 Oct 2024 12:54:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4024 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66fa09e22e15b02f114989c7ce2fa03d3eb50c9275c4a80f2fe6080c95eb4e50
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bOWjskS7o4JuzP0B2L1gJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bOWjskS7o4JuzP0B2L1gJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:48 GMT
expires
Wed, 01 Nov 2023 18:36:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1533834957665798&correlator=4463315132893747&eid=31079299%2C31079300%2C31078659&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fifs&gdpr=0&iu_parts=28687765%2Cmynet%2Cfinans%2Ckule_sag_120x600&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=160x600%7C120x600&ifi=10&didk=1070475940&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db7c242115707663a%3AT%3D1698863807%3ART%3D1698863807%3AS%3DALNI_Ma5iXSicGvz6Q4-keKH4vJs9X_2xA&gpic=UID%3D00000d9e527e491f%3AT%3D1698863807%3ART%3D1698863807%3AS%3DALNI_MZl7LfcNENFu88RbDgpdLDbBnrUWw&abxe=1&dt=1698863808085&lmt=1698899808&adxs=1440&adys=130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffinans.mynet.com%2F&vis=1&psz=1600x5111&msz=160x-1&fws=512&ohw=0&psts=AOrYGsnWvv5sKcEYpo2v88_og-OakrdgQhfqhkZsEE4L_jfjy_qGdSd6bkFQwkPkUm-h8WGKG3U9b_E65jMyb0ZOgQatt-DKbGktA5T-D_xfEA%2CAOrYGsmwojzQR1icx1ZGoWueaZyrmSCTKVhHzQScHA82AyIr32AYKIQhnn7lm3EWZEz0fIKah18TEOVtrEuUfwfjMgdAdlBBymJ4M7Ss2Da8jQ%2CAOrYGslzqb0Ef02GreeKPAa6ulyLcJnvWef1zTPlIBBBwl911y2QMXj1sHH74KxsMJow0IVRxnNmwMBKG1_GMgDLLImNEgwKZs9cQJ244H0%2CAOrYGsl5bDrqMJVb_D8ZPmaGe9BOapVbAk5LDpzrgcmUCtP8v2wZvrar3IvlwFut9DDa8WCK9Xvl4gN6aQHbCjLT58DHYc0OAD8J8p6WAfs%2CAOrYGsmAFtxg-2kICR4jergPY3rfPXJ77VWm0QBubvGLcdSIjDTiSK8hZXJgTU3g_ujSrLyCsa4kOc0biHBQKvUealVwgcJVecR-Tu3Jm3M%2CAOrYGskxToSY-whfF6toZPp4EyyqiwKg01sgBL0XXM5WcyXWTzsrvQKt7CCweUqGLQYIJVx5z2JrCQYFmr8k0WEE27Iq8s_W0Sx6NP6dF3A%2CAOrYGsnYWIPmbjXy89mDJfSgvsGtci0KRBV93ux950Qh37pfB_veaaQhHPX8L8f_zTmZ8KeaMFdecDftgx_hmVK2vByX4ZeoCj76qkVH-Ms%2CAOrYGslJ4PRw6vGG7RWoGE-tFMXT5_riG9u_jDMWS3mhzVD-egzlsxh7D-sxDrktMpQzQL1AbSy1YRV_Nl5TgPM4HUCm1leurJ00YJubLM8&ga_vid=1924489594.1698863807&ga_sid=1698863807&ga_hid=1900464849&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjy8rHhuDFIABIZCgpwdWJjaWQub3JnGJTxseG4MUgAUgIIahIXCghydGJob3VzZRis8bHhuDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YyO2x4bgxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFubDVaWEJoZDJkUlZIa3ZLemt5WVRobWJ6TmxaejA5SW4wPRj38rHhuDFIABIbCgxpZDUtc3luYy5jb20YxPSx4bgxSABSAghq&dlt=1698863804799&idt=1101&cust_params=mynet_servis%3Dfinans%26mynet_kategori%3Danasayfa%26keywords%3Dnonloginuser&adks=2698010050&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96ccc6e54a137dc65da3e6a1bb265fd289a0ad842988e25d4675e3a6a611a1b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13846
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6EFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibd0d2VDCgFvIPQWiW4JJrO3_50lLh-NSxBkVjhMqs_RCvNsFRF-0Y_DHeLN6q446xjJhoeFh77Qd4C5xFoyvSWGsrgabTujW2itNWTf6xgVlMvoqkPWX7YPZ08W15tj5UKuanNDb_ep1HM69OEcnRU5x2ub-9Giksi9x-qtcvcMxRtEi1G4D_jZwEZhc823YcEHttFmg_sHmD76B3YRylP9EXlyfPq53K8InikhOvRIt8cLB1UApby_XCQBqZNO-iAx2C7e0cmJ2MaymcemlruI_zhyHgeNwFbkDJfGYQemBUQFDLrq7TZ6KB1bS0kfTcPi9smTyZ_06VK8PbbbdBkaMkD26kv6dGaOUzQoubBpjFVH4dAHZklKBj_SV&sai=AMfl-YTUG-kB334ZUP1naLETAYIiG3zBZJLcuz5JqXSvSK7u05LdAsRKX8DthsJ5r1C9HOtICTU8_H_87_JPK34lgAgsFJTIyMjaW0y6-ags-Q3sGhFZtw0NPvR4ahxUPRwL5s7qZ-2E3bbSj-5NFZrW&sig=Cg0ArKJSzEPmTAvP-78TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
siab.js
cdn.tynt.com/ Frame 6EFA 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/siab.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89be99b9f1c2eaf66055e87d96e907811dd2df193fff43ea6ef39d7d52bd8a10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
4418
etag
W/"651ed18d-611d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ed0f9b336a8-YYZ
expires
Sat, 04 Nov 2023 18:36:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EFA 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame 5134 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 5134 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 5134 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 5134 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 5134 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
css
fonts.googleapis.com/ Frame 5134 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 16:57:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 18:36:48 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5134 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 04:33:40 GMT
x-content-type-options
nosniff
server
cafe
age
50588
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Thu, 02 Nov 2023 04:33:40 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5134 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:27:38 GMT
x-content-type-options
nosniff
server
cafe
age
43750
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Nov 2023 06:27:38 GMT
container.html
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 887F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 43FB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26B2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:47 GMT
expires
Thu, 31 Oct 2024 18:36:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/17035799521253110986/ Frame 5134 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17035799521253110986/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ecb8443d5739ee4fa4db07695d7dcef10dae73c1d391c0b15b395482fc9933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 00:02:27 GMT
x-content-type-options
nosniff
age
585261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11805
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 07:09:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 25 Oct 2024 00:02:27 GMT
truncated
/ Frame 5134 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5134 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a409238c055b436448c79dc6ec414dc972dd71210132594b7db90bce2f34da7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/ Frame 1129 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/162930/9578/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a38c824236b07f6db0bbd9932502de8c53dace44997f64c615b74136a68fa6b6

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 13:36:23 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=9319
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1631
expires
Wed, 01 Nov 2023 21:12:07 GMT
geo
ut.pubmatic.com/ Frame 1129 		12 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=162930
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd62fdb47c5864853af3824151c917e6bdab6a93a801df8fb717a02748886596

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1129 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c98ec68b1a4fd8761a572caac1ede85a1e85a6669cc95b103196991de366f8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30524
x-xss-protection
0
server
cafe
etag
503 / 19662 / 31079210 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
batch
services.insurads.com/dfp/mapping/ Frame 916B 		1 KB
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/masthead_970x250%22,%22eoId%22:2647267620,%22eolId%22:5753320270,%22advId%22:4829257103,%22ecId%22:138358269119,%22w%22:728,%22h%22:90,%22eId%22:%22main_mynet_finans_masthead_970x250_0%22},{%22eaUp%22:%22/28687765/mynet/finans/pageskin_sol_120x600%22,%22eoId%22:460502205,%22eolId%22:4367746458,%22advId%22:125764365,%22ecId%22:138208325154,%22w%22:120,%22h%22:600,%22eId%22:%22main_mynet_finans_pageskin_sol_120x600_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863808076
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
832fc9a14d7dd966fa104e481f14ba219060d367e0b32b534d698bb79897cbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=D8KFEiCd2B%2FOOGQOBDXK8RHetzxvK8FZuqSD4w2i270%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=D8KFEiCd2B%2FOOGQOBDXK8RHetzxvK8FZuqSD4w2i270%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 01 Nov 2023 18:36:48 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://finans.mynet.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=D8KFEiCd2B%2FOOGQOBDXK8RHetzxvK8FZuqSD4w2i270%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame CD9F 		353 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
652d31e3d9805217655dfc98acedfea563bdb655fb88a7a436b081ee94142370
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
353
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Nov 2023 18:36:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N7WMZG1T1ZC5MK848GPP
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 887F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 07:46:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 887F 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 43FB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 07:46:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43FB 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
truncated
/ Frame D836 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28f32200af57a2f04c5a9b93153c9ee375f443c581a042cb792ba49c6063afe1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 26B2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 07:46:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 26B2 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:48 GMT
envelope
lexicon.33across.com/v1/ Frame 1129
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=LHwsLQtmpSA6arMUTQToP4KADmSqfbtMosFAZoz1dI0%3D
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=LHwsLQtmpSA6arMUTQToP4KADmSqfbtMosFAZoz1dI0%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 01 Nov 2023 18:36:48 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://finans.mynet.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00003JZl0LAAT&src=aps&ver=1.2.0&b=1&g=LHwsLQtmpSA6arMUTQToP4KADmSqfbtMosFAZoz1dI0%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ckbqREs5qr54oMaKlgYj8u.js
sc.tynt.com/script/sc/ Frame D836 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/ckbqREs5qr54oMaKlgYj8u.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5976
status
200 OK
x-xss-protection
1; mode=block
x-request-id
44930f81-ddb1-4df8-a42e-72a037b1320b
x-runtime
0.002395
x-content-digest
809511492e5d2a4d94fad6c4ad28f9b6d7c9c6fb
last-modified
Mon, 30 Oct 2023 14:09:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
81f63ed2fcd036a8-YYZ
x-rack-cache
fresh
expires
Tue, 31 Oct 2023 07:38:24 GMT
yj3ye58j5v2aylbdfaj08.json
windsplay.com/c/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/c/yj3ye58j5v2aylbdfaj08.json?cb=1698863808403
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02fe38dc12a15a597549c84ccf37b58521dfc42c143ce82d0a6685a5f53bdc5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 09:57:29 GMT
x-amz-version-id
u_2QSNTQSfvDMQG18QW1aZSng7a3sOlP
via
1.1 e710a3d516d3a393730a2451a3e22554.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P2
age
31160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1830
last-modified
Mon, 30 Oct 2023 08:28:30 GMT
server
AmazonS3
etag
"405c3cba314515b8e4ce800a82d1590b"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
JMm_m9WhNhWqqANfnHjhsf7_jcZMjVukTcBSXe16pKPeODeen5zqVg==
ckbqREs5qr54oMaKlgYj8u.js
sc.tynt.com/script/sc/ Frame 6EFA 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/ckbqREs5qr54oMaKlgYj8u.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5976
status
200 OK
x-xss-protection
1; mode=block
x-request-id
44930f81-ddb1-4df8-a42e-72a037b1320b
x-runtime
0.002395
x-content-digest
809511492e5d2a4d94fad6c4ad28f9b6d7c9c6fb
last-modified
Mon, 30 Oct 2023 14:09:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
81f63ed2fcce36a8-YYZ
x-rack-cache
fresh
expires
Tue, 31 Oct 2023 07:38:24 GMT
truncated
/ Frame C1AE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53704555f50cadee7ae092729ee953f3f72a39d30777924e3aeb70bf48a19dac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C1AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiy7iG8HP1NlQrgl9XEml3fXKxgmbXQ9h_NP-sZoTE-aZQhBp6c5FWVadQ23RLnNjt1I1Qj64NBGYV-f5y7QuW9cgINX4WJCLPdYAR7eSIaE7dbK_eRJxLcojFiBTVXnTDagNVIKJF_gViwplNR4OXAbeXfxYnfudKjyZyDeWiyW8WsKU66K4v6IIze5Xj792gsprhxpjv5kc3wtxfAXF1O6Y0oyZqejGZyelruxhG1psTII5FymmfltnxQcBAWlpZ3FQ7Yc1k3zdR1C49oR2kh3tSWaj9rPVVR-sauOTPqNASH3V-N29AMWBEOuJumczsducrBpYQPRvAvYBRcrF9M6ZltOE4sf_drgtbFmcyrDmUSPgdFOkZD57aAI1-2w&sai=AMfl-YT971tb2HUxSD-U6_AjeujdxV1L8dSzhSs6k_Z4HVmA5FbP58ti0RIKJHxCe-AvOfqCqUkBswId6-8aQERQ7myoO8l_xx7D3_4Z6rLOnjheNHnNS5eHR--A7dxjVs33-zz_yjV2AbYOE90idglp&sig=Cg0ArKJSzKLWXLSEDrRIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:48 GMT
truncated
/ Frame 6EFA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69ce48c80f3a45a94099cc794cbf2f58877b46b0fb1b2ef71726c5f898acaea1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ Frame 1129 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 15:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
12023
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135432
x-xss-protection
0
server
cafe
etag
13870563710225165476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 15:16:25 GMT
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=ckbqREs5qr54oMaKlgYj8u&lm=6&ts=1698863808490&dn=RCIV&iso=0&pu=https%3A%2F%2Ffinans.mynet.com%2F&ct=Mynet%20Finans&t=Mynet%20Finans%20Haberleri%20%7C%20Ekonomi%20Haberleri&chmob=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
batch
services.insurads.com/dfp/mapping/ Frame 8B19 		2 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:460502205,%22eolId%22:4389476089,%22advId%22:125764365,%22ecId%22:138314957789,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_1%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:2239286350,%22eolId%22:5653713517,%22advId%22:50486805,%22ecId%22:138359151113,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_3%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:2239286350,%22eolId%22:5653713517,%22advId%22:50486805,%22ecId%22:138359140718,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_2%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_1%22,%22eoId%22:460955805,%22advId%22:50487405,%22w%22:300,%22h%22:250,%22eId%22:%22main_mynet_finans_sidebar_300x250_1_0%22},{%22eaUp%22:%22/28687765/mynet/finans/sidebar_300x250_2%22,%22eoId%22:460502205,%22eolId%22:4389476089,%22advId%22:125764365,%22ecId%22:138208642207,%22w%22:300,%22h%22:600,%22eId%22:%22main_mynet_finans_sidebar_300x250_2_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863808447
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cfbbfce1447ab847b1d12d2383986fe7c72429b34cc517d47876f0df7393a91c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
udm-r3_v2.22.3.js
bid.underdog.media/ 		489 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.22.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:b600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9abf9cf2714d085138fbe644afa591850c9465f093814529ea89b2b8993574

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:55:05 GMT
content-encoding
gzip
via
1.1 93fc2e623ef816f1758325680d9e9002.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 16:51:21 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
6104
etag
"1bbe80b6c7b5e5f1eb40b4630e4a3564"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163772
x-amz-cf-id
mxjjEOgYzoYW4sIV_k8z6wAfOCwMI0N1dbd373lzFO_PvUElFEadjg==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 08 Nov 2023 18:36:48 GMT
quant.js
secure.quantserve.com/ Frame 8F79 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14018;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 08 Nov 2023 18:36:48 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.85770774
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.85770774
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7081728085481991200;cb=0.85770774
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7081728085481991200;cb=0.85770774
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:48 GMT
an-x-request-uuid
3ad8028c-dd6a-4730-8fe6-29a336f5d620
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7081728085481991200;cb=0.85770774
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI0NEQ2QjYtQ0ZBQi00QTkwLUE1RTUtRUI2OTA4MkQyRERG&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.85770774&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DD244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&us_privacy=%24%7BUS_PRIVA...
  • https://udmserve.net/udm/fetch.pix?pmid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bindx%3D&s=199174&C=1
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;indx=ZUKawDK-TRds0rU7ur19jwAABZcAAAIB
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;indx=ZUKawDK-TRds0rU7ur19jwAABZcAAAIB
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSqXMCDJZONG8A0lSetCKVouQn8MSYbBfeLYuFsEDb7YQfKUf79vkqa1iy900khZkACcso8HkU7Iek0RaRswkiwoR7sMeF9BDK%2BaniyqgiotDey8KVoKGMRUR0GLNp89bcTO%2Fugz5cmw9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;indx=ZUKawDK-TRds0rU7ur19jwAABZcAAAIB
cache-control
no-cache
cf-ray
81f63ed4ce7c37cf-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.85770774
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-uy4BfKZE2uLRY6TnjKxKhej8umS1VkeU~A
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-uy4BfKZE2uLRY6TnjKxKhej8umS1VkeU~A
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:48 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-uy4BfKZE2uLRY6TnjKxKhej8umS1VkeU~A
date
Wed, 01 Nov 2023 18:36:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.85770774%3Bsonobi%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;sonobi=303b087c-cde9-45aa-8a17-dbb86e6d13f1
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;sonobi=303b087c-cde9-45aa-8a17-dbb86e6d13f1
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:48 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:48 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-172
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.85770774;sonobi=303b087c-cde9-45aa-8a17-dbb86e6d13f1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.85770774
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LOG3NB0A-E-2RSZ
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;magid=LOG3NB0A-E-2RSZ
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://udmserve.net/udm/fetch.pix?dt=1;magid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Wed, 01 Nov 2023 18:36:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
access-control-allow-origin
https://finans.mynet.com/
x-varnish
767652308
access-control-allow-credentials
true
content-length
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=78da4519-7068-4644-93a5-ec56127063a8
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;mgid=78da4519-7068-4644-93a5-ec56127063a8
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:48 GMT
Transfer-Encoding
chunked
Location
https://udmserve.net/udm/fetch.pix?dt=1;mgid=78da4519-7068-4644-93a5-ec56127063a8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame D487 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:24:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
7953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 16:24:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 26B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ6skAjt7eR7OEhX7B_QV7tjjS3VWj5XBa01Jb01oAGlDvL1S6PLzq1I0IIO_9xPYXYubCIqHrglStpvcM_upmGa9622M_AsDzr8ZPrl-KuowIPGJBmo6UTYKs5KrxHfZt6J-s3G7aOAK5MNEH29YA6BIml97EmzJRtWPN6PUnkXNbJcqNRb7DtHN4JNiu7y4hb13RnNAN3aSJ73vKQVJJ4H0ZPhk5FmvAdTcjSFtn-XCwM26B1QM07HijycKVxMAZYJmwtslYqNXkMtzROY_xd45hUuBvOXKflsrbbvPoAPBkRV_s0_6BkPbrrcQhLd6-xHqkYCX1o7_MR1mg1Pv60W6IbXnW7jmy29KPPlyEp9Gm0gwS1r3j2vLdwp4u&sai=AMfl-YQ6SeX3h8YRYH2AxnOzgI2uizYNmx8jzmqehqDym2MiVSSyttn64oQ7afedphhf0EUs02cy1YGRrmGzHr9Xbt5NGOYNMS-vrvv20xn3yIEQskkht9PYjXwOEVQKDRyYcDGKerWQmrVQx5dAp7OD&sig=Cg0ArKJSzMxu6lg0-BxLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
siab.js
cdn.tynt.com/ Frame 26B2 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/siab.js
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89be99b9f1c2eaf66055e87d96e907811dd2df193fff43ea6ef39d7d52bd8a10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
4418
etag
W/"651ed18d-611d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81f63ed38d8436a8-YYZ
expires
Sat, 04 Nov 2023 18:36:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4024 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310250101&jk=1533834957665798&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 887F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucMMoemYqZ36yPV6ZM_fw_viD-MX5DUnVxVStOfuDxRP57ajN0eYpIGkFuNRiN_OwFz8321hWSLliazhCb2hBpd6YXrNZs0iySC3-h-rSHgDQtCCH-h4BTe580lVg7LEwbHonF7dDlmIPXNimpkL2XD8AxDiPCM0TDs-CvWavl1HEwJ1TOQDBhKWV9Xbwq3SzVg3vdcz9ujNVr4MYJnQWi2ggZ-PvpL1yignS3UpayhQJXME2otorm96VPBIYuM1fmbexrf_NO2H0rZp5uB9xGEHIjCDJD_tqZ0RKSOOLOk3RbGmJyQGHmv874AL_MeOfx1q9MXjo1nUFqD6OewKjhhWLwFsPenBrCZ0MH2M1bKI852V3Bip14L-GvQZPk&sai=AMfl-YTDBp49HVjYkfAUKHY8zPWAASH8a059sNA1e4Js8pm_mUQOGtjg_lDE6EUcFi_pAe1jtRmYY49ZEwGYcRg1MmV_9ldNAE4-LfGTnESvfroYLQi4f-1dVLODw0TWE752im-kbRioD9wt1vugzV9k&sig=Cg0ArKJSzOz9L_-wYp78EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 43FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcusmqooniv_cqgigj_5kR7wG_OoHZaIr_DY95SW4sZBzLg0qf2hXfpWXUsZMkqnZ4RnBgdiJKuVCUl_bHU7AHYIP9b-jNZgIwzWS9wPZ1FZV0jI9S5aYvTFBo4w6FSBqILMVooPLrKQj8aHh7Zah9yhPzrTBdcur1mjxT4YYcLmhMzUDeEmFQI-ru1oqLmI9i6T64V61bKiMtMbVh7qZEt8mZqZUarrwp2yBT9e2tqmt2c7334oMjLz3XNhu5GFTEuXlNEA3PQMqe-UdzbZoGhcPISt8a0TyGPAWMkiFOQlFuMlNPn_Rc4QOa9XBclRDo5mFs9hS5mOKozzZps_DhbEZhizezAmoH6AljEd2XNnocsUpZY4o1kKyvy3Em&sai=AMfl-YRycGqCa5QnKCv7mU0k0ZIz_jYCtRjyMfFnzarrbEQ4Q3_NQ0m43UHysvVfVu8AS1JrlGILkMbQ6xfaDUpFxrKlN1s630FkFnoDWpYgVT_l5Ac40makhH-j0iXZ8DoPsZ4HaCPB0__9ptV-o0X8&sig=Cg0ArKJSzLGS_NHLviK8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
category
finans.mynet.com/json-api/post/ Frame 43FB 		188 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/json-api/post/category
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
acf120af56f71041c6863003c7c380cfb1d24bafd0b519f21070cd842653a330
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:42 GMT
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
-6
x-powered-by
Mynet Team
x-midtier
de-fra-lea-s01
x-cache-status
HIT
x-cache
HIT 140
x-url
/json-api/post/category
x-host
finans.mynet.com
x-xss-protection
1
server
MerlinCDN
allow
GET, HEAD, POST
content-type
application/json
access-control-allow-origin
*
x-edge
us-vga-ovc-s02
cache-control
max-age=30
x-robots-tag
no-index
access-control-allow-headers
accept, authorization
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5134 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:04:12 GMT
x-content-type-options
nosniff
age
502356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 23:04:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5134 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:12:48 GMT
x-content-type-options
nosniff
age
494640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 01:12:48 GMT
pr
s.amazon-adsystem.com/v3/ Frame EB42 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
70cdbb7596918e8ffa7451f2e430370661fb617d2a2906623ac585f13ef199d6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1973
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Nov 2023 18:36:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
T573FBY5PQHVWP4XHFVH
category
finans.mynet.com/json-api/post/ Frame 887F 		188 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.mynet.com/json-api/post/category
Requested by
Host: f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
URL: https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
acf120af56f71041c6863003c7c380cfb1d24bafd0b519f21070cd842653a330
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:42 GMT
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
-7
x-powered-by
Mynet Team
x-midtier
tr-ist-shy-s01
x-cache-status
HIT
x-cache
HIT 140
x-url
/json-api/post/category
x-host
finans.mynet.com
x-xss-protection
1
server
MerlinCDN
allow
GET, HEAD, POST
content-type
application/json
access-control-allow-origin
*
x-edge
us-vga-ovc-s02
cache-control
max-age=30
x-robots-tag
no-index
access-control-allow-headers
accept, authorization
truncated
/ Frame 43FB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
544a87dee6707e4eb9ad9c2368e6ed392949a8e2a6edb0a51a602fb97c38c7f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 43FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRvHiyZEp6Yd7NR3IN_0R8nYRPm4KjE5JRd_GW1iwOmQEFiPmvd-WAcwQ0Cebm6n1Tdpg1H6g4OIGTYBFfIt3GFxxCzX0HRlAOy9p-BqPQwo9kuxLoTapGI26Vo6BC0Ozj0ITWKwwZtgbivOK72YywUnZgURuE61QDsckv6H_ASIiT7Pt8kOxc3csTvhlH92-QLZZFnxwJdJttjBMutmq1ppqs6MfPMyn9GdGrDrfecGsPyw7SnidqiDvkHeHpXuUatzq8qHKnDQvi6m5vfWMh44b0sDqwLJ_9J5UsDxQi4OaHUUCk28kU8bxCDm6c9DxKkJumdLd1TYkkmB-t8SDOR9Q_1Rz2ZMvgJed8DqOZl6rMw226dWM75OGjsVwIsw8&sai=AMfl-YRmtGgKm1d2BllyQuZiDegRkBLP-7V2XEfD3XVzMGLEme6jpBljk3aRciGIsUswg04X_Z37LJ7cCZhT5ndZeQhaGb4PZ9AqnVdL506KitcMfcexl5kL6FCjbfA3BcJTkRiaIDPoWhPzq7g2uCGn&sig=Cg0ArKJSzF3_YaY2YgjbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:48 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame 6EFA 		450 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
8c004a719b3ab79e4d0a55e688ffbbcff101d18808aa93717181e9d9ebc58b33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
10446
etag
W/"6525e1d3-707dd"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
81f63ed50ce1a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:48 GMT
ecm3
s.amazon-adsystem.com/ Frame EB42
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2bca8c55ec
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2bca8c55ec
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B5MJPFGM5DKXMDG3EV8K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 01 Nov 2023 18:36:41 GMT
via
1.1 dc2c9775397edd7b6dcd6264e93076ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-P2
age
7
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2bca8c55ec
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
br8DDtfXEJDpSCrs24yWbl2RlsgSGqYqa9naj0zc-jcqG0JdCGCFsQ==
ecm3
s.amazon-adsystem.com/ Frame EB42
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=3B0BD726E5DF48818E605A6E7F99D71D&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3B0BD726E5DF48818E605A6E7F99D71D&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JPS2GP8XHT9W4KGFCHN4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 01 Nov 2023 18:36:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=3B0BD726E5DF48818E605A6E7F99D71D&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 31 Oct 2023 18:36:48 GMT
ecm3
s.amazon-adsystem.com/ Frame EB42
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=2a46ab3495f9a8282fty3400log3ncks
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=2a46ab3495f9a8282fty3400log3ncks
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VETWZJVS9EHSD7HJRA4E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 01 Nov 2023 18:36:49 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=2a46ab3495f9a8282fty3400log3ncks
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame EB42
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3418654096634453000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3418654096634453000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7D22669AZGNJKGX7VZ5X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3418654096634453000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 01 Nov 2023 18:36:49 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EB42
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
  • https://sync.outbrain.com/sync-external?uid=yJVikJH2IfNeZTqVVYNo&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG...
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA&p=15268&obUid=PHcaG2VLKoFCODcjZCPpBzXMUN5u1Rozkw0SYA3C40anvzOUCvC4r9OkWOv0J_JQ&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLZJJLGS22KJAZESZSOMVNFI4KWKZMU43ZGM5SHA4R5GA&p=15268&obUid=PHcaG2VLKoFCODcjZCPpBzXMUN5u1Rozkw0SYA3C40anvzOUCvC4r9OkWOv0J_JQ&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Date
Wed, 01 Nov 2023 18:36:52 GMT
Cache-Control
no-cache
X-TraceId
b4b6794e62c9f15b9584d08c49655647
Content-Length
0
bid
aax.amazon-adsystem.com/e/dtb/ Frame 1129 		685 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffinans.mynet.com%2F&pid=qiHs6UOOQpIoO&cb=0&ws=0x0&v=23.1020.1619&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1698863807586-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22954957514%2Fmynet%2FFBK%22%7D%5D&pubid=6f354287-be81-4032-bf64-3a62262fb72f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-31-77.bos50.r.cloudfront.net
Software
Server /
Resource Hash
93140e81df4e3ea409cb4d84b11b957249db859c5374141ccd188c7e40522ff2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a9415b590b759977d54fa124c942d384.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-P2
x-amz-rid
PBC65MHQP2G4T1Z0ZEDS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
685
x-amz-cf-id
mqIzKgbv2U0qC6yZsheIMIm_NeNNuVLvNt0TPIhMLhbdThaWiWkGQQ==
sic.js
cdn-sic.33across.com/1/javascripts/ Frame D836 		450 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
8c004a719b3ab79e4d0a55e688ffbbcff101d18808aa93717181e9d9ebc58b33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
10446
etag
W/"6525e1d3-707dd"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
81f63ed51d06a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:48 GMT
v2
de.tynt.com/deb/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=2&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c8442b533f77f2b1d8eb88bedc894de785d15eacd394aa4816b3fa02a96e9cca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1828
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 9F72 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5%2B0l0yphf7rrIU%2By%2Fzf2EZWJO%2FQ%2FWkFOr8Jzm8wI2219I5Na2uqC10BsEfAQ8GViqAWVyjQDhR3nhUV1Lu3N3eKMgwHLRX9LhXvhqy8aWqq2nAo9OT3l6jnqUrRcyRdKcJF5yPV%2F39T9ds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63ed63b554bc0-BUF
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
81b70ed4020a9bedf1d0b24b7dce42a4c8946750e9d3df215c2a6e7dff75d50d

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 645F 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=sxjbhtuoer&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
aPmN8D8l4tXgCNZKgmw_V2rnvRYDkOqg0NKPyGvz4ON-6fpVK1IF4Q==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
0a4af8b7388358aaa76733bebe79d2d7d84792b9488a54431f0d75217c2123ce

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 92A3 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=zhjdhvwvsh&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
3138NjUisMiqvnoAlL6dPchDERHjWFQJh1LHoBpctlcp1PR52mX6Lg==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
69fa366843542c917a02764a2b4e3f67a4c004c73e5e31e5674a8fc3264dd417

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 3BB2 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=ffpkd&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
ubyAVs-96kDqjExIbnR7RKuNBVPgk0UGLoK7Yz-fDHo__l55u9tEOw==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
2f80bcf5a307825304d2fbc1503764f916ceddbeb7b29cd34a0ad16a930a90c3

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame F0DB 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=sthrrp&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
CpxDNnaSWoSQonyLmjZ7y8oQ4s-AVNM00M3sPQFEyJspdVlG9k3-HQ==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
1d5b740164d6e20111054cdbca1e9f71aad0b6b2f3d8bc9f880d1e38446e240d

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 8F1E 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=lsbjrbnd&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
ozQ3jI85qaz0Ok7mExmT3nBgCSBbPGQrAv_0sCaHC3XBnZEZPz8Nyg==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
d89e0a29a607fefda8fe7fbd42c1b3de6ff3615e1424b9bc86c5a3e28dda952c

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 9114 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=vkhlmwwqr&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
1rzchYc0LLnS2uf1-qWq2JMFJMWOolr2oo9mVDMhiTeT5Syahjv8OA==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
5d49eb01ca02540e170d720e1b0597b53badbb891ceacf6fb6f86e942c480653

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
p.html
windsplay.com/r/ Frame 79DF 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windsplay.com/r/p.html?f=jjeunqqsy&e=1054109728935
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-119.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11846
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 16:13:38 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
x-amz-cf-id
XkqqY1sPbuRt0v4rTk08NBZ8mKz0AT12wlL-3ILAisyg5YZVTw34aA==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C1AE 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: windsplay.com
URL: https://windsplay.com/t.js?i=yj3ye58j5v2aylbdfaj08&cb=0172341698863807967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.24.174 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
174-24-31-64.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
d9db0e7e8655f3d799fcf82e863cafff878d49a608a9a7c06b0950374255d53b

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame 887F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b7605d328b531f7ee2dc726223d575281c1637673bba309919cbd874db7d7cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 887F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYMK_GkidXK-1ml0FaMBeIeQYQwUkLvNHZlELARQVkl87LS_oCloub6tuq9dJXDeyl3Dwc42pEZaiAqfxM_2q_BtdfxcZk1OpCniU4RCFMVanEfhCdzJCUxsxTS0eW9yx66lu40HKrCN3ZUtS4tQpnDhdU7ixij9EdKDAd-COdqHUG9CzlR5xUzn6C1e-ctt-bdngQpAC-__6EhkwK619EhUfd4sG378y416U8p5ZruMh4uVT7oblWkB21eidoATAwwUNw-aQ6jrpljyQVTdnJENufV6wp48gHhN9IKgxQSMG4QHxpaN-3BA_gq3RWxtdf1JX52ZljGZmQ2Hd_18oQMz6qFmYfdxlPoRup-4eLJeZOYPwdrIUaCQOo_6ikBRo&sai=AMfl-YT6xF5rKU42BeQnDB4FblTtiGNUSC-TYbjyn7ejg1wh7alSYK4U-zSnEvM8A0jwJ60jFG6lyGMqoQ7QNtRI08_ASHTzXi4kU99o_XezJRC1AK3EaMJhuYKQo1m_0NJaphvT6JM4JYBMsPJp4xyN&sig=Cg0ArKJSzErjBfI-Ef64EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:49 GMT
v2
de.tynt.com/deb/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
f5d83c8d23080d6323e1aa14df00f23d1dd5729dbe59bbbb16368cab271adf1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1576
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame B0A5 		872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
56fdab0a58f4183fc31dd6e88a826e3dd8d8119d1a3354177fe30a8f0e333538

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
872
date
Wed, 01 Nov 2023 18:36:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9614 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43651
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D2BA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:49 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame C9BF
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8102726937115843756&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8102726937115843756&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SWB0079E5G52328A39X0

Redirect headers

content-length
0
date
Wed, 01 Nov 2023 18:36:48 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8102726937115843756&gdpr=0&gdpr_consent=
v2
de.tynt.com/deb/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=SIAB&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
7b9c1d3bc699ae6b65dc768b566335008ec8bc61707a03b620b76c33836aca5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Wed, 01 Nov 2023 18:36:48 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1332
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 26B2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8a447e614c5314611fe4e600e1004207157281e92ff459bed054257b6e08491

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
advPop.&ad_box_468x60.php
fundingchoicesmessages.google.com/f/AGSKWxXQZIodI4k8OaWruwEBcg-f6dx8kM6StZlz89DUKdJwD3sWxaO3UKJFNtwpn-_jyn4fYl-VetjwZhZQnFKZlVx25HRVc0-wBLAmTWKZl9y_5GrYRJZR4q5cMNMYcZgsnnVlofIVxH4XI0RfRscJDCC9CWepU... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXQZIodI4k8OaWruwEBcg-f6dx8kM6StZlz89DUKdJwD3sWxaO3UKJFNtwpn-_jyn4fYl-VetjwZhZQnFKZlVx25HRVc0-wBLAmTWKZl9y_5GrYRJZR4q5cMNMYcZgsnnVlofIVxH4XI0RfRscJDCC9CWepUX8dOzWG1EsKk-86EOBIkyCeTOJqJX1T/_/controller/ad-/advPop.&ad_box_468x60.php?/rightnavads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMznWzSf_iY-a2gnHiHalbVPN-oHkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e877df4e9e2832216107c0deba5ba6cd03b4df7e5e3c2a789aa62cb6439db49
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z_27eZJU-1MI_awqpVX3Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z_27eZJU-1MI_awqpVX3Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMznWzSf_iY-a2gnHiHalbVPN-oHkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 01:38:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 01:38:58 GMT
AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-po1uMiHeIjfJGrzeUvGTag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-po1uMiHeIjfJGrzeUvGTag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://finans.mynet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ckbqREs5qr54oMaKlgYj8u.js
sc.tynt.com/script/sc/ Frame 26B2 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/ckbqREs5qr54oMaKlgYj8u.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5977
status
200 OK
x-xss-protection
1; mode=block
x-request-id
44930f81-ddb1-4df8-a42e-72a037b1320b
x-runtime
0.002395
x-content-digest
809511492e5d2a4d94fad6c4ad28f9b6d7c9c6fb
last-modified
Mon, 30 Oct 2023 14:09:31 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
81f63ed6cae936a8-YYZ
x-rack-cache
fresh
expires
Tue, 31 Oct 2023 07:38:24 GMT
17904993-300x170.jpg
imgrosetta.mynet.com.tr/file/17904993/ Frame 43FB 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17904993/17904993-300x170.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
1e3f0443a552ec84edd37eeadfd51b05ccffbfb6432f4ecde68efade307e4219

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Tue, 31 Oct 2023 08:12:00 GMT
server
MerlinCDN
age
121450
x-midtier
tr-izm-nt-s15
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12606
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame 7B7B 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 7B7B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 7B7B 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 7B7B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 7B7B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:56 GMT
age
177893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:56 GMT
css
fonts.googleapis.com/ Frame 7B7B 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:01:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 18:36:49 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B7B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 04:33:40 GMT
x-content-type-options
nosniff
server
cafe
age
50589
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Thu, 02 Nov 2023 04:33:40 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B7B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:27:38 GMT
x-content-type-options
nosniff
server
cafe
age
43751
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 02 Nov 2023 06:27:38 GMT
l
www.google.com/ads/measurement/ Frame 7B7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrBne6f0GjJNABWgieUUjm5ytiUeiMhknDJaNvrwvzm_-KD5xMQpFmBJPwILBs3DxEf9drtQe85ah9tWh5JZPeHwEyug
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7B7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ9fQwJpCZab3C6yHoPMP5P2LsAuApP3lc-SW09rTEYiU-IezAhABINCAvx5gye6Oi8CkjBCgAd_g3dkByAEJ4AIAqAMByAMKqgSsAk_QVdYW7vYOc6wpcPd8a5rQYloFs0FTXLiC3B_J8sT2FoVIdL5iKfM0Erz-X2mn3wWJ4aaSjsSciTvs_L9i9dlLmOEiAKcgUhjEIuvqkk9wlQsKm52rVnYVIkvTW1tTojcfDB3CsGq3Hm0no0TEvN_xvsLscu5AN0g6E4kue1t0B5_GAFeGMvJ2TMuqZyOwIjxPFiaOcNPkuZ1_BGNQwgpqYxLtiADLZk0v29MLbPcq8dp0yr95HQsQ9nmiU9sZyxI5yI4qAs3c93ms4FkRbcdbN7emceuuo1lehc6au9ulPDwnm24Vi3t757I7boLn7L7V_PDnA-iofKpPUKq1WgtitVDQQsZ3FhdhyByDHU89G_jf3tyk9nHRNtpPyYNdC0fzOhKU7xXnqI8lb8AEkqrc9LwE4AQBiAXb58DiTJIFBAgEGAGSBQQIBRgEoAYugAfE5cjLA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL22C9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mglnaHR0cHM6Ly93d3cubWFnYXppbmlvbi5jb20vYy90ZWNobm9sb2dpZXMtYW5kLWlubm92YXRpb24vQmVzdC1DbG91ZC1CYXNlZC1EaWdpdGFsLUFzc2V0LU1hbmFnZW1lbnQuaHRtbIAKA8gLAaIMDCoKCgjktLEC7rWxAtoMEQoLEKCVuPCTzJu0lwESAgED4g0TCN7Auu64o4IDFawDaAgd5P4CtrgT5APYEw3QFQGAFwGyFx4KHAgAEhRwdWItNTM2MzIzMDA3NTYzMDg0NRj9gRc&sigh=YRfCP_gtsnY&uach_m=[UACH]&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSPADICaaNJIS8GrOTlb3NoPN2M_rOiuRUGwA7RFRWJ9JyyhsfJ8bvloTKJeHqjSHbhgVxuuYSVi1Lm8VFbRgB&template_id=484
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ Frame 8F79 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:2c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:24:54 GMT
via
1.1 adc90318bc35888e7fc939b759b9628a.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C1
age
715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
2jLmDAYhO5kqd3P5ptrTz_ISwawH5B5tpR2M9s2B0oMygQN9qognjg==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ Frame 8F79 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:2c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:18:45 GMT
via
1.1 adc90318bc35888e7fc939b759b9628a.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C1
age
1084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9GoCvjZuQ8XwqfzB80YyQBcNI5_4y802xNJOk95VJo9UETEwtabRMg==
bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js
bid.underdog.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_OpV5lEF_yGayY-MVa1Sz2X7gdWk.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:b600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
363ee3fc6abdd6bc3589155f6e465aa3432f10715859611979bbba8c844cea2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:29:06 GMT
content-encoding
gzip
via
1.1 93fc2e623ef816f1758325680d9e9002.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 18:00:08 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
464
etag
"3373f196f471cbe0a73c8fcf5472055f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
1285
x-amz-cf-id
5Ps_VR8g8NHxdl9OGN71KMc2QBk9wCoEfTP1YfVmYciVWl9jfklEgQ==
rrv7.js
bid.underdog.media/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:b600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
553e3a8daacfc030b0a81a0a5b45c7c37caa74d1f4756998f6664900ea3e10c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 17:48:23 GMT
content-encoding
gzip
via
1.1 93fc2e623ef816f1758325680d9e9002.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 17:30:03 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
2907
etag
"fd3095246294572b4f4bc23e62913975"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
586
x-amz-cf-id
jl0Oz3GhNJiqfvgvGBdtPF0S54uD_maAtYc52IKbD5n9t2_OOdvQfw==
arj
underdogmedia-d.openx.net/w/1.0/ 		175 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ffinans.mynet.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1698863809363&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=8ac557b9-77a8-435c-ac48-14410fdfbe33&schain=1.0%2C1!udmserve.net%2C2816%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C300x250&divids=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-right-300x250&aucs=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-right-300x250&auid=558913440%2C558913440%2C558913440%2C558913441&aumfs=20%2C20%2C20%2C20
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cbe1e40eb35845784dc7be57df5272ca34bd4f7d454aa15aa4a5b2a9206e9616

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://finans.mynet.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.5.0&cb=20140617288
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6f390c4096369c05fa9818a81b248f5452fe0a7d1f9afa65bbd9ca73402710b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
an-x-request-uuid
215bcd87-99e7-42f1-ac9b-33113e773e01
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/1611419386081516714/ Frame 7B7B 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1611419386081516714/2076313506083323656
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcb9f6b71dda409df416d6d3aef266dcbf05c3ce82acd9bcc764edce78c0ee7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:46:31 GMT
x-content-type-options
nosniff
age
96618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51766
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 08:04:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 15:46:31 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3185708770462075603/ Frame 7B7B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3185708770462075603/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77ac795bc58c914311cbbb9f505de139a0bca0e1a7ba8475a519edd27e5ac913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 08:49:14 GMT
x-content-type-options
nosniff
age
467255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4579
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 08:04:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Oct 2024 08:49:14 GMT
truncated
/ Frame 7B7B 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7B7B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
998396080f582dc768d4f8e47661218902e43799f2253aa66d3cfe445bf06bc4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame D2BA 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26261
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
iu3
s.amazon-adsystem.com/ Frame C1FF 		301 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
baaede8a1d4456d899e7790328a699c32ba2bdb41171ba06c60315a80a45efad
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
301
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Nov 2023 18:36:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DZ3YRXD7GQ7TRY4AD9A9
ecm3
s.amazon-adsystem.com/ Frame B0A5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=4b9b55ab-128b-491f-b448-11160307ceb9
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DHNFDC3Y40HBV79MX6PD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B0A5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:49 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame B0A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGI5YjU1YWItMTI4Yi00OTFmLWI0NDgtMTExNjAzMDdjZWI5
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B0A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06...
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0YyVlPbk5VUDGAjAjfq4uHNknqJzZf52DzXNKw&gdpr=0&gdpr_consent=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0YyVlPbk5VUDGAjAjfq4uHNknqJzZf52DzXNKw&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0YyVlPbk5VUDGAjAjfq4uHNknqJzZf52DzXNKw&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1308904
content-length
0
expires
Wed, 01 Nov 2023 00:00:00 GMT
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame B0A5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-store
content-length
0
expires
0
cm
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
1 KB
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=RCIV&cc=2&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b6e9c4e8e9aa03f6e5f73af96f923fa4dfcdc7a94f110df0f233248a1516846f

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
699
content-type
text/html
date
Wed, 01 Nov 2023 18:36:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000C
match
cms-xch-chicago.33across.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1701455809%26external_user_id%3D2ea68917-cfbf-4385-824d-28009b967746
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1701455809&external_user_id=2ea68917-cfbf-4385-824d-28009b967746
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1701455809&external_user_id=2ea68917-cfbf-4385-824d-28009b967746
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1701455809&external_user_id=2ea68917-cfbf-4385-824d-28009b967746
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.2&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZUKawDK.TRds0rU7ur19jwAA%261431
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZUKawDK.TRds0rU7ur19jwAA%261431
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3mFmB17aeR%2Ba8dPeX6BiZGEmsm1dJXvzPSt7%2FO4xLH2jWGMKHhDPTBKdkVKyXeYii%2Bni2dbuIeekctWCHHCA3dfloCZ7sRyRnn5lxJwUn7m3KZCfsqeB3I2sPXL%2BHcxQURNPdecIVfCWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZUKawDK.TRds0rU7ur19jwAA%261431
cache-control
no-cache
cf-ray
81f63eda1e29a22f-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
match
events-ssc.33across.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863808939.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7081728085481991200
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7081728085481991200
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
an-x-request-uuid
5ae905be-3677-4da0-a0b5-814fa6a7637c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7081728085481991200
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ Frame 6EFA 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
7467
etag
W/"6525e1d3-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
81f63ed9eda5a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:49 GMT
ast.js
acdn.adnxs.com/ast/ Frame 5C0F 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Wed, 20 Sep 2023 14:13:27 GMT
Date
Wed, 01 Nov 2023 18:36:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
15717
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
35056
X-Served-By
cache-lga21942-LGA, cache-yyz4560-YYZ
Last-Modified
Tue, 19 Sep 2023 14:11:16 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1698863810.784231,VS0,VE0
ETag
W/"6509ac04-19874"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
192955, 3749
apstag.js
c.amazon-adsystem.com/aax2/ Frame C5E3 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:12:18 GMT
content-encoding
gzip
via
1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-C3
age
1472
x-amz-server-side-encryption
AES256
etag
W/"9c6e4dbac06587ca3b19dfd46a63b2e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ZXQw13Zj2DOdYFDdW-tPiuCalqU5XHizs8v1eJ9eRnerOJqDkr5ecA==
authorize
sic.33across.com/ Frame 6EFA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&gpp=&gppSid=&version=3.27.2&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&product=siab&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Ffinans.mynet.com%2F&referrerURL=&publisherId=ckbqREs5qr54oMaKlgYj8u&publisher=mynet.com&displayableSizes=300x600&maxTouchPoints=0&navigatorPropsCount=63&viewportWidth=300&viewportHeight=600&screenWidth=1200&screenHeight=1600&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=300&pageHeight=600&_=1698863809586&callback=_tynt_jp.a4mtsnjk9
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
f572b706e8885457d01675c991e530a7a2da373c225fd849d0e24a05bce1d9f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"6d7-OaE7mkDKrKdyfamriSjP/+kHRgs"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
activeview
pagead2.googlesyndication.com/pcs/ Frame C1AE 		42 B
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA8YZ5aAPRWBBxTftwU3E7iA4aZgWkoBo14_M5hSBB_yz-egospFEL_JV44lPtsY9Dwf71kxNWlxE0K4WPxg0h0jtQq5SUx6xZVXCXqX-uiFi9HGJ1A1yKYLgPTeuy&sig=Cg0ArKJSzFQ5IMZhueEyEAE&id=lidar2&mcvt=1136&p=216,436,306,1164&mtos=1136,1136,1136,1136,1136&tos=1136,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=293310478&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698863807960&rpt=480&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
7467
etag
W/"6525e1d3-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
81f63eda1de5a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:49 GMT
ast.js
acdn.adnxs.com/ast/ Frame 80B6 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Wed, 20 Sep 2023 14:13:27 GMT
Date
Wed, 01 Nov 2023 18:36:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
15717
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
35056
X-Served-By
cache-lga21942-LGA, cache-yyz4521-YYZ
Last-Modified
Tue, 19 Sep 2023 14:11:16 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1698863810.784658,VS0,VE0
ETag
W/"6509ac04-19874"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
192955, 3782
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6871 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:12:18 GMT
content-encoding
gzip
via
1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-C3
age
1472
x-amz-server-side-encryption
AES256
etag
W/"9c6e4dbac06587ca3b19dfd46a63b2e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dh-GWkwaFii3PZ3o18zqBhi2G26OLEVnhIMiZFLLLAGWVC1t-0LSGQ==
authorize
sic.33across.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&gpp=&gppSid=&version=3.27.2&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Ffinans.mynet.com%2F&referrerURL=&publisherId=ckbqREs5qr54oMaKlgYj8u&publisher=mynet.com&maxTouchPoints=0&navigatorPropsCount=63&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=5958&_=1698863809607&callback=_tynt_jp.a7crni3il
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
6f088dddadb2202e19382dc052bdc61ceb5710257b48a48c055127e66ba553f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"6c5-iSMUkqrceJE0YIT3JaRa59QkVvg"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
view
securepubads.g.doubleclick.net/pcs/ Frame D836 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNXdqmoIXVfeD2gxsx-mqL5nzTJ7ulK8__5OdzFSypv9HEVBgILotwfo2hIsD54uWaLtS9_UuJAn8a_hkoNMYQWVaMCYR1D-0z5JYLhRBS3ZfAnrZ1gmYZEdI-LFITMYV0i8iQBNSdH06GBx7einGnvkdtFsu3lybPAUaOd62MRt_ScIg7XbzjuKGJnm15BAX4EPbDCDNgGCKoRXecS0ySzft-DTRqy5P4Xo842lKvDgH1L3y5jedaYGO6QvPb9kudJYf999_rWRGtFIZzdccVGKw49IDQb6jKYPbi2iyyL5B3jR8nG5D13UG9zwfNnt0uJWxe066M1M-88FeiBJHMZZm0oJfDwtp-5oItCXv-BZC6OJ9XRbNCNCL4wBXhFLmqe0s&sai=AMfl-YRdn0xXI3WAzSmT-ROC2_Upa6Y1RqK0ZqyVz13VCeOgA60BxTpPkiAgITHkTY-WQAG9RlVbnUL7ZOCjiZYHD6Nmsoaifqt5oWjUZZWSOMUYCHk_9-JGLQ_PnYR3jA9YQ8iAb8EmL-XqnZ6-Ndzt&sig=Cg0ArKJSzBU44JtH6xF0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:49 GMT
AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ofLxtmxYsvRvTex54gXJuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-ofLxtmxYsvRvTex54gXJuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://finans.mynet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B7B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:04:12 GMT
x-content-type-options
nosniff
age
502357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 23:04:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7B7B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:12:48 GMT
x-content-type-options
nosniff
age
494641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 01:12:48 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame 26B2 		450 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
8c004a719b3ab79e4d0a55e688ffbbcff101d18808aa93717181e9d9ebc58b33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
10447
etag
W/"6525e1d3-707dd"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
81f63eda4e32a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:49 GMT
AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5AUZzXgjuvO5N_TEqHR8MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-5AUZzXgjuvO5N_TEqHR8MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXgDPMzsrgQovbGIsessc-zxZ4pnUDpFbLeoGI6WDV63pEiDnSgXdM_MNGWUX6P5VpgYSTwaOQPTZeOHf-3MSuvc3Pq9SEz9DRmnJmvW8BwHIn6GVPTT8aiRwJSzfpiHEB1WYhVHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MIdpAN_7AbIEAwDQmNl2LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MIdpAN_7AbIEAwDQmNl2LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://finans.mynet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0xwzyyExwUS7lobWyRJVlA595IHqM-wbKcMW1IE-Q7Sf_WKgpdW5_EjVAx5WsGVZmRr_cgtWnsX72rSqZjAlbul8MmUa275GDDh2n_GXHirf9GA5rsMqp7qB5UqXWvuvCT8dXIA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW0xwzyyExwUS7lobWyRJVlA595IHqM-wbKcMW1IE-Q7Sf_WKgpdW5_EjVAx5WsGVZmRr_cgtWnsX72rSqZjAlbul8MmUa275GDDh2n_GXHirf9GA5rsMqp7qB5UqXWvuvCT8dXIA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4ODYzODA5LDY0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9maW5hbnMubXluZXQuY29tLyIsbnVsbCxbWzgsIlZ1Y2xrU05EanpRIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
467f375a3dac802234e287ff0b70b3b409f0bf10807843847c962f04735273cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-noKhpkWWt8aYDhKj9fg8eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-noKhpkWWt8aYDhKj9fg8eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
batch
services.insurads.com/dfp/mapping/ Frame 00B8 		955 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%2228687765/mynet/finans/kule_sag_120x600%22,%22eoId%22:460955805,%22advId%22:50487405,%22w%22:160,%22h%22:600,%22eId%22:%22main_mynet_finans_kule_sag_120x600_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863809524
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0d40fab9a6c3b8defb700d3e7f3453127f9fdd7ac9ef13b7bab1f253b5ba42fd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 9614 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53449414&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cafade4a0038de9cf59d612ce86d71405c1db0ba1b9c6c6c625e921b12ea14a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 01 Nov 2023 18:36:48 GMT
content-length
1731
content-type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame D2BA 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 9F72 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx2.adform.net/adx/ Frame 9F72 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9F72 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:49 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F72 		343 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,edcd024148e896f656d9,1,,,&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863808807&tk_flint=pbjs_lite_v7.19.0&x_source.tid=eb6be268-d2a2-4b59-909c-4385168aa4d3&l_pb_bid_id=817ae546ba5b5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3631071342173
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
014fa470d8576c402af064029e005b19ffb4ed610bb281d7b52857d07bafb6c1

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9F72 		19 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
an-x-request-uuid
bd0de25c-913f-426a-b5ec-86784351ba1b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 9F72 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 9F72 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=59527050019&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ Frame 9F72 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e140552958d0836f76bcaef3a9a9707588d21cc8f990927cc90b037d460d93be

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:49 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://finans.mynet.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
/
shb.richaudience.com/hb/ Frame 9F72 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 Wilmington, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Economy&us_privacy=&random=1698863809018.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Economy&us_privacy=&random=1698863809018.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MldiQk9LLUl5bTRKT25WRHRCc3pPa2lGNEJJaFdTWDdHWTFJckhQbnQzVFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPmdqZs1e6eq5xH0p8PKLoU&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPmdqZs1e6eq5xH0p8PKLoU&google_cver=1
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:50 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPmdqZs1e6eq5xH0p8PKLoU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2&expected_cookie=5f1e54dc-d96f-4b5e-8365-d330c38dc637
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2&expected_cookie=5f1e54dc-d96f-4b5e-8365-d330c38dc637
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 39099F070D3041458E73C283655A8932 Ref B: NYCEDGE1619 Ref C: 2023-11-01T18:36:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJG43teOp6liVabfczuQ==

Redirect headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2B61E63012AD4E1D9FADA1B9E59D53A2 Ref B: NYCEDGE1619 Ref C: 2023-11-01T18:36:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=15927&puuid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&_rand=1698863809018.2&expected_cookie=5f1e54dc-d96f-4b5e-8365-d330c38dc637
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJG43pI5qFALrzKvzjPw==
pixel.gif
load77.exelator.com/
Redirect Chain
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&us_privacy=&random=1698863809018.3
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&buid=0&buid2=212330338063484&random=1698863809
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=ckbqREs5qr54oMaKlgYj8u&buid=0&buid2=212330338063484&random=1698863809&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif?UID=15ed04f149c3c739af77e6e46816018a
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif?UID=15ed04f149c3c739af77e6e46816018a
Protocol
H2
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 01 Nov 2023 18:36:50 GMT
x-age-lb
905105
x-77-cache
HIT
x-accel-date
1697958705
content-length
43
x-77-nzt
AZySJBY3Nzf/kc8NAA
x-accel-expires
@1698995505
x-77-age
905105
x-cache-lb
HIT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
1e192d08342eeefcc29a426562241618
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif?UID=15ed04f149c3c739af77e6e46816018a
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
2ea68917-cfbf-4385-824d-28009b967746
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&ts=1698863809018.4
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65429ac122e23100018f0cc4%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/an/7081728085481991200?ch=65429ac122e23100018f0cc4&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/2ea68917-cfbf-4385-824d-28009b967746?ttd_puid=&gdpr=0&gdpr_consent=
0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/2ea68917-cfbf-4385-824d-28009b967746?ttd_puid=&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.243.79.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-79-242.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/2ea68917-cfbf-4385-824d-28009b967746?ttd_puid=&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:50 GMT
server
Kestrel
content-length
229
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&pcat=Economy&pdev=&pctry=US&referrer=https%3A%2F%2Ffinans.mynet....
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D20212f60-3090-4066-...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316567025533345&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D20212f...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&pid=500040&it=1&iv=20212f60-3090-4066-ba12-9907ff511e0c%3A1698863810.178902&_=16988...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902&pid=500040&_li_chk=true&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff51...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902
42 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1698863810.1809328&iv=20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902
Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&random=1698863809018.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcd4d6cd0-d133-41ed-95ce-4459e909b2d6%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%25...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Protocol
H2
Server
54.157.9.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-9-133.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
beacon-n014-ash-prod.krxd.net
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1698863810
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Wed, 01 Nov 2023 18:36:50 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a021-ash-prod.krxd.net
mapuid
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmVCmsBn4xieBGZVAg%3D%3D&us_privacy=&random=1698863809018.7&pu=https%3A%2F%2Ffinans.mynet.com%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212330338063484&seg_code=33x&random=1698863809
43 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212330338063484&seg_code=33x&random=1698863809
Protocol
H2
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
an-x-request-uuid
31c83466-13f0-4c0a-8833-4570383a2dc2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212330338063484&seg_code=33x&random=1698863809
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 8D21
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=SIAB&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:49 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 01 Nov 2023 18:36:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4187
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1698863809033.6&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=ckbqREs5qr54oMaKlgYj8u&dn=SIAB&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffinans.mynet.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43651
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
match
events-ssc.33across.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2f563103-0c1f-4c62-9f7b-4f469acb0125
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr%7EA&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr%7EA&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-1x2QlQJE2uHt285t1IOQlDWpqWDb5MZr%7EA&ts=1698863809&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=12b0ec8e1dee04c2&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMzWd-H6meeQNu_K7tAAAAAAA&expiration=1698950210&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMzWd-H6meeQNu_K7tAAAAAAA&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMzWd-H6meeQNu_K7tAAAAAAA&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMzWd-H6meeQNu_K7tAAAAAAA&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=132091664134189312048
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=132091664134189312048&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=132091664134189312048&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=132091664134189312048&ts=1698863810&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pr
s.amazon-adsystem.com/v3/ Frame EE41 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d1ae713ab73bd613d74ddb6785c710666b603bb9d7de5bd94148f36242516ee8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1118
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Nov 2023 18:36:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JMS7JQKVN4BFZ0DHAPMH
17832300-300x170.jpg
imgrosetta.mynet.com.tr/file/17832300/ Frame 887F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgrosetta.mynet.com.tr/file/17832300/17832300-300x170.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.55.194 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1007904.ip-135-148-55.us
Software
MerlinCDN /
Resource Hash
a504d9a540220578a7e4a58dbc120ca6372bf3743e0a530f8f1f1fbf8f1b8e73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
via
HTTP/2.0 Merlin CDN
last-modified
Wed, 01 Nov 2023 05:32:10 GMT
server
MerlinCDN
age
45512
x-midtier
tr-ist-shy-s03
x-cache-status
HIT
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
us-vga-ovc-s05
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5050
prebid7.19.0.js
hb.adpone.com/ Frame 645F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=sxjbhtuoer&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQRbFHCF%2FwZrvZpOxNb52Q%2By38L62Ssofj4iJB8l7L5p3sJHTbLO5M9OtN4PTy8%2FVX34ZhornDIZHmRaROmP9zJq%2BQTZlJI9wWTzVkwgNMB2Z3LZGAu5A9b%2Bek0CA%2Fo4ZGWCTKk6a6k5YmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edaeb704bc0-BUF
prebid7.19.0.js
hb.adpone.com/ Frame 92A3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=zhjdhvwvsh&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yW6DyWHMfi5J%2BjSmm3h3YY99CztkiUPB0O%2BcYXcIU1cFQkp1RBMXRaDuS%2Be4LsbuU566YEMboDjP1QJ8CBWuF1fZzuQBrBGW5jM2yjJHafWrY%2FtKzAuWi%2BvRczFEZm%2BmS%2B%2BtuvePTQXqtvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edaeb714bc0-BUF
prebid7.19.0.js
hb.adpone.com/ Frame 3BB2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=ffpkd&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK4z31nbHPxgJigNZt6%2Fd%2B6ee9x%2B9SbmuuQVqvnzOcjGlhPh2JiVDqzx9fj5hQSN59cZ%2B7uF8HNnLWWfCdVbDbZnc529Gc626Zgxzg8amcaYApkaH4CUgBVsdDHr%2BdwpYBZSpsILm75WVyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edafb724bc0-BUF
adview
securepubads.g.doubleclick.net/pagead/ Frame 5134 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx84mv5pCZZLZC8iHoPMPkeSK0APh2-X4c9qDmYbtEfLy1rLFARABINCAvx5gye6Oi8CkjBCgAcj0xcYpyAEJqQLuOUUPO_V3PuACAKgDAcgDCqoEvgJP0J35jJkblFKkA_7RLuvsRA2zYS768dwSZZbFPJ1rkGLyV0LJhOwl4GLKE4SyZR8YCFSzgU4YKnqC9YQ6_1uyeqImkzeF80X1mCvSgQ75jEa-98GPjC5Pd5e_VI6qHo8DxZyplIc632Gg3mcWHJPrYcGwvf6G9d3INtqwxx7eoUQkoHc70Ku10FSXoOMFnvIgWqPAIlZJfc6T82E6m3P3ylRczJMx_9dfdTHqMEnGUNXJDLPLL5tFVZMEZ6lxujfiKadCocMk8DYrIoUfXxJdPOomBIUecVstphPL3VjdWDxHXIIFBRZLqtz7d0YAnkobzGUtZ464TFoGHIu-DAnLqbQkrStdSmVwQoP8B8fAULyjPyrpSfQELlrzSYIficim3S7kNWHaNIy8r8OLXKmu6M6yi-J0e4R0s-dNQqbABInaj6a1BOAEAYgFvOKNmkySBQQIBBgBkgUECAUYBKAGLoAHwees5ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD6_gbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJiAFodHRwczovL3VzLmZvYmx1ZS5jb20vZHNyP3E9M3JkJTIwcm93JTIwc3V2JnJhYz1TZWFyY2glMjBmb3IlMjAzcmQlMjByb3clMjBzdXYmYXNpZD1mYl9jaDQyNSZudz1kJmRlPWMmbHBpZD05MDA1NTMyJnB1Yj1maW5hbnMubXluZXQuY29tgAoDyAsB2gwQCgoQ0NP-_YGnha0tEgIBA-INEwi_uPjtuKOCAxXIA2gIHRGyAjq4E-QD2BMMiBQD0BUBgBcBshceChwIABIUcHViLTUzNjMyMzAwNzU2MzA4NDUY_YEX&sigh=E9q97V5Jwyk&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaN7_VUPEq0aj4q-OeycCV76iMriDlWb0kTgng6mcWFArwOMdT8LTqlhEAFhPvXi6HoPYCcH-cbHwLUA4a5eOKFkROdTKvlItEYAQ&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
prebid7.19.0.js
hb.adpone.com/ Frame F0DB 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=sthrrp&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oLkN5ZcO2oBkXeDNGnD9WJOJOBLImHktGX%2FPHQqWpld9OymCW%2FJ%2Bo9hztl%2BZQjCn5KHcWXG%2BoqbLb%2F56WEZgCsEo3VHK55Hu0cpNpEOWIpvFUN2HSeS56cdajhlyCwleZM1mIiH9dvim9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edafb734bc0-BUF
prebid7.19.0.js
hb.adpone.com/ Frame 8F1E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=lsbjrbnd&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGKxxS7ijKMyALkZAuz0Ex9PR3ZlKPShRHJtYm4%2BvlFWIbfIWmzhp7wWOesUB06Pes8P3vcTj3%2F0%2F4TwL6PwM9F1w5gCTTvqq0FNgn4d2Y4pxgNEoTKjTD814e27SAMuLWct57ESEVT6Fhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edafb744bc0-BUF
prebid7.19.0.js
hb.adpone.com/ Frame 9114 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=vkhlmwwqr&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDvYopvBaHhOpHVlqbZOCMjsCGnZ6ysoXISQwCZoAnTCKs4C8r%2B3gUT7OUOlUrXe5Ga7%2FE5xvxwW0vIIyhS8FUg3HoSAe8iXTaJX7I1jC7yitoScX9lxDi%2Fn0rDAoNksose34XPoeh%2FEpDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edb0b754bc0-BUF
prebid7.19.0.js
hb.adpone.com/ Frame 79DF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: windsplay.com
URL: https://windsplay.com/r/p.html?f=jjeunqqsy&e=1054109728935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://windsplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8PT664M62A7R4YVQ
age
5554
x-amz-server-side-encryption
AES256
x-amz-id-2
AJflgpnI3nbVzzVPSFsZZ0HhW0/jzX/W7hHqYPNKv8240wUAvsCkyHcmqS7j/MtC66hTVbTLVd7Ektuj4+8r8g==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaJ79YLgWHEFrZ6kZSflOE9W2lWtyO9Mhn1%2FrpF8%2Fsu4bzZ4KHNdl%2Blm5fOTj0XjvAzP5kS%2B3UxcuO9BJRXr2SZG8fgYTR0LRoBlgnX57nwIIK2LrPB1vuQ7q57w9O6pbtqXylJxwhN1qok%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81f63edb0b764bc0-BUF
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		454 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6ebd8786a26b2f08364398d3140eb89c4b03706c2f68b3f9b820b304c749b80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
img.fetch
udmserve.net/udm/ Frame 76D7 		0
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14018;tid=2;dt=7;p=1;rri=1698863808336_273629_96.9.249.40;mid=48164;zzz=%5B48164%2C1698863808%2C%22HhAgpMCP%2Fe4sIu73hzSUCw%22%5D;version=v2.22.3;cb=0.6683716325592741;qqq=12.401695346550023;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
application/x-javascript
Date
Wed, 01 Nov 2023 18:36:49 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
afr.php
ads.us.criteo.com/delivery/r/ Frame FC8B 		50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
79f735dd561da3568a320dfa48b941156b06814e343942f55b2ef7e4a214d5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=5l1d1GSE5ZRYpHrwQ2hTE2Oe_ApkxUVDZxldsehkJ5AdK9MsMZzZsWgU_2Im1lqf2wM41AVOTP3XANRi2CiEMHhLXoWI-yPUgz3QDTfSt3hI3i0h7FfVhoEwcvRNO09IaJppNn_GrCq0nrWJLOyB6YNFMqk2asrLVwi5hEYyU52lnRwfWgIeGTB-q9iVGkC-2Lzqj_vV93QA8zhncBlENyFA6vyPTdvOY0Z-3iJTwH-4mrBhbAjvJcpGRTrpTah-idmSSA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4772982
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tpd
cat.va.us.criteo.com/ Frame 76D7 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/tpd?dd=9vEMql8zMDZ5a0JlJTJGdE9GMkVMWGRMSnVvTWFDVDBlQ1RkTGpRT2pNdlloVHJ4bDN0RHNkRkN4blVUZnNTJTJCcHBFRXlhRWNCSnkzQTRaUGVVcTNhOUlZeGlqOTRIMFlUNjdRT3ElMkZxYnRpSndrZWxvOFFGMThRRkVTTCUyQkJHR3NicWdyampLRUZEVTZaaVZXdHFUdnlNT2VoN3olMkZ5bVlpaXppMGxKd2VkS3N4dVAxa0cxWjF0N0JoMzZrVXF6NFElMkIyRVlaRWZ4a2s3cUYyaXJBcHR4cUhJRkZXYjNQQ1NQWSUyRmNTeXlyJTJCVlR1MWY4V2dyZXBwdkRQN09xJTJCQklCJTJCeTZkRUQ4enprbWRlVWE4Z3Y2RGJrZ0h6UkJ3ZnY0WCUyRjlHOEFsdTRHNTAlMkI0RVNTRkNuQ2F0MEZpazd1eGlJTzRrVTFZamVYT01NTGc1OWFrYXZRVzRZRlVFdHAzd1h5eGhBWlN3dUhiclFyYXRQekM0aGJsZVRoa2RXJTJCeG9DMnF6bEdIc3hxT3V0JTJGaTV6dUtlTUpDZUVXa0Nua2pZSkVQQTNvdnJmOTlFeDh2WENsM0k4RHhjbDRkVXo5VGtmS0w5JTJCNGxnJTJCJTJCSG96UVhIdyUyRng3STRzWkw4THVZdndNQSUzRCUzRA
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
199145
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
match
events-ssc.33across.com/ Frame 91FA 		68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=2aebad92-db2c-4e24-891a-1aa29f8996d8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=430e9519-57dd-4285-93b8-8e3371ef0ab6&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZUKawpvqYhA8ClhACcBne1ob
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZUKawpvqYhA8ClhACcBne1ob
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 01 Nov 2023 18:36:50 GMT
server
Aorta/20231013.3e27223b3
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZUKawpvqYhA8ClhACcBne1ob
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
db5091757e6b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 91FA
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=g9YrwKwhx-UDWVnFRsQ-PQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=ec13e11d-fd99-437c-bc7d-26cefe5834b6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=ec13e11d-fd99-437c-bc7d-26cefe5834b6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=ec13e11d-fd99-437c-bc7d-26cefe5834b6
Date
Wed, 01 Nov 2023 18:36:50 GMT
Connection
keep-alive
X-CI-RTID
5e945d0e-ebdc-4edb-a05d-0a1aa157521f
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 91FA 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=5afed200-5ea0-434c-afcc-8da4a651c58b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 91FA 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=72442275-ddcd-4482-b60a-d478027ef0ee
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 91FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMDk0NmRlOWEtYzhlMC00OGFiLWJhNTQtOTU4MWFjNDY2NTVmEAAaDQjCtYqqBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&rand=08654148
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&rand=08654148
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F204A03D7B184DFA8CCCBBC37B6D0AFA Ref B: NYCEDGE1619 Ref C: 2023-11-01T18:36:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJG43xv0kL63+ZbLwaoA==

Redirect headers

date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=c9c9826c2e7f3a2e9d4028a0eddc077816e66371f582d599bb09f98267dde12c791426b5417dce21&rand=08654148
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7081728085481991200
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7081728085481991200
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
an-x-request-uuid
5c8d91c0-9a14-4bc4-a538-6d9d9214dd94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7081728085481991200
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 91FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZUKawgAAiz1TOgAU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUKawgAAiz1TOgAU&_test=ZUKawgAAiz1TOgAU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUKawgAAiz1TOgAU&_test=ZUKawgAAiz1TOgAU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4537-YYZ
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698863810.175889,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUKawgAAiz1TOgAU&_test=ZUKawgAAiz1TOgAU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame D487 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WpbWiw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync-external
sync.outbrain.com/ Frame EE41
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://sync.outbrain.com/sync-external?uid=JRGHLFp1m5yWjqBkUI_1&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
0
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 63C9 		768 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
c97a7c8ce188c7ba915e3cb8ac312493144ec9cae44adbb94559487fc1c878f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
768
date
Wed, 01 Nov 2023 18:36:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 33B4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43651
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DBAB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:49 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pixel;r=1378120478;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Ffinans.mynet.com%2F;ref=https%3A%2F%2Ffinans.mynet.com%2F;uht=2;fpan=1;fpa=P0-821405147-1698863809239;pbc=ebc7ac45-f26b-4892-b288-1e4618d...
pixel.quantserve.com/ Frame 8F79 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1378120478;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Ffinans.mynet.com%2F;ref=https%3A%2F%2Ffinans.mynet.com%2F;uht=2;fpan=1;fpa=P0-821405147-1698863809239;pbc=ebc7ac45-f26b-4892-b288-1e4618dd8fc0;ns=1;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;d=mynet.com;dst=0;et=1698863809825;tzo=600;ogl=;ses=d2b0b7f9-4910-4acc-a84a-e7c436bca26d;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1080637253;labels=edge.1%2Csid.14018;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Ffinans.mynet.com%2F;ref=https%3A%2F%2Ffinans.mynet.com%2F;uht=2;fpan=1;fpa=P0-821405147-1698863809239;pbc=ebc7a...
pixel.quantserve.com/ Frame 8F79 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1080637253;labels=edge.1%2Csid.14018;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Ffinans.mynet.com%2F;ref=https%3A%2F%2Ffinans.mynet.com%2F;uht=2;fpan=1;fpa=P0-821405147-1698863809239;pbc=ebc7ac45-f26b-4892-b288-1e4618dd8fc0;ns=1;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;d=mynet.com;dst=0;et=1698863809827;tzo=600;ogl=;ses=d2b0b7f9-4910-4acc-a84a-e7c436bca26d;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C430 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92da3562ef937a25a6361ca56785b824bbfaa63ea9c56a311223547dd1135bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31373
x-xss-protection
0
server
cafe
etag
102 / 19662 / 31079371 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:50 GMT
exchange
ssc.33across.com/api/ Frame 6EFA 		141 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
81d50b42dbcb38e18e0cc3384f8d06e8e58279ab956763619d629432c3a23a56

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 60A7 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce2263e7282dc2cebc6c9214fcf60d867ab9f2fe28e28c3cd87642ad768992ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31349
x-xss-protection
0
server
cafe
etag
539 / 19662 / 31079321 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:50 GMT
exchange
ssc.33across.com/api/ 		141 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ffb5bd74bf660b05d3f9f247429f108c6e0c5b8796b34d5d5e458af6f5a4d53a

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame 80B6 		292 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
899e983bd5904ba304f7a97a5f553e79089875640b3d9a6c59d7de4c3f61dde5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
087257a6-2cf1-4df4-aea5-3352873e2e5b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
292
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 80B6 		19 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
0914c136-f323-4820-a526-1b3ca1387fcc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 80B6 		292 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2d2a5e993bd96fa97e0be46776dd666f8b95f6efff965d5d9c2c5fd01faade2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
382ebac3-bbe7-49c4-9fe0-a23b2fe89498
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
292
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6871 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 00:52:54 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
63837
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
aLm0iqmIl7Z8t4jMZvjoUnqRL_nPmnBkNSFxleOgfsEdljDu2C2jdA==
dcm
s.amazon-adsystem.com/ Frame F854 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H6W0SJ80H7QNVK6PFY4Y
ecm3
s.amazon-adsystem.com/ Frame CBB9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8YYN14NPRFHAFQ40XX84
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9614
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0kTWts-rSpCl5etpCC0t3w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43650
accept-ranges
bytes
content-length
5606
expires
Thu, 02 Nov 2023 06:44:20 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9614
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcd4d6cd0-d133-41ed-95ce-4459e909b2d6%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
a01491be-5a73-4bb5-97ff-7a34f0c1f872
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7081728085481991200&pt=cd4d6cd0-d133-41ed-95ce-4459e909b2d6%2C%2C
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 9614 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 9614 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 9614
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH36tXgCq2h_s4B970pucpM&google_cver=1
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH36tXgCq2h_s4B970pucpM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 10:51:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH36tXgCq2h_s4B970pucpM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9614
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 10:52:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 31 Oct 2023 18:36:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9614
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
42 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:50 GMT
server
Kestrel
content-length
355
D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9614 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:644d:6614:5b6b:ed06 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 9614
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ekn1w95E2uVGS6fgGM6IyMKnjalHIVA-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ekn1w95E2uVGS6fgGM6IyMKnjalHIVA-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:52:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ekn1w95E2uVGS6fgGM6IyMKnjalHIVA-~A&gdpr=0
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C5E3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 00:52:54 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
63837
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zFWtk_q9NM90kypJavhcqtOIpwyEVGoimiGq-1JmXGIQ31TcsASpUw==
ecm3
s.amazon-adsystem.com/ Frame D2BA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LOG3NB0A-E-2RSZ
  • https://s.amazon-adsystem.com/ecm3?id=LOG3NB0A-E-2RSZ&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LOG3NB0A-E-2RSZ&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SFW6CW1FPMJWZQKSR3GY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LOG3NB0A-E-2RSZ&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 645F 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 645F 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
881384880bc84b6e2998e914732f05e8cecf82f877f1603ad12812b0132ea64e

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame 645F 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 645F 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=11916025280&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 645F 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx2.adform.net/adx/ Frame 645F 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 645F 		343 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809705&tk_flint=pbjs_lite_v7.19.0&x_source.tid=75bbdfc1-c603-4b44-b728-1680748f4a8e&l_pb_bid_id=149bc1d4ba74a35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42868391402252537
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c5d0a0f766a01e023e4a7d2fcbc881167bdd5dc6c964aecc648b51b5571f5165

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 645F 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
11279e86-b051-4bf3-a6b3-250454521371
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA%26u%3d%24%7bUSER_...
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3A%2F%2Fssp-sync.criteo.com%2Fuser-sync%2Fmatch%3Fp%3D8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA%26u%3D%24%7BUSER_...
  • https://ssp-sync.criteo.com/user-sync/match?p=8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA&u=AAAPVk7KhTYAABiwBT8Rtw
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA&u=AAAPVk7KhTYAABiwBT8Rtw
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=8H6Oyl81czYwSmhVaTlRc0syJTJCMkZzbmJjRWtOTFloV2dCM2ozQzFHUSUyQmVScnZwZyUzRA&u=AAAPVk7KhTYAABiwBT8Rtw
Date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=ZKhc8F8xMjJCb3pKbk1sWTNsMVh5Y2JoYUtRNFdsVkVzQXMlMkZhZTFvZjFJTzJacmslM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-KoKQZfbk5VUDGAjAjfq4uHNknqKl...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=228b581f-144d-494c-bdd8-71fc6775964c&ssp=criteo
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=2f563103-0c1f-4c62-9f7b-4f469acb0125
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=&u=2f563103-0c1f-4c62-9f7b-4f469acb0125
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=&u=2f563103-0c1f-4c62-9f7b-4f469acb0125
Date
Wed, 01 Nov 2023 18:36:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame DBAB 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26260
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 63C9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=4b9b55ab-128b-491f-b448-11160307ceb9
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FTCVXN4CTGP6EYFH3DD6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 63C9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:50 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 63C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGI5YjU1YWItMTI4Yi00OTFmLWI0NDgtMTExNjAzMDdjZWI5
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 63C9
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=18b38ed2fadf2409&is_secure=true&networkId=44410&version=1&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAMzWd-H6mefgNyjpw_AAAAAAA&expiration=1698950210&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&is_secure=true&g...
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAMzWd-H6mefgNyjpw_AAAAAAA&expiration=1698950210&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAMzWd-H6mefgNyjpw_AAAAAAA&expiration=1698950210&nuid=4b9b55ab-128b-491f-b448-11160307ceb9&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 63C9
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1mZWU1ZjAxOC1kYzY5LTM4M2EtYWYzZS0zNWVjZDhjMGFlMzQQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZmVlNWYwMTgtZGM2OS0zODNhLWFmM2UtMzVlY2Q4YzBhZTM0MgEYOAE=&gdpr=&gdpr_consent=
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-store
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 8D21 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26260
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
728x90.png
redcarpat.com/a/ Frame 91B2 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/728x90.png
Requested by
Host: finans.mynet.com
URL: https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.183.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-39.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:01:37 GMT
x-amz-version-id
WwIpDV_THpmhOWIOgeg7VsMLk6b5x1Xa
via
1.1 8cbce2a7c38703c3c025e8002fefb9bc.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:31 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P4
age
27314
etag
"cba20ee20997190b39756c05abd61f7f"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36623
x-amz-cf-id
XEE6OMzRwUKjcTds4cISUZ669mf4UvIVGm1t3ZReAb0VKP2odR9X-g==
view
securepubads.g.doubleclick.net/pcs/ Frame 6EFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3ZO-iEgcefBFN-n_ADDCpSvw6Vrwnem_X3FiaXM_3C8EgMbEWRiAJObPXqve5cxtxjZaDrpFB1SJTBkTSp7qDnPeu8-XjXmCmxzmt6p-8AxrVZTff9h_XUXl9aPLxUIxEQxO2lUVzGj0IiEC34t0u5BKKyBNrCK_IP1vLgJQvWrkg-n08kDM4ui1ff1uXQfsECimd0B0xQjfEnExxuMbHO1kuG_n6XRjAnW2ZQzsm8Q_fEJJ56C1cYYzFQnzt9g7ZanUYxod9HB15IMuYaBrB6BQZL2rGoKi0-AKqolarTdjaA6JQqKN0oXyqLaDetAuZlPsA3d5UtnyIi7jV2CJZ50wmzjsrAKbi4sxrIPuuBlwvoW_mPEZhgvvscU3PTJg&sai=AMfl-YSoW_yUkSK8Xi5vItMWKwIYj4eB3yFfMY3F0RCDH2yYmYUTH0r7250TFC4ZLzPObtafUyKOkHPFj6NBYTqf6cbnelX3HVW44o3FeKoP_O21c6kMmJSd0-nJNeasQyX2PjKvnVKr_ViBbBTV9bDD&sig=Cg0ArKJSzJztMGFLDL7DEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:50 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame FC8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 18:36:50 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame FC8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 18:36:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FC8B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 26 Oct 2024 18:36:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FC8B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 26 Oct 2024 18:36:50 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame FC8B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=p_c2KQbShqT3j0gKkKa28QaIYdK4lIPwtVDcQG9AWxffZdbSZz9gQU8X1wqURhWdwGoMqM4yW_WIyEXILg6mO_QCpDhQw5Xj0pOY2BVl3zhSKqqG0Us2IvohOc_PLd6ppoEpdIpNbjYOriw22a2nXKn3ks7fr8tD_VLney9ggdU5KGeoQYv-B5Vcq6HLvVWZqOF9Ia_V2Zr_4hNQzEHB_uBZyeXcghNjioiKL531_0zK1IAfM_QCfild09RcbgmJFke8d4hF5ZUkkWgS5yDJYS_bDEnyzvCgkQtDaaTjXN4bZZq6uHutqM7psPLdBDgBFAzBbwAIVr762vi_uUit9Y7AwQh_H1fSEfTw57voeXhL4OgiNHmGyfZQxSTJooz9AX0SxxoH6mM5Mwww9wjJSKAD_db0MXzzMSnnNNHernkaayKN2rjzvI0W816ryYsh_jZvWA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4106653
expires
Mon, 26 Jul 1997 05:00:00 GMT
32ffa93156804522adecd2e52c83dfc4_image_ad_300x250.png
static.criteo.net/design/dt/99525/5060777/ Frame FC8B 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99525/5060777/32ffa93156804522adecd2e52c83dfc4_image_ad_300x250.png
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
559d912b382911480e0c82b0e384e099d5a8511505ba5b657d7fd5504cf7408b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 13:06:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"653bb5c8-147b4"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
83892
expires
Sat, 26 Oct 2024 18:36:50 GMT
AGSKWxWs8stX6Q4lTKtBUo4nE8uurAW461j6EAC00nZbUE-3fODU32l60pniQiqcyZk-2VKQGtn-S9pXVkXTcOIm4i_2Y8SU6G-XSnePXzuXec3SkAzf6UvXwkjvugJAt530LGI6rS65LQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWs8stX6Q4lTKtBUo4nE8uurAW461j6EAC00nZbUE-3fODU32l60pniQiqcyZk-2VKQGtn-S9pXVkXTcOIm4i_2Y8SU6G-XSnePXzuXec3SkAzf6UvXwkjvugJAt530LGI6rS65LQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.VuclkSNDjzQ.es5.O/am=CAM/d=1/rs=AJlcJMyyDPYBMX6mZ62pmzBLAAJ_HIlxTw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-If3dP4DHRfxmoygrgG4EmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-If3dP4DHRfxmoygrgG4EmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://finans.mynet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ Frame 26B2 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 23:44:19 GMT
server
cloudflare
age
7468
etag
W/"6525e1d3-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
81f63edebec0a1ec-YYZ
expires
Wed, 01 Nov 2023 19:36:50 GMT
ast.js
acdn.adnxs.com/ast/ Frame 079A 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Wed, 20 Sep 2023 14:13:27 GMT
Date
Wed, 01 Nov 2023 18:36:50 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
15718
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
35056
X-Served-By
cache-lga21942-LGA, cache-yyz4521-YYZ
Last-Modified
Tue, 19 Sep 2023 14:11:16 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1698863810.366751,VS0,VE0
ETag
W/"6509ac04-19874"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
192955, 3783
apstag.js
c.amazon-adsystem.com/aax2/ Frame 143C 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:12:18 GMT
content-encoding
gzip
via
1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-C3
age
1473
x-amz-server-side-encryption
AES256
etag
W/"9c6e4dbac06587ca3b19dfd46a63b2e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
HglB99U1U4ijaA4uuvKpktfCUd-nH2y57FM4AK2EIWUFSdWK2gx7RA==
authorize
sic.33across.com/ Frame 26B2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&gpp=&gppSid=&version=3.27.2&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&product=siab&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Ffinans.mynet.com%2F&referrerURL=https%3A%2F%2Ffinans.mynet.com%2F&publisherId=ckbqREs5qr54oMaKlgYj8u&publisher=mynet.com&displayableSizes=300x250&maxTouchPoints=0&navigatorPropsCount=63&viewportWidth=300&viewportHeight=250&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=300&pageHeight=250&_=1698863810360&callback=_tynt_jp.a2pos6zqg
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
cca2431341601875c2bbd7a98bce59e4f2d76e56d3b27272626271a4a24b5062
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"6fa-inJ3hhfQTfjbm+YaNK7fAXoYE8g"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
translator
hbopenbid.pubmatic.com/ Frame 92A3 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 92A3 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 92A3 		343 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809708&tk_flint=pbjs_lite_v7.19.0&x_source.tid=326f4c85-3fd7-43cf-b812-bff4778098d3&l_pb_bid_id=6ebf0e94103294&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8854310733202331
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c9dd5c7281651a302c06927e287e478446a89d66db9c8740eeb6209ba7818621

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx2.adform.net/adx/ Frame 92A3 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 92A3 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 92A3 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
eac4e49a2344d78231c321ecd762f42ddc8065135b159d7a6ee833806980e46a

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 92A3 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
a3bd4afc-641e-494b-8f6f-72d992bc1778
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 92A3 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=29972253426&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
glade.js
securepubads.g.doubleclick.net/static/ Frame 6EFA 		281 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/glade.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f26e40109b0475bacea3fc2fcad5a91f2003e11c4bbe736141982da246ac155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 20:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:14:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Nov 2023 20:27:28 GMT
pixel
cm.g.doubleclick.net/ Frame D2BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjExOWExMTUwNDhhZWMzNGFlYjIyNTIxYjY2ZTZiNjU0YjJkZWQ2OA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjExOWExMTUwNDhhZWMzNGFlYjIyNTIxYjY2ZTZiNjU0YjJkZWQ2OA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjExOWExMTUwNDhhZWMzNGFlYjIyNTIxYjY2ZTZiNjU0YjJkZWQ2OA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEChWMr83IKQj2S0kDnZC2D0&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEChWMr83IKQj2S0kDnZC2D0&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEChWMr83IKQj2S0kDnZC2D0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame D2BA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
19CE6TJ8CN875WP222HA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D2BA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=&expires=30
date
Wed, 01 Nov 2023 18:36:50 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame D2BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9HM05CMEEtRS0yUlNa&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOHt2NoMMcN2Oy4oITLOSzw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HM05CMEEtRS0yUlNa&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HM05CMEEtRS0yUlNa&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HM05CMEEtRS0yUlNa&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D2BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ofVg-tsPhT6GD19zcQIWbA?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CtPvUBJE2oL3eUv0wV5pKqArxA8jt7jrW.tdSQ--~A
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CtPvUBJE2oL3eUv0wV5pKqArxA8jt7jrW.tdSQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CtPvUBJE2oL3eUv0wV5pKqArxA8jt7jrW.tdSQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D2BA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GIIV1QVEQ2C4VvqnGVYIUA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GIIV1QVEQ2C4VvqnGVYIUA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GIIV1QVEQ2C4VvqnGVYIUA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZV6PEWT0WP3PTPZXD70N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GIIV1QVEQ2C4VvqnGVYIUA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame D2BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG3NB0A-E-2RSZ&gdpr=0
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6CEFDC5EC8D941EE8E737FAE6317DDA7 Ref B: NYCEDGE1619 Ref C: 2023-11-01T18:36:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJG432YaYFPPVxNjIEkA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOG3NB0A-E-2RSZ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2BA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAPVk7KhTYAABiwBT8Rtw&expires=30&gdpr=0
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAPVk7KhTYAABiwBT8Rtw&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAPVk7KhTYAABiwBT8Rtw&expires=30&gdpr=0
Date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame D2BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81f63ee32a525419-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 01 Nov 2023 18:36:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOG3NB0A-E-2RSZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81f63ee2a9855419-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame D2BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LOG3NB0A-E-2RSZ&gdpr=0
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOG3NB0A-E-2RSZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
setuid
ib.adnxs.com/prebid/ Frame D2BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
bf628d27-6bdb-4610-85e1-b685987d26ef
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame D2BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LOG3NB0A-E-2RSZ&gdpr=0
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOG3NB0A-E-2RSZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame D2BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG3NB0A-E-2RSZ&gdpr=0
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOG3NB0A-E-2RSZ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2BA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ec13e11d-fd99-437c-bc7d-26cefe5834b6&expires=30&gdpr=0
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ec13e11d-fd99-437c-bc7d-26cefe5834b6&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ec13e11d-fd99-437c-bc7d-26cefe5834b6&expires=30&gdpr=0
Date
Wed, 01 Nov 2023 18:36:50 GMT
Connection
keep-alive
X-CI-RTID
09ace931-5ea5-495d-b933-ea8546c7e6aa
Content-Length
155
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame D2BA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG3NB0A-E-2RSZ&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-baidu_n-MediaNet_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOG3NB0A-E-2RSZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
dis.aspx
widget.va.us.criteo.com/dis/ Frame A166 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=192011&cb=65429ac15d322d4558d7b40a7b2f7b22&r=https%3a%2f%2ffinans.mynet.com%2f&crossorigin=false
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ea3950be34b39ce0ffc4e8101cfdffd6daa18dfea63afc464305805a52b67fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 18:36:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2613750
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
openrtb
adx2.adform.net/adx/ Frame 8F1E 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F1E 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8F1E 		343 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809731&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6a910a33-8f6a-46de-b166-e087ff993863&l_pb_bid_id=69e33e83d1a09e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18981993611564163
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9fb45290b41aff9fae64ec2283399b7bc55dabdf66428cfacc142354f7efa559

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 8F1E 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 8F1E 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c9fed353fb11a71740b2ad0220054363461e6ba4d476eda33fe5765f69f3d847

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 8F1E 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
72f32920-187c-4639-93ab-bafcee29d687
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8F1E 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 8F1E 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12153947973&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame 3BB2 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 3BB2 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=64840768608&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3BB2 		343 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809722&tk_flint=pbjs_lite_v7.19.0&x_source.tid=13dedd54-19e0-4add-b075-86e6dfb98bda&l_pb_bid_id=690c549471fa0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.044805591841986514
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2e84edc4bd4173ae571a5b4892601788b0eb46a29aea64e6a2cc3efcc569ca2

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3BB2 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
acbe1939-e203-45bd-b8f9-01d9f30ca546
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 3BB2 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f1995da9d16faff6a71541b1aaccd06011d4329548544760e90a695e28b574ec

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3BB2 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx2.adform.net/adx/ Frame 3BB2 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 3BB2 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame F0DB 		19 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
c076aef5-75a0-4fc0-adfc-ec57c90fddce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame F0DB 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame F0DB 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame F0DB 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame F0DB 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=98475005929&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F0DB 		343 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809728&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2587ff38-9752-49a1-bbf5-1d28ebc7a7d5&l_pb_bid_id=1276403f2c178e2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5677825937327061
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0830551f112e9417755513fac6e1f146eba9dfa7e55f895927cc4daea8ad126d

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame F0DB 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
055adb96d55aea49081034ebc4d4a22951bce0292fe23c22fa8d226a7f2a4f8a

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ Frame F0DB 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 9114 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9114 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 9114 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
e51377f3-aa99-41bc-b13e-67a62cfc56a9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame 9114 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 9114 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 9114 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=63094341253&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9114 		343 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809734&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3493ebbe-d963-4aa5-8789-b6ba5edb6591&l_pb_bid_id=143b600ab95f79a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7724211064112849
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ea4ed6c5bda4e4ac7d92a03b740bd108f16967253f048f87ad7a7795f2d20c82

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 9114 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5863317c541754164f1868df84a9f3e353bb7ca7629537d38844766f24b23547

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 79DF 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
e038c3d9-6fcb-4744-90a9-5d0ed3e89907
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://windsplay.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx2.adform.net/adx/ Frame 79DF 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 79DF 		343 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2128490&size_id=2&p_pos=atf&rf=mynet.com&tg_i.page=https%3A%2F%2Ffinans.mynet.com%2F&tg_i.domain=finans.mynet.com&tg_i.pbadslot=adpn-adtag-1698863809736&tk_flint=pbjs_lite_v7.19.0&x_source.tid=184dea0c-f541-47bd-9057-1884bdc3b6b0&l_pb_bid_id=6b33bc91f83566&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9672943741760973
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed6a3e8ec3fac1b333cfcd2b27d1e8bc0cf2b6f3e12c47824dd53a373774db9d

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://windsplay.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 79DF 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://windsplay.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 79DF 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22976768322&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 79DF 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 79DF 		24 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e66b934045dda6260708dfa6bd7cedeb7defa5b52fbe23fede1b90c3dc1ed011

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://windsplay.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 79DF 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windsplay.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://windsplay.com
date
Wed, 01 Nov 2023 18:36:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
all
csm.us.criteo.net/ Frame FC8B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5l1d1GSE5ZRYpHrwQ2hTE2Oe_ApkxUVDZxldsehkJ5AdK9MsMZzZsWgU_2Im1lqf2wM41AVOTP3XANRi2CiEMHhLXoWI-yPUgz3QDTfSt3hI3i0h7FfVhoEwcvRNO09IaJppNn_GrCq0nrWJLOyB6YNFMqk2asrLVwi5hEYyU52lnRwfWgIeGTB-q9iVGkC-2Lzqj_vV93QA8zhncBlENyFA6vyPTdvOY0Z-3iJTwH-4mrBhbAjvJcpGRTrpTah-idmSSA&sds=2&rev=89121&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FC8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 18:36:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FC8B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Oct 2024 18:36:50 GMT
batch
services.insurads.com/dfp/mapping/ Frame AD4B 		1 KB
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1870&requests=[{%22eaUp%22:%22/28687765/mynet/finans/interstitial_oop%22,%22eoId%22:2647267620,%22eolId%22:5383714757,%22advId%22:4829257103,%22ecId%22:138427522541,%22w%22:1,%22h%22:1,%22eId%22:%22main_mynet_finans_interstitial_oop_0%22}]&h=https%3A%2F%2Ffinans.mynet.com%2F&ts=1698863810581
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
34e4bba78ee42b77965d69cdde3121823f045356aa2038fa3618b4808352991e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ Frame 60A7 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079321
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:38:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
28715
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:38:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D836 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8IdEGSEjMkw7Bf4vVb5evtctkHLeJh23a34rfMyfVWkMWsVw_t4QwnVHfDNmStb_ClKGvT6ZqwIYHyamb08nIPHzhue3dfpxNh5Aify0n8YxSHs71ttxzONdJt7fz&sig=Cg0ArKJSzNJGTdim4cyfEAE&id=lidar2&mcvt=1072&p=130,0,730,120&mtos=1072,1072,1072,1072,1072&tos=1072,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=686434309&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698863807942&rpt=1667&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ Frame C430 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
28802
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 10:36:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A53F 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa4cc8a2262e3f4910730a1d3552ae4ada6610dcde63f16048e4bc333f13769d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29906
x-xss-protection
0
server
cafe
etag
478 / 19662 / 31079210 / config-hash: 4605619455912293276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 18:36:50 GMT
exchange
ssc.33across.com/api/ Frame 26B2 		141 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6cedbc291aecab3a112ac4fa4ead7d930b6ec2ae5631c7d7ea12dd28f9f859e9

Request headers

Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 143C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.197.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-197-6.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a99ebae546aae4a2f6278081e3adcd10.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UUBRULsdJhkXppXjWtfw8FJJHlB-Qc3iEfYSh2aUUZwMyVFD8tFYAw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 5134 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta1a4nopAOvXdS1clzbeyu4_ErPFxvU-WhMo1y2xEYG_x1NqzlVpk5JHKoBoHwWYyRtlDtuNBmjUCy9Mjyr9uqDQBcqT23S2SqT4kAugMJa_f0I6Te55yOYhAtsyacYLMhRYlRozP0Eg&sai=AMfl-YTcucStz3r0YxFmm7XoH7Kaced__mZCqtG2M6BVxSBp_P8MRiN3hIjsOf4QtKsGSy35NO7FGZ-dEUq1j5BKIXivfRAE_ZorXDZox994Lh8heu5Dn5-y4pK4BAAjOPQNcC_xFLlveaftAJQpsQ&sig=Cg0ArKJSzA8uEQhD1QpnEAE&cid=CAQSTADICaaN7_VUPEq0aj4q-OeycCV76iMriDlWb0kTgng6mcWFArwOMdT8LTqlhEAFhPvXi6HoPYCcH-cbHwLUA4a5eOKFkROdTKvlItEYAQ&id=ampim&o=998,462&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1058&mtos=0,0,1058,1058,1058&tos=0,0,1058,0,0&tfs=1513&tls=2571&g=100&h=100&tt=2572&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 26B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv72JojB-nLCwfw-FC8unfoAlCFJ_Zl3ypaDVqS8SMf87Np_NWiJ7MNBu3n8qsqL8HtkTO6maV5Ma36BTc8IMtYM02ISGUEwefGA1sI-NAk374EhsOwk5PaT4YNV03mtdl1kmoiHcdb7-NzaChOaDsBKZkI18_yZUgHGZTCc_7HlRleffye7JDOWp8TLSdTiIpYZnXnrm_M0A9F3kPwRUgajHeNdybG4TABmMMRatx8vYyyUJFrK8OhKajC3O0GMunTKLyN3yXu7zJzW2tpTwpDA1G6gH4tnfGge25Xc5rqZusb2I1hF-1s735ZHalCBBt4tkuT1XMFhRIOxSDf7VFpw89pVbWO39Az18S0uNifIJx9EYw9DitRs-9VDAuO3SQ&sai=AMfl-YQXiQ4fCTk9enrS1DVr0DSzbU0dxkcx8ZKSOVCWsTeErFo-G1LxTIA5sKFA7GfzYky5axwhqWNUCscIdtviXQpA7djbq_FJq7LgCfqcXTYKucCXayxhuMb_hSOTLxCDRGO0y0Cxdd7lFB7V6yJI&sig=Cg0ArKJSzODEeszIG_uxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Nov 2023 18:36:50 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DAB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_cm&google_hm=ay1oQnFjb1BiazVWVURHQWpBamZxNHVITmtucUlZTUt6V...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_gid=CAESEMljQuRjOLuvsUtMBOIx1UA&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_gid=CAESEMljQuRjOLuvsUtMBOIx1UA&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1415199
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&google_gid=CAESEMljQuRjOLuvsUtMBOIx1UA&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame DAB1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KoKQZfbk5VUDGAjAjfq4uHNknqKlNkHD9F9Y8w&expires=30
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DAB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7081728085481991200
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7081728085481991200
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2752397
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
an-x-request-uuid
58f2e099-0209-4527-a121-55f476869e95
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7081728085481991200
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
partner.mediawallahscript.com/ Frame DAB1
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&custom=&tag_format=img&tag_action=sync&custom=&cb=fd2316d7-3f2f-4618-8364-d07aab4...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-hBqcoPbk5VUDGAjAjfq4uHNknqIYMKzUS556Qg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=fd2316d7-3f2f-461...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=7081728085481991200&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=9f551020-78e5-11ee-9114-754cbae26fc0?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=3aaf53616af7e0a0473fc65708a297be&tag_format=img&tag_action=sync&cb=680079742
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=2ea68917-cfbf-4385-824d-28009b967746&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=9f551020-78e5-11ee-9114-754cbae26fc0&cb=1698863811467&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=0d49804e-88e1-491f-aa46-15c8b602106a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1698863811467
0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=0d49804e-88e1-491f-aa46-15c8b602106a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1698863811467
Protocol
H2
Server
50.16.193.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-193-198.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=0d49804e-88e1-491f-aa46-15c8b602106a&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1698863811467
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Wed, 01 Nov 2023 18:36:50 GMT
tap.php
pixel.rubiconproject.com/ Frame DAB1 		42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZtzUHfbk5VUDGAjAjfq4uHNknqLzi0HvnsMCtA&expires=30
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame DAB1 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-d1o-n_bk5VUDGAjAjfq4uHNknqLu6vAYONJkFA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.106 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.106.rdns.racklot.com
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DAB1 		0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-T6_60Pbk5VUDGAjAjfq4uHNknqLuzCjgGzL0Iw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
48638
um
criteo-sync.teads.tv/ Frame DAB1 		23 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-z-vFl_bk5VUDGAjAjfq4uHNknqKZ4PPPtrNnaw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.73 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-73.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Wed, 01 Nov 2023 18:36:51 GMT
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame DAB1 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-GdhLHfbk5VUDGAjAjfq4uHNknqLssMX2VxE8eQ&dongle=013b
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame DAB1 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
idsync
tg.socdm.com/aux/ Frame DAB1 		43 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-CzkX7vbk5VUDGAjAjfq4uHNknqKSMRhzQX5Phg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Wed, 01 Nov 2023 18:36:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-CzkX7vbk5VUDGAjAjfq4uHNknqKSMRhzQX5Phg","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZUKaw8Co8YsAAKnTFt0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad345"}
X-SO-Key
ZUKaw8Co8YsAAKnTFt0AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad345
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad345.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
43
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
96.9.249.40
sync
visitor.omnitagjs.com/visitor/ Frame DAB1 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-0Zdhivbk5VUDGAjAjfq4uHNknqI9wSXZDpUAFw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
sync
tags.bluekai.com/site/29001/ Frame DAB1
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=KWic8s9lWD4l8PuMrkAW9iBuIdiPHcNv
62 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=KWic8s9lWD4l8PuMrkAW9iBuIdiPHcNv
Protocol
H2
Server
23.72.185.28 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-185-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 01 Nov 2023 18:36:51 GMT
content-length
62
bk-server
41a8
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=KWic8s9lWD4l8PuMrkAW9iBuIdiPHcNv
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1187187
content-length
0
rum
r.casalemedia.com/ Frame DAB1 		43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZvUjzPbk5VUDGAjAjfq4uHNknqJPydOY3qBUcg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7rJVk0pVApxEQsPlQxbhUZXrVQK27YLO17KL93pF2pe1NfrfDnR%2Fdvgu6r67EnGMcEjUsQ41uh5Pche2LvwuBhGUlScguuZO%2B5NZdDCF3UV8oOhEANBlEfZxukMjOKlNDWc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81f63ee2482437cf-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame DAB1 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-gs4-ifbk5VUDGAjAjfq4uHNknqLqPufhRP5xdA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.201.131 , United States, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-01-pub-prod-nyc.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-n57bt
date
Wed, 01 Nov 2023 18:36:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
user-registering
ads.stickyadstv.com/ Frame DAB1 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-ERcFovbk5VUDGAjAjfq4uHNknqKKzR0GixHrvw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:51 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1698863811447029-313
match
ad.360yield.com/ul_cb/ Frame DAB1
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ
Protocol
H2
Server
34.200.174.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-174-91.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:51 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OVQPjPbk5VUDGAjAjfq4uHNknqKW2vo077XVmQ
access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:51 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame DAB1
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:20d6:29ab:74:798c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:51 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-UVoBW_bk5VUDGAjAjfq4uHNknqLjf9vj1mcsNQ
Date
Wed, 01 Nov 2023 18:36:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
push
exchange.mediavine.com/usersync/ Frame DAB1 		0
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-3_l-nvbk5VUDGAjAjfq4uHNknqJYTjcDH1Z6tw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.123.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-123-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame DAB1 		42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-poESEfbk5VUDGAjAjfq4uHNknqKVLlD2aAS_3w
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:50 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 98FB8DF0A63A420D8D48D1F4EB99ADBE Ref B: EWR311000104025 Ref C: 2023-11-01T18:36:51Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
1017
jadserve.postrelease.com/suid/ Frame DAB1 		43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-J8I6kPbk5VUDGAjAjfq4uHNknqL-qPPcCExY4Q
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-156-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame DAB1 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-k3226Pbk5VUDGAjAjfq4uHNknqJaKskeDvoEIw&initiator=partner
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:52 GMT
Cache-Control
no-cache
X-TraceId
7e4b530e791be3164283b90d5b1dd47d
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DAB1 		42 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dber7fbk5VUDGAjAjfq4uHNknqKDnb0R_qdOKQ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame DAB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-nx1ZpPbk5VUDGAjAjfq4uHNknqIHQTrxn-o8rg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.85.98.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-98-164.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame DAB1 		68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0YyVlPbk5VUDGAjAjfq4uHNknqJzZf52DzXNKw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.185.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-185-188.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame DAB1 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-EcsVv_bk5VUDGAjAjfq4uHNknqJIgQ3EUBRsng
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:7600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-cache, must-revalidate
via
1.1 dc2c9775397edd7b6dcd6264e93076ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-P2
x-amz-cf-id
FZRLfyAcVJ9o7BeNJFmr9fLlHCf5rTTH6gchGovP-W1WHj3IxpRW-Q==
x-cache
Miss from cloudfront
glade.js
securepubads.g.doubleclick.net/static/ Frame 26B2 		281 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/glade.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f26e40109b0475bacea3fc2fcad5a91f2003e11c4bbe736141982da246ac155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 20:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:14:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Nov 2023 20:27:28 GMT
cksync
hb.yahoo.net/ Frame DAB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&dpid=58301
53 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&dpid=58301
Protocol
H2
Server
23.40.179.59 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-59.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 01 Nov 2023 18:36:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 01 Nov 2023 18:36:51 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw&dpid=58301
date
Wed, 01 Nov 2023 18:36:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ Frame A53F 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 15:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
12026
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135432
x-xss-protection
0
server
cafe
etag
13870563710225165476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 15:16:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310250101&jk=1533834957665798&bg=!MzClMH_NAAbo5yKYyOc7ADQBe5WfOP5bQsXFPllF70UKY189_kKVe26ca1ONYFWrp0XUni87qqJSz_GfvxQKrf90IO99AgAAA4xSAAAABmgBBwoA29ysY7Z2f9hIjLYc2GXLwmbRtZm7fjAzgfNengqRudUiFg3v-F0VHvdqfIDSn-A-LB8yCvwPIKEOmVA2s-NauNS9dVpNZjYMC5sOl2iZhOtkvBhzkVBPxlacPMBOEsvNFvSDwNk_lK4VzlQ3BmmB1s0AuA2k-hopUP6yj0NOKmZpUtsQhX-fG8sl37H69TeTxynb0RmvOzuVLXyRPMBjYZcdC93OW1Qi9F-HmBXhGzEsEUQwjBCClxW4vjqdyvd1qjJqESzqZGNGUtV2CXeA66zn3Q0nB7ol-RoKzZkCskvUb2iqRI7UADPmxOTMcTGK-ieLreSnmpzuvDLHFUzapUoFgS_AK52Brzvz1UwvxBxJRkg_vW0QNY4C3jz0T5UUIL2DC7gf3NZdQV4eMJUqEtmVf8aDRNLwBvPRmC6NpMROFxgoGBMRA78apRd-AkqhaHDaO8nE0r94hxDQScEo7lju6a2_KHAmxQE2WyFMV-sjLrM8NfnjJJn4T0PoDG1IfiDgEtWdp63Nw4O7C-nnlthlZWiiONfumu1QPEy02tAhp36BBLEGpm1bM5IBFzLWQzr4yfbB3nDdxAUF1-Yg5cFzSP3eUYEW7h08S02VtaBxMD8MTWXEwc1cyypV32gSKeH7BL_qSOsTMQsy92-8WtygOj9jogERxm2azM6LOlbufPK4aQDkmSCvu1Q51eA1hwQ96SSX6B5-TZ0o3inEohyudGPsWwZFJ63lO93Bww9H0WUCaPDJDkbEQC_NajYtPWiK-Mzk_x1rmQ6k9Pw2CIltg5OdwahuWhHzxYWbmO6YmEHF3OaobjcZYIYstkBrcN8V3NLAh3oIvQc9rVtoYwQua-dyVVTx0WETCgrlIlzsk6dEKfnvzSwz-PL9kDjSOyIMqtQIwmGi5APiI-3x59uNm9eKheO7JMMHsJJ2m2PM9zJAt6ppSQqs_edbPYMWMd6IrFfbNzUVmZkJ2EcHftCO72N2uwugGzAeU7_4aZmg7yN-E8RcgkClq3esgIq19S9iHfxrZ6z6glDXJHsh7AVtsY2fjDfkKsff3htXBkhYMJVjhtR4Akan08ICtTX2I3o_pZPp-gXqoRVbV2JGi0qcm_qmvpVc9eRNNTcQexKOVPfLJeHMvgG8AD-1r5VPKgkodb_63RSD9Aj-wMSDw4SFCeu-f5S6ebhgNLq2brFiQyP-AxlxBXXL_abcEUgDmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=1870&acid=426&s=2243&sid=C32E2DC4C9A3B7BC&auid=757024&mawId=0&ts=1698863810994&iid=m003658521db53387645274890e9228392760908104&is=0&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DAB1 		43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-NToihPbk5VUDGAjAjfq4uHNknqKnwaXjn7psnw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
an-x-request-uuid
ae442667-4d84-43e3-887a-c8cf6b5d1355
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame DBAB 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOG3NB0A-E-2RSZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8D21 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOG3NB0A-E-2RSZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
demconf.jpg
dpm.demdex.net/ Frame DAB1
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm
Protocol
HTTP/1.1
Server
54.147.68.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-68-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-03812d943.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
reboxx0DT6s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcscanary-prod-va6-1-v066-0657d3b44.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
r5Fv0lEZS5k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=j8jFGUp8psPEBfB_B5BBvU3DNGI_eEFm
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
events-ssc.33across.com/ Frame 8D21
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LOG3NB0A-E-2RSZ
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG3NB0A-E-2RSZ
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863811&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863811&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863811&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B7B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3krdmXM1mIRu6glxDIWX3_1ScPARXiz3P-e63toqNQpZWJQUiOJfyYHcwHUl-eatfrWwxu8Evd2ajs_ulgqpZbKq_QupCPIwqEm5PDzZO4gQrnoDowqJili7axPntmRteV7AJoR3N0w&sai=AMfl-YTotjFEWhUrHB3Wz8JsIaxSm-tvrf3FDkkGtNTA4lnqzlHPIwr6Re8n0Vi-0s8g0fVSdbkQbIQRvy-2m3Jk1Lw1eVT0cw4L5acE5ULBrDzIrtRcUNMcB6bu3sEc&sig=Cg0ArKJSzM38tQeiMOACEAE&cid=CAQSPADICaaNJIS8GrOTlb3NoPN2M_rOiuRUGwA7RFRWJ9JyyhsfJ8bvloTKJeHqjSHbhgVxuuYSVi1Lm8VFbRgB&id=ampim&o=1440,130&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1076&tls=2076&g=100&h=100&tt=2076&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame DAB1
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=W1T57OolNOWut5rXF1GZWyLVgQzCZf6K
43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=W1T57OolNOWut5rXF1GZWyLVgQzCZf6K
Protocol
H2
Server
18.239.183.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-96.bos50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
via
1.1 223d5097477b94db6872afd07890faba.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
BOS50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
2W64-62i4xqzKhnDLsQECuwKSHFydAZ0Mzgv-_BPUte230KKsh5NPg==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=W1T57OolNOWut5rXF1GZWyLVgQzCZf6K
date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1673230
content-length
0
all
csm.us.criteo.net/ Frame FC8B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5l1d1GSE5ZRYpHrwQ2hTE2Oe_ApkxUVDZxldsehkJ5AdK9MsMZzZsWgU_2Im1lqf2wM41AVOTP3XANRi2CiEMHhLXoWI-yPUgz3QDTfSt3hI3i0h7FfVhoEwcvRNO09IaJppNn_GrCq0nrWJLOyB6YNFMqk2asrLVwi5hEYyU52lnRwfWgIeGTB-q9iVGkC-2Lzqj_vV93QA8zhncBlENyFA6vyPTdvOY0Z-3iJTwH-4mrBhbAjvJcpGRTrpTah-idmSSA&sds=2&rev=89121&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?u=%7C2dGaq2w8xBKtb4n3Z4299ffHFSk4LK1DLidvHQ0fSVA%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWPTeISSQoqlzTOs3wyD24diZzFATKTCCzvo4z2oNTgy_rHbAeandvhL2Y23bhPIiy86Tp_wYoUedSAPtT08dVeIlvrJ6i_6N5iOXoB-MwcMfw5uLV_ku3sGVWbpmXIXw-BQr_q7Sc00GHzn-FMVTRMW6KfSaUmuxvWNrkO23bYYAoagUBrPVwf94IGsMLnFW430kSsXi0jPN4XQU4V3bCJ_WtquwAoXiyRNCzVqfv7sPV8A1I6bTakVpQL2qJc182L0Rm3IrNaYmRWWQjZUkVDTFRFBmflbW0Rluktc-RCk-jJkLnW4aGs0C9ObHyv3TWqy6drH-Kcz5X3BILbMZ37NSmgYz4EB6GkhTuK1Krsl-yAdWMWFcqlVf9EgQVuTeGrwZ9uVXzd69edpLAKblXO6AbqSyQ4s6zW3UsdDu-_Nv5bSiYHm0ZYZfJhV5Dh51uhZME7e1kHqCiQ0mWr1PuxW9Yx2ls9_OePQAhNoVKFuXPh7YGVO6MuTN9a5uOy7wrI_DzwTvQe5NdK6d0zl_zLOrrWUPqnY7xZWWgtRgjWwrNEt7TVVzU7qIq9PeIkwVsphAYgcLhodoxU_qc_h2aoDbvdwANF-lj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
json
trc.taboola.com/mynetnewtr-mynet/trc/3/ 		38 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/mynetnewtr-mynet/trc/3/json?tim=08%3A36%3A51.815&lti=deflated&data=%7B%22id%22%3A881%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698840715425%2C%22vi%22%3A1698863811812%2C%22cv%22%3A%2220231101-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffinans.mynet.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ffinans.mynet.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5958%2C%22rtui%22%3A%22XffXM216_FqXgHLsT7cud85HZmOWaDRb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22video-reel-sc%3Aabp%3D0%22%2C%22uip%22%3A%22Video%20Reel%20Homepage%22%2C%22orig_uip%22%3A%22Video%20Reel%20Homepage%22%2C%22cd%22%3A5958.25%2C%22mw%22%3A1600%7D%2C%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22Newsroom%22%2C%22orig_uip%22%3A%22Newsroom%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CNewsroom%3Drbox-tracking%3Aabp%3D0%2C%2CVideo%20Reel%20Homepage%3Dvideo-reel-sc%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1310f5f105b6352a91149fe2a292368568fa3bf851007d96b4a7cfda2de06e49

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
162
date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.875
x-fastly-to-nlb-rtt
13693
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1698863812.838221,VS0,VE162
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://finans.mynet.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bid
ap.lijit.com/rtb/ Frame 1129 		23 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.39.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
523751279f0abbd232b21c3bbe8b53d1632a8536814498d39a8c674d2cca597a

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Nov 2023 18:36:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://finans.mynet.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
v1
prg.smartadserver.com/prebid/ Frame 1129 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.0 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
prebid.media.net/rtb/ Frame 1129 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUV4OAWX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c782a1acc188b3a3e9d07fa5db393d7714461963d3b9ed50889ff1975786b3d2

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:51 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Nov 2023 18:36:51 GMT
translator
hbopenbid.pubmatic.com/ Frame 1129 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=342
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/25/pwt.js?sid=G7SRYJPL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finans.mynet.com
date
Wed, 01 Nov 2023 18:36:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ Frame 1129 		461 B
256 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=869015735162491&correlator=120829169774900&eid=31079298%2C31079210%2C44780989%2C31061690&output=ldjh&gdfp_req=1&vrg=202310260101&ptt=17&impl=fifs&gdpr=0&iu_parts=22954957514%2Cmynet%2CFBK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&didk=2224345409&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db7c242115707663a%3AT%3D1698863807%3ART%3D1698863807%3AS%3DALNI_Ma5iXSicGvz6Q4-keKH4vJs9X_2xA&gpic=UID%3D00000d9e527e491f%3AT%3D1698863807%3ART%3D1698863807%3AS%3DALNI_MZl7LfcNENFu88RbDgpdLDbBnrUWw&abxe=1&dt=1698863812000&lmt=1698899812&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=i6fsao1u7b90&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Ffinans.mynet.com%2F&ref=https%3A%2F%2Ffinans.mynet.com%2F&top=https%3A%2F%2Ffinans.mynet.com%2F&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&ea=0&ga_vid=1924489594.1698863807&ga_sid=1698863812&ga_hid=108005692&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGViYzdhYzQ1LWYyNmItNDg5Mi1iMjg4LTFlNDYxOGRkOGZjMFgBEhoKDWNyd2RjbnRybC5uZXQSABjy8rHhuDFIABIbCgwzM2Fjcm9zcy5jb20YyO2x4bgxSABSAghkEhcKCHJ0YmhvdXNlGKzxseG4MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjI7bHhuDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pYW5sNVpYQmhkMmRSVkhrdkt6a3lZVGhtYnpObFp6MDlJbjA9GPfyseG4MUgAEhsKDGlkNS1zeW5jLmNvbRjE9LHhuDFIAFICCGo.&dlt=1698863807580&idt=1180&prev_scp=iat-req%3D1%26amznbid%3Dv45fy8%26amznp%3Dstqsjk%26amzniid%3DJCkdC8DHZuGp16_vUZRd3ewAAAGLjCyB2AEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICC9EunV%26amznsz%3D728x90&cust_params=amznbid%3D0%26amznp%3D0&adks=4245601852&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
575127dcfe80f5b40ee6a0eb6a76de5d8af1f6f6a603257faf52c1430dba9b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1129 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2731ee1af7becf6f2d343204973fb247e3742924362e8d22cadc5bbdcd3d659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12010
x-xss-protection
0
container.html
a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94B1 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:52 GMT
expires
Thu, 31 Oct 2024 18:36:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video-reel.js
cdn.taboola.com/ui-ab-tests/video-reel/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2398b00159eecff8a7b2511bbd897599167b3b2003e50ce508179d9083958ae4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
PA4mXn8jvAcmF_IAIYDdeF3IbXQX27da
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:52 GMT
x-amz-request-id
HP2928NRWFT8BA6X
age
122
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
9582
x-amz-id-2
ZnUNg5bF9egGprVH2mPvdZQu+WB4Mb5fKVJI7dMO/pDVm0eQoB5ETd1LupsOZzbMa0BS4WOxUYI=
x-served-by
cache-yyz4569-YYZ
last-modified
Tue, 31 Oct 2023 10:34:47 GMT
server
AmazonS3
x-timer
S1698863812.039030,VS0,VE0
etag
"6e0a88f8dc6182261787aa0a385a3c15"
vary
Accept-Encoding
content-type
application/x-javascript
abp
51
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5
video-reel.css
cdn.taboola.com/ui-ab-tests/video-reel/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51fd992d66e77bd01447c0bb371081aeb2083ae55016d99f5a22b62659e4fe2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
KAQpoY4BU6vdnLnNtoFQD2vTwvkwyCgL
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:52 GMT
x-amz-request-id
4MRV7WNWQ0EK2FC0
age
123
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2610
x-amz-id-2
wHvUCjj4ZExvhzlyyj7dKWqhb2F+ThWOPx3+lH8cNFFHcvlQw9siQSeQ1iAsKCZoEI3Qg4QVgfU=
x-served-by
cache-yyz4569-YYZ
last-modified
Tue, 31 Oct 2023 10:34:45 GMT
server
AmazonS3
x-timer
S1698863812.039623,VS0,VE0
etag
"d55aa57e6bbe75f2de15ce840cc1dbfc"
vary
Accept-Encoding
content-type
text/css
abp
84
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5
UnitInstreamDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.3/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.3/UnitInstreamDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a47c713c21f44aa4d2c37d6e1e79b5a5c250c6446447773d8eb2b2e39efc6bf6

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 7c52af60a69f0ba536808e0cc2414994.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YTO50-C2
age
112451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34932
x-served-by
cache-yyz4535-YYZ
last-modified
Tue, 31 Oct 2023 09:12:39 GMT
server
AmazonS3
x-timer
S1698863812.071506,VS0,VE0
etag
"f287a4a6df2f84e92fa0262ed5a3f1c9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
B-v5pApucnzzwZCqb08KrW_QECD3w6rQWnOtnwfZrzJEZlm-RGTs0w==
x-cache-hits
588
userx.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d01485edc889f10ce5f17056301e09569f8e893bba2c306bde9f788119343cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
7rzOjVxN4IhTY7uCO5DC9pJyJbS3BBsC
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:52 GMT
x-amz-request-id
XZ0B4C04SSE2E472
age
30381
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
h5QOHCtLqUzu8CtAUTVXnEudI1+pqKcPUZObohN5XCY74LNPf7+3dsmNgLk/LmVN9/hEVJkUgrU=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 01 Nov 2023 10:00:37 GMT
server
AmazonS3
x-timer
S1698863812.071209,VS0,VE0
etag
"c646e0ba29eae5c4d5cf35a5e15a39b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5958
distance-from-article.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09786c41a3905cd2436a020cad81c09334bb3f2012b4da70012edc55f427592a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
gLNsfNgacyLkU8LtFMgU_XgupRwyV_uL
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:52 GMT
x-amz-request-id
2YFZ5M7Z9M9W2B7W
age
30422
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
83I+E/Bg8KvhTsavkp44N4/XAHRS/HAWdWcUldl+O3SzsQpHJq934gHpgnNQXjpinIj/HIn3lQI=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 01 Nov 2023 10:01:10 GMT
server
AmazonS3
x-timer
S1698863812.072255,VS0,VE0
etag
"3f59a1f7704ebf16208cead0458ddb7b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
21
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17496
article-detection.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mynetnewtr-mynet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e3738508aaf0c8fea2bd8b9ce4d1b0ae76dec5b43eb0f75d69f83f4d9e3b14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
3Ocvm0RbHaSqpRgv.PsJIWoz2ASflanV
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:52 GMT
x-amz-request-id
2YFS2VQ442TDDD3P
age
30422
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
CtNSaNXLLox5tHFJaN6ZKafl5PxEDovdI7nLznXZzYVzcZGIkmFUfTHJ+uWito86Mvdjc7q2oV4=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 01 Nov 2023 10:01:16 GMT
server
AmazonS3
x-timer
S1698863812.072859,VS0,VE0
etag
"6a7c58b6c1dcde6eebc1a6c34659c6c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17520
abtests
ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/abtests?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698863812042%7D&tim=08%3A36%3A52.042&id=6699&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F4E6 		0
0
checksync.php
contextual.media.net/ Frame 560F 		0
0
social
ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/ 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/social?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Ffinans.mynet.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Mynet%20Finans%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22http%3A%2F%2Fimg7.mynet.com.tr%2Frosetta%2Ffinans%2Flogo_400x400.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=08%3A36%3A52.064&id=3389&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1129 		0
0
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.taboola.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:06:01 GMT
x-content-type-options
nosniff
age
577851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 02:06:01 GMT
tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ Frame EA59 		138 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 07:17:24 GMT
server
cloudflare
etag
"1697354244"
x-hw
1698863812.dop211.ny3.t,1698863812.cds240.ny3.shn,1698863812.dop211.ny3.t,1698863812.cds127.ny3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30029578
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81f63eeab8124bd2-BUF
access-control-allow-headers
Content-Type
content-length
40656
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-slider%22%2C%22data%22%3A%22%7B%5C%22value%5C%22%3A%5C%22true%5C%22%7D%22%7D&tim=08%3A36%3A52.117&id=9748&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13721
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.174136,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-visible%22%2C%22data%22%3A%22%7B%5C%22sl%5C%22%3A%5C%22always%5C%22%7D%22%7D&tim=08%3A36%3A52.120&id=1513&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13653
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.174112,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-pageload%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=08%3A36%3A52.122&id=7499&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13603
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.174096,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=1870&acid=426&s=2243&sid=C32E2DC4C9A3B7BC&auid=1424257&mawId=0&ts=1698863812161&iid=m14499a459506881f44cb12b71220718617c0b4edc6&is=0&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.112.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-112-177.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
supply-feature
ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/mynetnewtr-mynet/log/3/supply-feature?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%221098.75%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A36%3A52.199&id=954&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
SPug
simage4.pubmatic.com/AdServer/ Frame 9614 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
532.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ Frame EA59 		66 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/532.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 07:17:17 GMT
server
cloudflare
etag
"1697354237"
x-hw
1698863812.dop013.ny3.t,1698863812.cds250.ny3.shn,1698863812.dop013.ny3.t,1698863812.cds247.ny3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30029579
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81f63eeb78224bd2-BUF
access-control-allow-headers
Content-Type
content-length
8552
_.gif
counter.tldw.me/ Frame EA59 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hw
1698863812.dop220.ny3.t,1698863812.cds229.ny3.shn,1698863812.cds229.ny3.sc,1698863812.cds229.ny3.p
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63eeba82d4bd2-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:52 GMT
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-compatible%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=08%3A36%3A52.386&id=6027&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13586
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.404383,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ Frame EA59 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:05:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 18:36:52 GMT
css
fonts.googleapis.com/ Frame EA59 		2 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:15:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Nov 2023 18:36:52 GMT
784.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ Frame EA59 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/784.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 07:17:14 GMT
server
cloudflare
etag
"1697354234"
x-hw
1698863812.dop041.ny3.t,1698863812.cds151.ny3.shn,1698863812.dop041.ny3.t,1698863812.cds230.ny3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30029579
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81f63eeb882b4bd2-BUF
access-control-allow-headers
Content-Type
content-length
1848
298.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ Frame EA59 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/298.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 07:17:08 GMT
server
cloudflare
etag
"1697354228"
x-hw
1698863812.dop061.ny3.t,1698863812.cds126.ny3.shn,1698863812.dop061.ny3.t,1698863812.cds009.ny3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30029579
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81f63eeb882c4bd2-BUF
access-control-allow-headers
Content-Type
content-length
2695
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-available%22%2C%22data%22%3A%22%7B%5C%22sl%5C%22%3A%5C%22always%5C%22%7D%22%7D&tim=08%3A36%3A52.397&id=3211&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13675
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.409674,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40e5ada833754d06997e1b2b7797bc7901c972b8831de0e61705c1cb5b835e45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
age
1316983
edge-cache-tag
323379815909605489226909807527890025973,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
323379815909605489226909807527890025973,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ndtv.com/
content-length
24510
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000052-IAD, cache-iad-kiad7000154-IAD, cache-lga21970-LGA, cache-iad-kjyo7100042-IAD, cache-yyz4569-YYZ
last-modified
Tue, 03 Oct 2023 20:06:09 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=37661,owidth=2409,oheight=1200,obytes=316150
x-timer
S1698863812.428925,VS0,VE2
etag
"ca061e2606d2ad8c521686eab9d90e50"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Nov 2023 18:36:52 GMT
Last-Modified
Wed, 01 Nov 2023 12:08:54 GMT
ETag
"1698840534"
X-HW
1698863812.dop212.ch4.t,1698863812.cds019.ch4.shn,1698863812.dop212.ch4.t,1698863812.cds093.ch4.c
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 0-312448/312449
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
312449
a6707c98-b2b1-4118-b4d1-399e18946b1b
https://finans.mynet.com/ Frame EA59 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://finans.mynet.com/a6707c98-b2b1-4118-b4d1-399e18946b1b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40e5ada833754d06997e1b2b7797bc7901c972b8831de0e61705c1cb5b835e45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/4f458acc-edfb-4ed0-a118-3480148b1e1a__EXpdjUHN.jpg
age
1316983
edge-cache-tag
323379815909605489226909807527890025973,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
323379815909605489226909807527890025973,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Fri, 03 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ndtv.com/
content-length
24510
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000052-IAD, cache-iad-kiad7000154-IAD, cache-lga21970-LGA, cache-iad-kjyo7100042-IAD, cache-yyz4569-YYZ
last-modified
Tue, 03 Oct 2023 20:06:09 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=37661,owidth=2409,oheight=1200,obytes=316150
x-timer
S1698863812.467398,VS0,VE0
etag
"ca061e2606d2ad8c521686eab9d90e50"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 2
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1698863812467&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1565&pt=-720457258&tz=-600&viewable=true&ddast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3296680&dpubid=505315&abtst=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!video-reel_vA&mPre=0.033&cirf=https%3A%2F%2Ffinans.mynet.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22745a3da167318432390f344e359c5b1086c2215ea1b098fcb23ac669b0b20b

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1802
x-cache
MISS
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863812.483032,VS0,VE122
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&cmcv=&pix=31589837&cb=1698863812465&uv=3352&tms=1698863812465&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1698863803322!ts:1698863812464&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-length
0
server
nginx
st
imprchmp.taboola.com/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&cmcv=&pix=undefined&cb=1698863812465&uv=3352&tms=1698863812465&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!video-reel_vA&ft=0&unm=INSTREAM&aure=false&agl=1&cirid=018870a6-7eba-449c-8f79-0061121948f9&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1698863812.481773,VS0,VE15
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yyz4569-YYZ
v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		17 KB
18 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04dee8bba8c694a04a22bc62e5ba2f3f7e08a5f210b72f09d46899ac8fa7c252

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=294912-

Response headers

Date
Wed, 01 Nov 2023 18:36:52 GMT
Last-Modified
Wed, 01 Nov 2023 12:08:54 GMT
ETag
"1698840534"
X-HW
1698863812.dop088.ch4.shc,1698863812.dop088.ch4.t,1698863812.cds093.ch4.c
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 294912-312448/312449
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
17537
cmTagINSTREAM.js
vidstat.taboola.com/vpaid/units/33_5_2/infra/ 		655 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagINSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b4a4f15e0e3f11f5c6cc536d1310b8e388dc1c0ceb5f4a46707318c3457e44b9

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698746626
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Z4WGV5EGA1PQP5AZ
age
116996
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746627
x-amz-meta-mode
33188
content-length
114364
x-amz-id-2
U/CvVPS09va9UMObVPw4eMzwW9PEsIZHnsAKpMpdDMcMqxyZv6rNAzRsCFpuWqJmL+/9RL2vy+U=
x-served-by
cache-yyz4535-YYZ
last-modified
Tue, 31 Oct 2023 10:03:48 GMT
server
AmazonS3-br
x-timer
S1698863813.634845,VS0,VE0
etag
"657c810bdb8f37e46b5aa1d1bed5a2dc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
735
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_2/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_2/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698746657
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A5JXDZTC024SH6ZA
age
117021
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746658
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
lgrIpcjJIEXsWfuCtD7jbAXmsgR6V3F3Ay9pzZDxG+bdEyiTiRDyKQiODGjsZiPCznLvmIcl7WY=
x-served-by
cache-yyz4569-YYZ
last-modified
Tue, 31 Oct 2023 10:04:19 GMT
server
AmazonS3-br
x-timer
S1698863813.636786,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12360
_.gif
counter.tldw.me/ Frame EA59 		0
112 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hw
1698863812.dop014.ny3.t,1698863812.cds129.ny3.shn,1698863812.cds129.ny3.sc,1698863812.cds129.ny3.p
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63eed18484bd2-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:52 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/ 		426 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2f7ed4e77c9ae0c81247f1868ff69ab63d0e7c9ada05cc79356d8f671cba3a0d

Request headers

Referer
https://finans.mynet.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698746463
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
ZSA3XWYJX0N5M4SP
age
117269
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746477
x-amz-meta-mode
33188
content-length
82073
x-amz-id-2
67xAr8SIrLKrDcgxi0gaeKxMrCd74JjKkzltaZPBtzZ2f77Kacspy/hUf1RV1rG0NBAtNZYxwms=
x-served-by
cache-yyz4535-YYZ
last-modified
Tue, 31 Oct 2023 10:01:18 GMT
server
AmazonS3-br
x-timer
S1698863813.797878,VS0,VE0
etag
"70a1fab1aff95971a6240163950d2f7e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
14033
/
finans.mynet.com/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finans.mynet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.148.122.134 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1009180.ip-135-148-122.us
Software
MerlinCDN / Mynet Team
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
strict-transport-security
max-age=0
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
age
2
x-powered-by
Mynet Team
x-midtier
de-fra-lea-s01
x-cache-status
HIT
x-cache
HIT 139
x-url
/
x-no-session
yeah
x-host
finans.mynet.com
x-xss-protection
1
server
MerlinCDN
allow
GET, HEAD, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-edge
us-vga-ovc-s02
cache-control
max-age=30
access-control-allow-headers
accept, authorization
sync
ch-match.taboola.com/ Frame 21BE 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a30fbdd4cbf2a6b5393fc1cb893505023d171f20d71347a7575890b1fec1c413

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 01 Nov 2023 18:36:52 GMT
machineid
3801
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 f8d2e956e186aef5f6c9bb38469c0bc4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
YTO50-C2
age
1493059
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-yyz4569-YYZ
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1698863813.852415,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oFODbJpksGPvTDTwFVXaSwXpk_mBeZPkBwoILGyA9Kenx3_dO2gXTw==
x-cache-hits
16515
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.5.0&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
fed
ups.analytics.yahoo.com/ups/58809/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://finans.mynet.com/&pixelId=58809
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://finans.mynet.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
rid
match.adsrvr.org/track/ 		108 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.22.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
89ab9372b3ad228cd37cf0b4d1e57f5d80463a3ae3dcfb31531ff1474c69fc5e

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://finans.mynet.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 01 Dec 2023 18:36:52 GMT
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&cmcv=&pix=31579697&cb=1698863812866&uv=3352&tms=1698863812866&su=&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!video-reel_vA&ft=0&unm=INSTREAM&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
content-length
0
server
nginx
v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-1dff254b-ec95-4535-3257242-86af-b17023f27cb3-s73.8-81.56tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=32768-

Response headers

Date
Wed, 01 Nov 2023 18:36:52 GMT
Last-Modified
Wed, 01 Nov 2023 12:08:54 GMT
ETag
"1698840534"
X-HW
1698863812.dop088.ch4.shc,1698863812.dop088.ch4.t,1698863812.cds093.ch4.c
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 32768-312448/312449
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
279681
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 21BE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:52 GMT
via
1.1 varnish
x-served-by
cache-yyz4569-YYZ
server
nginx
x-timer
S1698863813.946752,VS0,VE15
x-fastly-to-nlb-rtt
13537
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
date
Wed, 01 Nov 2023 18:36:52 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 21BE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44966

Redirect headers

date
Wed, 01 Nov 2023 18:36:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 21BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A9zlfrNE2uGymE2VbPH_R_SIeyv.GlMu~A&gdpr_in_effect=0
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A9zlfrNE2uGymE2VbPH_R_SIeyv.GlMu~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V81VgCLAZIid9CIm5FGBKQEr-FRNyKMCwAAABgYGDtAAkshsPdYGFb61YWh1s0Wm7cwplvuRYMZovFZLEcDWfOISCBxXC4Gyxsa93K4nCLRsuNWzjzLdeCwWyxmCyWo-HMOQUT1jS5_AZJy2U2CPlul-Hhc7lBBppOh891r5c57Q6756523l2mu8bv9ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAOMbBJpJDgl5-DzNDrvp6Q8AAAAAIAAAAABIABzUjpcAkGlCPfH_________H2OAPvNGxv____-NhR4ADz4AHoQAAABcDJli0FeDp6XsJHLAUoQRAAAAALCEfJQjk3SCikWV____fisAVwAAAhYZWRpNsugOSryFAQAAABizQA-L32922DV-t8v8_________5v5P_OPRghlvTCN8GlPnJpfQACANb-AAABsxA0AwBsBOEHHIGazyWC2OgqxG84Wu9FuMpgdAAAAgDv_____ekByMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbb9kAYSiigSnin9ZmwpsnlN0haLrNByHe7DA-fy34mbDFaTSab5XC2XEwGw9FwNNqfgVgMB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMGQzTMzTVaztWI5nLhFC49nLVxNfGuRZ7Pc2JyDlWVhW4teH9PHs7EMRpstEgy42IvkaZFONBOHZbBxGSfGkcnhMC2Hu5XDNTPOlgvTamNY7iZiieZkkU5kl31zMVwZJ7bRwuZZLhyDmWPmm612w4Vr5TIOFxbbvmTzzEyT1WytWA4nbtHC41kLVxPfWuTZLDc252BlWdjWotfH9PFsLIPRZt-YLYfD2Wa4WOwbs-VwONsMF4t9h87wXX3ORmnkGPX4nGrn9SOtOQ0Kl8HmnRYt0tbh6DPqRNKI6zQ0Rl8Tq9A18RoUnoNHdbPmpE5tZCI7T6YJx8GiiCWCi3Sidt5dprvLd7q81c67y3QRS5Smi3Sil4glgtNFOtE4TC-f3_K8qP9oIWdz5VwyWs5Fg1UCAAAAAAAAALAEk0w3AQAAAHAyqMFqs1it08FMlrPZcLBcABTu4bp-iB8a1Rpe23e9Fz5sHNy4JxVr7DGIdt5dprvLd7q81c67y3RlABTtucw2-4wg1mq1rAEAAAxgAwAACOCmG28CzaS4_____3EAAAAA5NADAABY2wd0lZqZmZmpyY8gB6vh_gGoEGu1Wt1urNVqBSSQ0Wo3gQAAAfk!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44966

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A9zlfrNE2uGymE2VbPH_R_SIeyv.GlMu~A&gdpr_in_effect=0
date
Wed, 01 Nov 2023 18:36:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bulk
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/bulk?tvi48=9598&tvi50=9058&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13596
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863813.081150,VS0,VE15
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
10893
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4569-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698863813.205330,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
56
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1712
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F83 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A6EA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1979 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31235
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72748
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863813.371133,VS0,VE0
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 2BDE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
297ac77938b640e31d7608ed1f0472d14fc676789ca12488d4554113b53aeebc

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 18:36:41 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
usync.js
eus.rubiconproject.com/ Frame A6EA 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26257
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
712.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ Frame EA59 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/712.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 15 Oct 2023 07:17:13 GMT
server
cloudflare
etag
"1697354233"
x-hw
1698863812.dop013.ny3.t,1698863812.cds250.ny3.shn,1698863813.dop013.ny3.t,1698863813.cds149.ny3.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30029579
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81f63ef1e8c84bd2-BUF
access-control-allow-headers
Content-Type
content-length
2767
async_usersync.html
acdn.adnxs.com/dmp/ Frame E3FE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31235
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72751
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863813.446269,VS0,VE0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F83 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66313373&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
db77af48c35c69acd0af71b8a80ea2093600963cee8aa585cca43170a462f2cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v-65e69397-c7a4-4b4f-3258863-aee0-67c3f399b9f2-s67.64-73.76tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		235 KB
235 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-65e69397-c7a4-4b4f-3258863-aee0-67c3f399b9f2-s67.64-73.76tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ba21bb261e60524ae86d2ea83d49c88559f81df18b1a82542ac2e92be722961f

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Last-Modified
Wed, 01 Nov 2023 14:16:57 GMT
ETag
"1698848217"
X-HW
1698863813.dop225.ch4.shc,1698863813.dop225.ch4.t,1698863813.cds156.ch4.p
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 0-240516/240517
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
240517
async_usersync
ib.adnxs.com/ Frame 1979 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
an-x-request-uuid
8309d1cc-e421-4638-9c6c-72a61a962097
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9996
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBUFZrN0toVFlBQUJpd0JUOFJ0dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAAPVk7KhTYAABiwBT8Rtw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAPVk7KhTYAABiwBT8Rtw&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAPVk7KhTYAABiwBT8Rtw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8102726937115843756&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAAPVk7KhTYAABiwBT8Rtw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8102726937115843756%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8102726937115843756&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAPVk7KhTYAABiwBT8Rtw&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAPVk7KhTYAABiwBT8Rtw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAPVk7KhTYAABiwBT8Rtw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 132F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081728085481991200&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081728085481991200&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7d6cd893-61bc-48d3-80b8-1f94bd30951c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7081728085481991200&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AFF4 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4537-YYZ
x-timer
S1698863813.490911,VS0,VE21
141
match.deepintent.com/usersync/ Frame 0FA1 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame B03D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a0dd2d92-78e5-11ee-bebf-6e5179533f8c
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a0dd2d92-78e5-11ee-bebf-6e5179533f8c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=a0dd2d92-78e5-11ee-bebf-6e5179533f8c
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 52B7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 90E8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_af8c400b-fefb-4c38-96ff-536516d87cfc&bsw_param=2f563103-0c1f-4c62-9f7b-4f469acb0125&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 01 Nov 2023 18:36:53 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6E1F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E7D0
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567025533345
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567025533345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 01 Nov 2023 18:36:53 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567025533345
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 603D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:114uNdiQ1QYg5f5&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:114uNdiQ1QYg5f5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 01 Nov 2023 18:36:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:114uNdiQ1QYg5f5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-05556df4f664eb4a8@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 44DC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=08570027-32eb-4c40-9d76-c1e5924bc40c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.115.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-115-175.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:53 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 01 Nov 2023 18:36:53 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 56DF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Wed, 01 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
568188
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
i.match
s.tribalfusion.com/z/ Frame 0A50
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81f63ef44a104bc6-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81f63ef36a064bc6-BUF
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
10391
Pug
simage2.pubmatic.com/AdServer/ Frame 0524
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:JRGHLFp1m5yWjqBkUI_1&gdpr=0&gdpr_consent=&gdpr=0
42 B
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:JRGHLFp1m5yWjqBkUI_1&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:JRGHLFp1m5yWjqBkUI_1&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
Pug
image2.pubmatic.com/AdServer/ Frame 5F43
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9638ec07599c4b9ba58ae1d251bf0cb1
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9638ec07599c4b9ba58ae1d251bf0cb1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9638ec07599c4b9ba58ae1d251bf0cb1
pragma
no-cache
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 5007 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame B177
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=847523361694
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=847523361694
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=847523361694
Pug
simage2.pubmatic.com/AdServer/ Frame 4205
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 01 Nov 2023 18:36:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame C5EE 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame A3AD
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n2jWs8pcBwmBUG8sxppCZQ
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n2jWs8pcBwmBUG8sxppCZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 10:42:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:54 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=n2jWs8pcBwmBUG8sxppCZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 648A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698863813679
  • https://ad.turn.com/r/cs?pid=45&rndcb=1456599807
  • https://sync.1rx.io/usersync/turn/3122232386686183181?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:54 GMT
ETag
RXe4c2eda93348421fa82659e66031b2ba005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cookiesync
core.iprom.net/ Frame 32E9 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:53 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-56b86f408c72@version_1.575
X-core-time
0ms
X-server-arch
v2
insync
thrtle.com/ Frame 1F83
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=94e8a1fa-1e5d-4a5f-a4fc-4a0c2e0b0771
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=94e8a1fa-1e5d-4a5f-a4fc-4a0c2e0b0771
Protocol
H2
Server
23.23.163.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-163-185.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 01 Nov 2023 18:36:53 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&vxii_pid=12&vxii_pid1=10067&vxii_rcid=94e8a1fa-1e5d-4a5f-a4fc-4a0c2e0b0771
date
Wed, 01 Nov 2023 18:36:53 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 1F83 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 1F83 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.214.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-214-59.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 1F83 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.102.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-102-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 01 Nov 2023 18:36:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent=
1 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent=
Date
Wed, 01 Nov 2023 18:36:53 GMT
Connection
keep-alive
X-CI-RTID
58b85a7c-f0ea-4b10-8125-4d7e2f49e91b
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=714af3cc0e162409&is_secure=true&networkId=17100&version=1&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACpBt41ob6NANkkI0pAAAAAAA&expiration=1698950213&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&...
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACpBt41ob6NANkkI0pAAAAAAA&expiration=1698950213&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACpBt41ob6NANkkI0pAAAAAAA&expiration=1698950213&nuid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 1F83 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.0.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-0-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 10:28:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 1F83
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10B7A5111_6C454A54&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-381868613; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:53 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-381868613; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3122232386686183181&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4978319480049069945
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4978319480049069945
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4978319480049069945
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1F83
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081728085481991200
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081728085481991200
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
an-x-request-uuid
cf73adce-3b88-4474-ad3e-0c17d25d6de4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7081728085481991200
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame EA59 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:46 GMT
x-content-type-options
nosniff
age
7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 18:36:46 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBA5XxxKA.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame EA59 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBA5XxxKA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
942d15d7ae205103bb1167e7a474e351c4ba411c7bf222078e2a4fc63c0a2117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finans.mynet.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 16:49:14 GMT
x-content-type-options
nosniff
age
524859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13688
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 16:49:14 GMT
_.gif
counter.tldw.me/ Frame EA59 		0
136 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hw
1698863812.dop220.ny3.t,1698863813.cds229.ny3.shn,1698863813.cds229.ny3.sc,1698863813.cds229.ny3.p
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63ef2b8d74bd2-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:53 GMT
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-readyToPlay-v2%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=08%3A36%3A53.529&id=3261&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13540
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863814.558703,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-readyToPlay%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=08%3A36%3A53.529&id=4418&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
14789
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863814.558849,VS0,VE15
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
async_usersync
ib.adnxs.com/ Frame E3FE 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
an-x-request-uuid
32a0b900-5920-4044-977b-cdfcc4e3086f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pubs-generic
trc.taboola.com/mynetnewtr-mynet/log/3/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/mynetnewtr-mynet/log/3/pubs-generic?route=US:CH:V&tvi48=9598&tvi50=9058&lti=deflated&ri=3ba20ce8b8ddaa4987ea5f869a45c097&sd=v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE&ui=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&pi=/&wi=-1187526317982618039&pt=category&vi=1698863811812&d=%7B%22type%22%3A%22videoReel-rendered%22%2C%22data%22%3A%22%7B%5C%22t%5C%22%3A%5C%2210.24%5C%22%7D%22%7D&tim=08%3A36%3A53.558&id=3954&llvl=2&cv=20231101-5-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13603
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863814.573014,VS0,VE16
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4187 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33134732&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8c2cd95f7b850bde6b7532f76511d16df664032e6fd424f3b918ecc3df4fe42d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 01 Nov 2023 18:36:52 GMT
content-length
1483
content-type
text/html; charset=UTF-8
pub
matching.truffle.bid/sync/ Frame F4FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 01 Nov 2023 18:36:53 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 081D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 18:36:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Tue, 31 Oct 2023 18:36:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3B0BD726E5DF48818E605A6E7F99D71D&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 86AF
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7521502131361552728&uid=Q752150213136155...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7521502131361552728
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7521502131361552728
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=55489
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7521502131361552728
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
match
events-ssc.33across.com/ Frame 8C53 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 google
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 4187 		0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
d3867d34-cf83-4c2a-a129-c85ba5582ef2
Connection
keep-alive
transfer-encoding
chunked
x-application-context
application:production
396846.gif
idsync.rlcdn.com/ Frame 4187
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 01 Nov 2023 18:36:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0946de9a-c8e0-48ab-ba54-9581ac46655f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF/gdpr=0/ Frame 4187 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.51.119
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 4187 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 4187
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:74559447-8dd9-43d7-a2be-9d320f1b460e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:74559447-8dd9-43d7-a2be-9d320f1b460e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:74559447-8dd9-43d7-a2be-9d320f1b460e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 01 Nov 2023 18:36:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
_.gif
counter.tldw.me/ Frame EA59 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hw
1698863812.dop220.ny3.t,1698863813.cds229.ny3.shn,1698863813.cds229.ny3.sc,1698863813.cds229.ny3.p
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63ef378e04bd2-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:53 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 47C4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://finans.mynet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72752
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863814.678860,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B35F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8818 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1499 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72753
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863814.745448,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 47C4 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
an-x-request-uuid
9d120173-91a4-4c74-849a-f5fc807ee168
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 9069 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C4FD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 73201
X-Served-By
cache-lga13626-LGA, cache-yyz4560-YYZ
X-Timer
S1698863814.755852,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B821 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 8818 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26257
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
usync.js
eus.rubiconproject.com/ Frame 9069 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26257
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
usync.html
eus.rubiconproject.com/ Frame D194 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDD7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A4C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 73203
X-Served-By
cache-lga13626-LGA, cache-yyz4560-YYZ
X-Timer
S1698863814.921692,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 1499 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
an-x-request-uuid
70e8455b-2546-4436-a3bd-6b0f1c6acc0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9256 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72755
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863814.919901,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9DD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FD38 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2DFD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 72756
X-Served-By
cache-lga13626-LGA, cache-yyz4521-YYZ
X-Timer
S1698863814.950500,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5C5B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6FC8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A310 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 73204
X-Served-By
cache-lga13626-LGA, cache-yyz4560-YYZ
X-Timer
S1698863814.950863,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EFFD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C77 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43647
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:53 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 57E5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
3a6a65bc8c09f50c2f9ae470fa60c49e6e1efa7e04466d5a1044f5f917a360ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1568
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 2BDE
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HlbcdBZHBgn1_7qYR6GvAvRY
95 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HlbcdBZHBgn1_7qYR6GvAvRY
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Protocol
H2
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/png
date
Wed, 01 Nov 2023 18:36:42 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HlbcdBZHBgn1_7qYR6GvAvRY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame 2BDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=2ea68917-cfbf-4385-824d-28009b967746
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=2ea68917-cfbf-4385-824d-28009b967746
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Protocol
H2
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/png
date
Wed, 01 Nov 2023 18:36:42 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=2ea68917-cfbf-4385-824d-28009b967746
date
Wed, 01 Nov 2023 18:36:53 GMT
server
Kestrel
content-length
239
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 2BDE
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=f9794e9a6bdc7990d9f6696e54e51d6d
95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=f9794e9a6bdc7990d9f6696e54e51d6d
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3360271948
Protocol
H2
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/png
date
Wed, 01 Nov 2023 18:36:42 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=f9794e9a6bdc7990d9f6696e54e51d6d
access-control-allow-credentials
true
cf-ray
81f63ef5a842a1f0-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
async_usersync
ib.adnxs.com/ Frame C4FD 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
f1a0de4c-bf3b-49c3-8925-f0ee656ccb45
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FD38 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26257
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
usync.js
eus.rubiconproject.com/ Frame D194 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26257
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
khaos.json
token.rubiconproject.com/ Frame A6EA 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOG3NB0A-E-2RSZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
usync.js
eus.rubiconproject.com/ Frame 5C5B 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26256
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
usync.js
eus.rubiconproject.com/ Frame 6FC8 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26256
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame DFCE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZUKaw8Co8YsAAKnTFt0AAAAA
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZUKaw8Co8YsAAKnTFt0AAAAA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40410

Redirect headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZUKaw8Co8YsAAKnTFt0AAAAA","privacy_sensitive":false,"uid":"ZUKaw8Co8YsAAKnTFt0AAAAA","upstream_id":"m-ad345"}
X-SO-Key
ZUKaw8Co8YsAAKnTFt0AAAAA
X-SO-Upstream-ID
m-ad345
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad345.dc4p.scaleout.jp
X-SO-UID
ZUKaw8Co8YsAAKnTFt0AAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
96.9.249.40
X-SO-Cluster-ID
0
Server
nginx
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZUKaw8Co8YsAAKnTFt0AAAAA
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=b48ad48155ff48ec82...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=b48ad48155ff48ec824435cf1d526db7
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=b48ad48155ff48ec824435cf1d526db7
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46951

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=b48ad48155ff48ec824435cf1d526db7
date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame DFCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.171 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
engine
fei.pro-market.net/ Frame DFCE 		43 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fei.pro-market.net/engine?site=161156&size=1x1&mimetype=img&du=23&csync=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp4.c.datonics-gcp-01.internal
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LOG3NB0A-E-2RSZ
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LOG3NB0A-E-2RSZ
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=l6C5vXmxhja9&ev=1&orig=trc&pid=562107
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=l6C5vXmxhja9&ev=1&orig=trc&pid=562107
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=l6C5vXmxhja9&ev=1&orig=trc&pid=562107
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-hqmdl
expires
-1
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame DFCE
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false&ckls=true&ci=bKSiOMSxN7&nc=false&trid...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false&ckls=true&ci=bKSiOMSxN7&nc=false&trid=2108127203
Protocol
H2
Server
18.239.183.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-56.bos50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 7081c54b3a12412858fb9c52e842b4fa.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
N0469TPPTIQFURZpePvfxoT-4cF5GDqGVfYs1LilR7KwkeIPX4v_rg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 997374bc94be8e5887ec6cc90352eeb4.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=359446293&pcid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&is_fpcid=false&ckls=true&ci=bKSiOMSxN7&nc=false&trid=2108127203
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
_6ZjM4luIGQ8yXkv3u8dc2ZFeGejHxK6T3ZxXZb-SdjJjIGzPJmLnw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-2l0Jbc9E2oQNLoj7AfFa1qFR9U8CnrVxTxVh9Q--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab3495f9a8282fty3400log3ncks
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab3495f9a8282fty3400log3ncks
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab3495f9a8282fty3400log3ncks
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
35702
tags.bluekai.com/site/ Frame DFCE 		62 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.185.28 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-185-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
62
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame DFCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=$0&gdpr_consent=$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
sync
odr.mookie1.com/t/v2/ Frame DFCE 		43 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.90.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/neustar/1/ Frame DFCE
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
  • https://d.agkn.com/pixel/10751/?che=1698863814168&ip=96.9.249.40&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D214700604687009727552
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=214700604687009727552
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=214700604687009727552
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13577
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863814.395970,VS0,VE15
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 268f9a71c8d987a5532eac2a8c766186.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=214700604687009727552
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
YRwSq9zC7dve-QDL8O7KLc3DI9UHCV3ZPRadYmOkd9HVEWfeOh2Gzg==
expires
Sat, 01 Jan 2000 00:00:00 GMT
cse
pxl.connexity.net/c/ Frame DFCE 		44 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.connexity.net/c/cse?a=R&A=22c&D=569a&V=9&I0k=ptnrid&I0v=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.19.224.208 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software
nginx /
Resource Hash
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Content-Type
image/gif
Cache-Control
no-store, max-age=-1, post-check=0, pre-check=0
Content-Transfer-Encoding
binary
Connection
keep-alive
Expires
-1
match
ps.eyeota.net/ Frame DFCE
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085097&mapped=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=46e8c9e3fcaefc4f
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=2ea68917-cfbf-4385-824d-28009b967746&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2ea68917-cfbf-4385-824d-28009b967746&bid=1e2n4ou
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 01 Nov 2023 18:36:54 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=2ea68917-cfbf-4385-824d-28009b967746&bid=1e2n4ou
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Kestrel
content-length
191
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=7081728085481991200&orig=trc
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=7081728085481991200&orig=trc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
37091

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
7c76f598-d9bf-4f95-b434-c4971031023e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=7081728085481991200&orig=trc
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEI_u2PqQ3jho4DQnO-AEVLc&google_cver=1
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEI_u2PqQ3jho4DQnO-AEVLc&google_cver=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
35978

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEI_u2PqQ3jho4DQnO-AEVLc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame DFCE
Redirect Chain
  • https://idsync.rlcdn.com/382399.gif?partner_uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEINCdo-lcc7IbpVlOUUXdz4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEINCdo-lcc7IbpVlOUUXdz4&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEINCdo-lcc7IbpVlOUUXdz4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
101956
jadserve.postrelease.com/dmp/ Frame DFCE 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/dmp/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-156-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DFCE 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043:$UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csync.ashx
ml314.com/ Frame DFCE
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3639635123206357020
  • https://ml314.com/csync.ashx?fp=4d53065043e6b5352f350a18fa460335ea04ffe743357de87a35cfe61d54e2e0f4cb09cee1a4f8eb&person_id=3639635123206357020&eid=50082
43 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=4d53065043e6b5352f350a18fa460335ea04ffe743357de87a35cfe61d54e2e0f4cb09cee1a4f8eb&person_id=3639635123206357020&eid=50082
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Thu, 02 Nov 2023 18:36:54 GMT
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=4d53065043e6b5352f350a18fa460335ea04ffe743357de87a35cfe61d54e2e0f4cb09cee1a4f8eb&person_id=3639635123206357020&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame DFCE
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
35978
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
x-served-by
cache-yyz4569-YYZ
server
nginx
x-timer
S1698863814.210864,VS0,VE15
x-fastly-to-nlb-rtt
13700
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2ea68917-cfbf-4385-824d-28009b967746
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Kestrel
content-length
239
rtset
bh.contextweb.com/bh/ Frame DFCE 		49 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-hqmdl
expires
-1
rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame DFCE
Redirect Chain
  • https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c
  • https://sid.storygize.net/csr?r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstorygize-network%2F1%2Frtb-h%3Ftaboola_hm%3D41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
  • https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45116

Redirect headers

location
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
0
/
loadm.exelator.com/load/ Frame DFCE 		0
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%...
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1882594
content-length
0
expires
Wed, 01 Nov 2023 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame DFCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=c667b84df7e5cb4904c3c034b42c60028d8c214ad5037ecc3b30a0c2a52ab182&gdpr=$0&gdpr_consent=$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
6.gif
id5-sync.com/c/464/2/2/ Frame DFCE
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F203%2F6%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/203/6/2.gif?puid=091fbef4-0606-49f1-9543-0aa647a63ab7&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=2ea68917-cfbf-4385-824d-28009b967746&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/4/4.gif?puid=303b087c-cde9-45aa-8a17-dbb86e6d13f1&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F796%2F3%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/464/796/3/5.gif?puid=ec13e11d-fd99-437c-bc7d-26cefe5834b6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/2/6.gif?puid=7081728085481991200&gdpr=0&gdpr_consent=
0
0
sync
ups.analytics.yahoo.com/ups/55973/ Frame DFCE
Redirect Chain
  • https://pixel.advertising.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.87
content-length
391
content-language
en
taboola_td_cookiesync
in.treasuredata.com/postback/v3/event/media/ Frame DFCE 		35 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://in.treasuredata.com/postback/v3/event/media/taboola_td_cookiesync?td_format=pixel&td_write_key=10628/3f27e73e6bd9ea6d999cfb0d5a4af0d1ca246c08&td_global_id=td_global_id&td_ip=td_ip&td_ua=td_ua&taboola_id=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.96.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-96-121.compute-1.amazonaws.com
Software
/
Resource Hash
b05bf1769da8596f575f074474fde72f795f02b7797d7ae0b58b939e1c216047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Wed, 01 Nov 2023 18:36:54 GMT
Strict-Transport-Security
max-age=31536000
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
/
gixel.gnetwork.me/ Frame DFCE 		0
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame DFCE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=taboola&bsw=2f563103-0c1f-4c62-9f7b-4f469acb0125
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=taboola&bsw=2f563103-0c1f-4c62-9f7b-4f469acb0125&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=OTRkY2Y0ZGM3MjBhYzQy&gdpr=0&gdpr_consent=&us_privacy=&ssp=taboola&bsw_param=2f563103-0c1f-4c62-9f7b-4f469acb0125
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45116

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame DFCE 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=10924&tp=OOLA&tpid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.254
content-length
49
expires
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame DFCE
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c&tbid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&query=taboola_hm%3D228b581f-144d-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c&tbid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&query=taboola_hm%3D228b581f-144d-494c-bdd8-71fc6775964c&isDirect=0
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1698863814.241045,VS0,VE20
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yyz4569-YYZ

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=228b581f-144d-494c-bdd8-71fc6775964c&tbid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&query=taboola_hm%3D228b581f-144d-494c-bdd8-71fc6775964c&isDirect=0
date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050
cm
trc.taboola.com/sg/salesforce/1/ Frame DFCE
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=taboola
  • https://trc.taboola.com/sg/salesforce/1/cm?taboola_hm=P4-w6nWt
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/salesforce/1/cm?taboola_hm=P4-w6nWt
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13750
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4569-YYZ
pragma
no-cache
server
nginx
x-timer
S1698863814.191685,VS0,VE15
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/salesforce/1/cm?taboola_hm=P4-w6nWt
date
Wed, 01 Nov 2023 18:36:54 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
66627
i.liadm.com/s/ Frame DFCE 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/66627?bidder_id=88068&bidder_uuid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.10.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-10-237.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame DFCE 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame DFCE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=DfQmfKyCUNjIWZLNKMvn&pi=taboola&tc=1
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=DfQmfKyCUNjIWZLNKMvn&pi=taboola&tc=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45116

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=DfQmfKyCUNjIWZLNKMvn&pi=taboola&tc=1
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT, Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame DFCE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dbba42df-efa6-4f9c-9783-14f434a0a033
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dbba42df-efa6-4f9c-9783-14f434a0a033
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42050

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dbba42df-efa6-4f9c-9783-14f434a0a033
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:54 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
916
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4569-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1698863814.151596,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
45
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1230
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:54 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
26429
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4569-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698863814.152005,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
88
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
44765
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:54 GMT
x-amz-request-id
S9J5BFAA7WPTMDGJ
age
25258
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wWtPRy+nUtfHDp77gPzlWCF3v6EWhngazARKv0aGBw+bq/wfsPbkn4AZ0roXloZfIZagWP16wbs=
x-served-by
cache-yyz4569-YYZ
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1698863814.151989,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
70
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
31264
cwc.es5.js
cdn.taboola.com/scripts/ 		743 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cwc.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
IYbtgS7TGj76rfUv8k6SvppRdu.fLwnH
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Nov 2023 18:36:54 GMT
x-amz-request-id
GZ4YTCQR8F8RZJ19
age
22808
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
405
x-amz-id-2
eciKT6xgm73CY7D9v1F94EtEiG/W39vURPjP2G5N5GZOYwCbL0HvXF5zgpoRINjjrKAn1UupJRQ=
x-served-by
cache-yyz4569-YYZ
last-modified
Mon, 18 Jul 2022 11:56:22 GMT
server
AmazonS3
x-timer
S1698863814.151976,VS0,VE0
etag
"c7297e1aade4377754403b305af75d61"
vary
Accept-Encoding
content-type
application/javascript
abp
28
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4005
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0D4B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31236
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 01 Nov 2023 18:36:54 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
769, 73205
X-Served-By
cache-lga13626-LGA, cache-yyz4560-YYZ
X-Timer
S1698863814.194978,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 896F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 18:36:54 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E506 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.69.5 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-5.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://windsplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=43646
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 01 Nov 2023 18:36:54 GMT
expires
Thu, 02 Nov 2023 06:44:20 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9256 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
6934fd14-d8c4-4e83-ac9c-fe6dc71d8118
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0A4C 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
01e64a6a-0ab7-40e4-8460-8c91aaaef3ca
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=fbb86542-9ac6-4700-bd4b-aaa10c0881a4&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=fbb86542-9ac6-4700-bd4b-aaa10c0881a4&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
MT3 1075 283b7e3 master ord ord-pixel-x54 config_version:"2382"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=fbb86542-9ac6-4700-bd4b-aaa10c0881a4&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 01 Nov 2023 18:36:53 GMT
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOG3NB0A-E-2RSZ&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOG3NB0A-E-2RSZ&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOG3NB0A-E-2RSZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2eb7d209ab67664d6226c75331547ba1
Expires
0
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7081728085481991200
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7081728085481991200
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
4d54d8f2-0ac3-4579-98fc-3b8f31da937b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7081728085481991200
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=75527e5ee3c4a273825829902549ed&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=75527e5ee3c4a273825829902549ed&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=75527e5ee3c4a273825829902549ed&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698863814202067-142
tap.php
pixel.rubiconproject.com/ Frame 57E5 		42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 57E5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4wsllpyaqQaw5Vf80kzdLl-fSBj3LgmDA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4wsllpyaqQaw5Vf80kzdLl-fSBj3LgmDA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4wsllpyaqQaw5Vf80kzdLl-fSBj3LgmDA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8102726937115843756
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8102726937115843756
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8102726937115843756
date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 57E5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
07WMVH3HA98P3C7ACPJY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKzyZ8grTC5CgSQDt4wqgfw&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKzyZ8grTC5CgSQDt4wqgfw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKzyZ8grTC5CgSQDt4wqgfw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=l6C5vXmxhja9&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=l6C5vXmxhja9&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=l6C5vXmxhja9&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-hqmdl
expires
-1
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=53ecef42e6112409&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMzWd-H6me3QM7j1mHAAAAAAA&expiration=1698950214
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMzWd-H6me3QM7j1mHAAAAAAA&expiration=1698950214
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMzWd-H6me3QM7j1mHAAAAAAA&expiration=1698950214
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-MKhZLERE2uHCRj8iySDB.j8t.8GQ72mYN.clcCg-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-MKhZLERE2uHCRj8iySDB.j8t.8GQ72mYN.clcCg-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-MKhZLERE2uHCRj8iySDB.j8t.8GQ72mYN.clcCg-~A
date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=2ea68917-cfbf-4385-824d-28009b967746&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 57E5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2810316567025533345&expires=30&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=2f563103-0c1f-4c62-9f7b-4f469acb0125&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/b68d15d845168591d6416f7692d01261/ Frame 57E5 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/b68d15d845168591d6416f7692d01261/?uid=mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/png
date
Wed, 01 Nov 2023 18:36:42 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async_usersync
ib.adnxs.com/ Frame 2DFD 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
48130cda-ec10-4f63-b047-e6796085bd9e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A310 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
c7f4ef49-5f11-47f0-958e-c62c21fa5d56
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
hb.yahoo.net/ Frame A6EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOG3NB0A-E-2RSZ&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOG3NB0A-E-2RSZ&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=LOG3NB0A-E-2RSZ&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=LOG3NB0A-E-2RSZ&dpid=58160
Protocol
H2
Server
23.40.179.59 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-59.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 01 Nov 2023 18:36:54 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WFdCUGFWRTJ1Rnh6R3c2SW9aYlJrYlc1RlRGa1VmRH5B&ovsid=LOG3NB0A-E-2RSZ&dpid=58160
date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOG3NB0A-E-2RSZ
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOG3NB0A-E-2RSZ
43 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
2600:9000:26dc:6a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 997374bc94be8e5887ec6cc90352eeb4.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
d4bCxTmtYZN_7yBQ89EAF_SqFOnDmkIEUWn3lU2P2XZ2KNqZGhCc-A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
via
1.1 bae03a76f4f3eb92893beec8dc1a7f7c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
BOS50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOG3NB0A-E-2RSZ
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
ClHsQxlzMI4_HWN1x2t7gf2DF62yl6MSCnUWRlJSPjD5FEed9xO4NQ==
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=091fbef4-0606-49f1-9543-0aa647a63ab7
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=091fbef4-0606-49f1-9543-0aa647a63ab7
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=091fbef4-0606-49f1-9543-0aa647a63ab7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
824369
content-length
0
expires
Wed, 01 Nov 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4978319480049069945
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4978319480049069945
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=4978319480049069945
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=74a7c137-edb2-4cba-9830-5340de3649b8
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=74a7c137-edb2-4cba-9830-5340de3649b8
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:06 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=74a7c137-edb2-4cba-9830-5340de3649b8
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=CoW8UMfBUSNUXv9jpxnClmAJ-Sg
Date
Wed, 01 Nov 2023 18:36:54 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOG3NB0A-E-2RSZ
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
34.149.50.64 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7081728085481991200&expires=30
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7081728085481991200&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
d4062842-e95f-4efe-8df7-abe0d33f4eb5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7081728085481991200&expires=30
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3122232386686183181&expires=60&gdpr=0&gdpr_consent=
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3122232386686183181&expires=60&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3122232386686183181&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
sync.targeting.unrulymedia.com/csync/ Frame A6EA
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6230504512
  • https://sync.1rx.io/usersync/tradedesk/2ea68917-cfbf-4385-824d-28009b967746
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
esync
token.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LOG3NB0A-E-2RSZ
  • https://sync.targeting.unrulymedia.com/csync/RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-e4c2eda9-3348-42...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005&expires=30
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
Tengine
ETag
RXe4c2eda93348421fa82659e66031b2ba005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005&expires=30
Content-Type
text/html
Connection
keep-alive
tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain
  • https://match.deepintent.com/usersync/143
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_66bb61ecc3374ad5a3b55
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_66bb61ecc3374ad5a3b55
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_66bb61ecc3374ad5a3b55
date
Wed, 01 Nov 2023 18:36:53 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
cs
cs.minutemedia-prebid.com/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LOG3NB0A-E-2RSZ
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LOG3NB0A-E-2RSZ
Protocol
H2
Server
3.212.136.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-136-27.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
setuid
s2s.t13.io/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
86 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
match
events-ssc.33across.com/ Frame A6EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LOG3NB0A-E-2RSZ
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863814&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863814&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LOG3NB0A-E-2RSZ&ts=1698863814&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 896F 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.130.170 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-130-170.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Nov 2023 01:54:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26256
Connection
keep-alive
Content-Length
11104
Expires
Thu, 02 Nov 2023 01:54:30 GMT
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-yyz4535-YYZ
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://finans.mynet.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
async_usersync
ib.adnxs.com/ Frame 0D4B 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.184 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
an-x-request-uuid
3c2d19fb-bf13-4f12-bb54-d1ece9fb316c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://finans.mynet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-store
server
nginx
v-e1df3ab4-1142-45bf-3258345-ad11-95a9d1f746e1-s13.8-19.8tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		88 KB
88 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e1df3ab4-1142-45bf-3258345-ad11-95a9d1f746e1-s13.8-19.8tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fa0e5ec495d669b4b3a68b8c8af579d8d06efd0a0ef1b7da434c3ffa24af968b

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Last-Modified
Wed, 01 Nov 2023 12:41:01 GMT
ETag
"1698842461"
X-HW
1698863813.dop225.ch4.shc,1698863814.dop225.ch4.t,1698863814.cds212.ch4.p
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 0-89610/89611
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
89611
khaos.json
token.rubiconproject.com/ Frame 9069 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOG3NB0A-E-2RSZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8818 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOG3NB0A-E-2RSZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
cookie-sync
sync.outbrain.com/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG3NB0A-E-2RSZ&obUid=&initiator=
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG3NB0A-E-2RSZ&obUid=&initiator=
Protocol
HTTP/1.1
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
no-cache
X-TraceId
f7e8231852ba7fc69a637f9a063495be
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LOG3NB0A-E-2RSZ&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG3NB0A-E-2RSZ&name=RUBICON
49 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG3NB0A-E-2RSZ&name=RUBICON
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOG3NB0A-E-2RSZ&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOG3NB0A-E-2RSZ
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOG3NB0A-E-2RSZ
Protocol
H2
Server
54.235.123.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-123-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
cs
cs.yellowblue.io/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage
  • https://cs.yellowblue.io/cs?aid=11590&id=LOG3NB0A-E-2RSZ
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LOG3NB0A-E-2RSZ
Protocol
H2
Server
18.232.190.217 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
60909
i.liadm.com/s/ Frame 9069
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LOG3NB0A-E-2RSZ
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LOG3NB0A-E-2RSZ
Protocol
HTTP/1.1
Server
52.71.10.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-10-237.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LOG3NB0A-E-2RSZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&expires=360&gdpr=0&gdpr_consent=
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&expires=360&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZUKawgAAiz1TOgAU
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZUKawgAAiz1TOgAU
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-yyz4537-YYZ
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698863815.616623,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZUKawgAAiz1TOgAU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=a0dd2d92-78e5-11ee-bebf-6e5179533f8c&expires=60
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=a0dd2d92-78e5-11ee-bebf-6e5179533f8c&expires=60
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
Cowboy
content-type
image/gif
location
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=a0dd2d92-78e5-11ee-bebf-6e5179533f8c&expires=60
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3B0BD726E5DF48818E605A6E7F99D71D&expires=365
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3B0BD726E5DF48818E605A6E7F99D71D&expires=365
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3B0BD726E5DF48818E605A6E7F99D71D&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 31 Oct 2023 18:36:54 GMT
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=OqmQotReTlksHds9aVDTkQ
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=243494afab8b06a9&is_secure=true&networkId=12783&version=1&nuid=OqmQotReTlksHds9aVDTkQ
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAABsL8Vy-glswMTv3_JAAAAAAA&expiration=1698950214&nuid=OqmQotReTlksHds9aVDTkQ&is_secure=true
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAABsL8Vy-glswMTv3_JAAAAAAA&expiration=1698950214&nuid=OqmQotReTlksHds9aVDTkQ&is_secure=true
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAABsL8Vy-glswMTv3_JAAAAAAA&expiration=1698950214&nuid=OqmQotReTlksHds9aVDTkQ&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame 9069 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Rubicon
crb.kargo.com/api/v1/dsync/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LOG3NB0A-E-2RSZ
43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
34.206.214.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-214-59.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LOG3NB0A-E-2RSZ
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LOG3NB0A-E-2RSZ
Protocol
HTTP/1.1
Server
23.105.14.106 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.106.rdns.racklot.com
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 01 Nov 2023 18:36:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 9069
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG3NB0A-E-2RSZ
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG3NB0A-E-2RSZ
Protocol
H2
Server
96.46.186.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
i.match
a.tribalfusion.com/ Frame 9069 		43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81f63ef95a464bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9069
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296564521511483533&expires=730
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296564521511483533&expires=730
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7296564521511483533&expires=730
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
usr.undertone.com/userPixel/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LOG3NB0A-E-2RSZ
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
18.161.34.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 da1815f8c76e376684e7d01242493d36.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P2
content-length
0
x-amz-cf-id
KdRf9KRM93fDglDCthnR5gErKpsrO4Yc_hTfv13eru3dkCO4N8I3rw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
setuid
prebid-s2s.media.net/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
86 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
34.107.148.139 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
sync
ads.yieldmo.com/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOG3NB0A-E-2RSZ
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LOG3NB0A-E-2RSZ
Protocol
H2
Server
54.208.192.0 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=l6C5vXmxhja9&ev=1&pid=560687
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=l6C5vXmxhja9&ev=1&pid=560687
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=l6C5vXmxhja9&ev=1&pid=560687
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-hqmdl
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=JRGHLFp1m5yWjqBkUI_1
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=JRGHLFp1m5yWjqBkUI_1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Wed, 01 Nov 2023 18:36:54 GMT
Content-Type
text/html; charset=utf-8
Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=JRGHLFp1m5yWjqBkUI_1
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
129
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=847523361694&expires=30&us_privacy=1---
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=847523361694&expires=30&us_privacy=1---
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=847523361694&expires=30&us_privacy=1---
Content-Length
0
setuid
sync.ex.co/v1/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17136_2
  • https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LOG3NB0A-E-2RSZ
86 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
3.225.78.235 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
date
Wed, 01 Nov 2023 18:36:54 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.ex.co/v1/setuid?bidder=rubicon&gdpr=&gdpr_consent=&uid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
/
csync.loopme.me/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LOG3NB0A-E-2RSZ
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
35.214.168.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.168.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LOG3NB0A-E-2RSZ
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LOG3NB0A-E-2RSZ
Protocol
H2
Server
2606:ae80:1471:1b::1780 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:55 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
image/gif
cache-control
no-cache
content-length
43
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33645_10B7A5111_6C454A54&expires=60
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33645_10B7A5111_6C454A54&expires=60
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33645_10B7A5111_6C454A54&expires=60
Date
Wed, 01 Nov 2023 18:36:54 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-381868614; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=VRyGl1pI0ZdOGYSXVkufnAFIh5ZOStSTBxBUe4oi
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=VRyGl1pI0ZdOGYSXVkufnAFIh5ZOStSTBxBUe4oi
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 18:36:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=VRyGl1pI0ZdOGYSXVkufnAFIh5ZOStSTBxBUe4oi
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
e.serverbid.com/ Frame 8818
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LOG3NB0A-E-2RSZ
35 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LOG3NB0A-E-2RSZ
Protocol
H2
Server
159.89.246.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LOG3NB0A-E-2RSZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=74559447-8dd9-43d7-a2be-9d320f1b460e
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=74559447-8dd9-43d7-a2be-9d320f1b460e
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=74559447-8dd9-43d7-a2be-9d320f1b460e
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=8102726937115843756&gdpr=0&gdpr_consent=
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=8102726937115843756&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=8102726937115843756&gdpr=0&gdpr_consent=
date
Wed, 01 Nov 2023 18:36:54 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://rcp.c.appier.net/rbcm
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=n2jWs8pcBwmBUG8sxppCZQ&expires=365
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=n2jWs8pcBwmBUG8sxppCZQ&expires=365
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 01 Nov 2023 18:36:55 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=n2jWs8pcBwmBUG8sxppCZQ&expires=365
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
131
tap.php
pixel.rubiconproject.com/ Frame 8818
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=64
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2810316567025533345&expires=30
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2810316567025533345&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2810316567025533345&expires=30
Date
Wed, 01 Nov 2023 18:36:54 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v-c43aafda-3451-404a-3258362-86d5-a367b1eb74ed-s75.88-81.88tvs.mp4
apv-static.tldw.me/videos/ Frame EA59 		123 KB
123 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-c43aafda-3451-404a-3258362-86d5-a367b1eb74ed-s75.88-81.88tvs.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9a821a00da9903f0b9cc63e7ca5c8509017b9807bf69d4d77f46b42571576cb1

Request headers

Referer
https://finans.mynet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 01 Nov 2023 18:36:55 GMT
Last-Modified
Wed, 01 Nov 2023 12:41:48 GMT
ETag
"1698842508"
X-HW
1698863813.dop225.ch4.shc,1698863814.dop225.ch4.t,1698863814.cds249.ch4.p
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Content-Range
bytes 0-125752/125753
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
125753
_.gif
counter.tldw.me/ Frame EA59 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finans.mynet.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Nov 2023 18:36:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hw
1698863812.dop014.ny3.t,1698863815.cds129.ny3.shn,1698863815.cds129.ny3.sc,1698863815.cds129.ny3.p
content-type
image/gif
access-control-allow-origin
https://finans.mynet.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81f63efe59a74bd2-BUF
access-control-allow-headers
Content-Type
content-length
0
expires
Wed, 01 Nov 2023 18:36:55 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1F83 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 4187 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156423&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:51:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mynet.rtb.pixad.com.tr
URL
https://mynet.rtb.pixad.com.tr/pb
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
bs.yandex.ru
URL
https://bs.yandex.ru/prebid/2362216?imp-id=1&target-ref=finans.mynet.com&ssp-id=10500
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/sync-external?uid=JRGHLFp1m5yWjqBkUI_1&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPKKKJDUQTCGOAYW2NLZK5VHCQTLKVEV6MI
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162930
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/464/2/2/6.gif?puid=7081728085481991200&gdpr=0&gdpr_consent=
Domain
gixel.gnetwork.me
URL
https://gixel.gnetwork.me/?giaudi_id=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043

Verdicts & Comments Add Verdict or Comment

497 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| documentPictureInPicture object| _sf_async_config number| _sf_startpt string| getPageScript string| _rosetta_service string| siteBaseUrl object| MynetGlobal object| mynetNewHeader object| MYNET_MAIN_GLOBAL boolean| isPremiumUser object| visitor_subscriptions function| myChecker object| lazySizesConfig object| dataLayer string| MynetObject function| mynetReady function| MyHeadJsLoaded object| pbjs object| googletag object| MynetAds object| Criteo function| CriteoAdblock function| slugify function| refreshAd object| ggeac object| google_tag_data object| google_js_reporting_queue object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_144 object| Criteo_144 function| initChartData object| Highcharts object| bodyElement object| clickElements number| elNum object| promotionsMenu function| eComPushEvent function| Swiper object| categorySliderThumbs object| categorySlider object| creditType object| creditTypeInstallments object| _taboola boolean| hasFocus object| base64 number| hexcase string| b64pad number| chrsz undefined| mynetmyLoginUsername function| hex_mymd function| b64_mymd function| str_mymd function| hex_hmac_mymd function| b64_hmac_mymd function| str_hmac_mymd function| core_mymd function| mymd_cmn function| mymd_ff function| mymd_gg function| mymd_hh function| core_hmac_mymd function| safe_add function| rol function| str2binl function| binl2str function| binl2hex function| binl2b64 string| nameofservice object| myLogin function| myignoreSpaces function| myemptyStringControl function| mycheckatsign function| mycheckfirst function| myvalidate function| myLogInInit function| myProcessLogin function| getParameterByName object| myHtmlLogin object| myRegister function| googleConnectcallback function| $ function| jQuery object| lscache function| Cookies object| ___gcfg undefined| google_measure_js_timing object| EasyAutocomplete function| MynetObjectReady function| setCookie function| getCookie function| setEvent function| changeLogoSpecialDay function| pageSkinScroll object| $stickyFooterAdContainer object| $pageSwipePagination object| $btnBackHome string| userAgent object| localStorageStatusManagement object| util object| homeLogin number| intervalFetch object| sharesLiveUsers function| changeTabChartData function| initChartExtraData function| getStatIcon function| extraTableHeadCreater function| extraTableBodyCreater function| getDateFormat function| connWS number| ipad function| formatMoney function| setScrollPageDiv function| openTab function| getMoreFinanceNews function| getMoreTarihselVeri function| openSidebarBulletinForm function| faizHesapla function| loadCurrency function| currConvert function| closeAddedPopup function| popupTemplate function| addUserStocksData function| updateUserStocksData function| removeUserStocksData function| myPageDataManager function| setAutoCompleteSearch function| getDateFormatEvents function| tabSelector function| openEventDesc function| getCalendarEvents function| renderCalendarEventsTable function| getTaboolaOffsetTop function| setStickySidebar function| setPageTheme function| sortableReactTable function| dataLayerEventPush function| hangiKrediSetCustomDimension object| lazySizes function| Sortable object| creditCalculationWidget function| fbq function| _fbq object| FB object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YmIwNjk3Y2M1M2Q2MjYyOWxvYWRlcl9qcw== string| YmIwNjk3Y2M1M2Q2MjYyOWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_manager function| mpfContainr object| mynetChangeFinanceData object| headScript object| taboolaWidgetDiv object| bodyScript object| __buffer object| Criteo_identitytag_144 function| onYouTubeIframeAPIReady object| gaGlobal object| CONTAINR_LOGS object| pCache object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __tgconf function| __tginitcb function| Tapad function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| _mappingResponses object| __iat_api object| __tgunits boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| pbjsChunk object| _pbjsGlobals object| _33across number| google_unique_id number| gWidth boolean| _min_launcher_active object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min object| scriptSrcSplitted function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image boolean| _minAlreadyLoaded string| codeConvertHtmlClass object| apstag object| PWT object| google_reactive_ads_global_state object| GoogleGcLKhOms object| _aps boolean| apstagLOADED object| apscustom object| owpbjsChunk object| owpbjs object| mnet object| ucTag object| OWT string| partnerName string| key function| _33AcrossIdMappingsProvider object| _33Across function| __uspapi object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| udm_ads_queue boolean| udm_edge_init object| tbopt object| msgData object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| quantserve function| __qc object| _qevents object| ezt object| _qoptions object| udm_r3Chunk object| udm_r3 function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| _tynt_jp number| ac boolean| google_empty_script_included boolean| ecd886ba-fbc7-4c90-a45f-94d16a95604b object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds number| _tynt_gpt_iframe_id object| google_image_requests number| taboola_view_id string| nam object| placementData function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive object| minutelyTaboolaAPI object| cmTag object| _cm_wfCounters string| lastWfUrl function| startCMTagMain string| category function| OvaMediaPlayer function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

309 Cookies

Domain/Path Name / Value
.taboola.com/mynetnewtr-mynet/ Name: taboola_session_id
Value: v2_918e8b64af39a10f1f76578a5ee88ab6_df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043_1698863811_1698863811_CNawjgYQ4d1TGOSZsuG4MSABKAMw4QE4kaQOQNH4DkiP1tkDUPkDWABgAGjM5NTS6dDlyd4BcAE
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCyFgoJCP____8HELwW
i6.liadm.com/s Name: _li_ss
Value: CgA
.criteo.com/ Name: uid
Value: 091fbef4-0606-49f1-9543-0aa647a63ab7
.mynet.com/ Name: _ga_4SD1QQV4KB
Value: GS1.1.1698863806.1.0.1698863806.60.0.0
.mynet.com/ Name: _ga
Value: GA1.1.1924489594.1698863807
.mynet.com/ Name: lotame_domain_check
Value: mynet.com
finans.mynet.com/ Name: TAPAD
Value: %7B%22id%22%3A%2290785076-db6b-4e6d-bf92-9cb187d91f82%22%7D
.openx.net/ Name: i
Value: 8f2c9ea5-ac20-413c-bffb-dd9af1fa377a|1698863806
.insurads.com/ Name: ___iat_gid
Value: C32E2DC4C9A3B7BC
.mynet.com/ Name: ___iat_ses
Value: C32E2DC4C9A3B7BC
.mynet.com/ Name: ___iat_vis
Value: C32E2DC4C9A3B7BC.296abd68389dbd337db4085c8dc9b57c.1698863806741.073a8a0f4289d45fd414bd6b0d9748cb.MJOZZIBREM.11111111.1.0
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 3aaf53616af7e0a0473fc65708a297be
.mynet.com/ Name: _cc_id
Value: 3aaf53616af7e0a0473fc65708a297be
.mynet.com/ Name: panoramaId_expiry
Value: 1698950206795
.tapad.com/ Name: TapAd_TS
Value: 1698863806941
.tapad.com/ Name: TapAd_DID
Value: cd4d6cd0-d133-41ed-95ce-4459e909b2d6
.mynet.com/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%22b15948ba41-80dd3d1be8-ad5ad9dc47-a7c5a86b13-9fc1a5b3e6%22%2C%22uid%22%3A%22eb170d1179-c257ab095a-7e3d5ab8c5-1f6ca6314f-cf0c4e6cc3%22%2C%22__sidts__%22%3A1698863807067%2C%22__uidts__%22%3A1698863807067%7D
finans.mynet.com/ Name: minVersion
Value: {"experiment":1171680397,"minFlavor":"Mynet Prod - Tags Updatemi-scraper-1.17.0.99.js100"}
.yahoo.com/ Name: A3
Value: d=AQABBL-aQmUCEDBK0OZLXGOJef9Q9CMil4cFEgEBAQHsQ2VMZQAAAAAA_eMAAA&S=AQAAArHUTFDLni7yhBsd5lVHxVs
.adsrvr.org/ Name: TDID
Value: 2ea68917-cfbf-4385-824d-28009b967746
.rubiconproject.com/ Name: khaos
Value: LOG3NB0A-E-2RSZ
.mynet.com/ Name: myloc
Value: US
.doubleclick.net/ Name: IDE
Value: AHWqTUmYxcnxeDSvQUxk63AnqrqxwfygXO0-i5Y0o4MX3ko2uWCulQapcnjstktt3ME
.amazon-adsystem.com/ Name: ad-id
Value: A7e8_yTyjE_ShHqnBJC2Kwc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: univ_id
Value: 537072971|2ea68917-cfbf-4385-824d-28009b967746|1698863807354161
.mynet.com/ Name: cto_bundle
Value: AdAn7l9jU2ZuRGNZWVJKTWQzUnNYcmY1U2I4JTJCd0MlMkJIZlhDc08wM0dnS2MwZVdhJTJCRGFmZCUyQmZldjlEV0dHVnRKakw1c2ZqcnpvVU9zOTF4ZFB1OThiMGxiZGNIUGpEZ2U5TGpmVVppMUR0QmxFdk5YMUZSZFo2OUdWZWp6WllkNW8yTGQ1V2xoJTJGJTJGNzdRZ1FUQzM0SmU4cGtyV1ElM0QlM0Q
.mynet.com/ Name: cto_bidid
Value: LOIU7V9mbnh2WFFXWG1xOTkzTEROZFM3JTJCRU40NVhSWE45aHFRclNDOTlFaHdTZmN5Mm16MVFpcHlJUHdmMlhsV202Wk1hbVFFaHdzdEowaFd2JTJCWW44RTFnM1FmQmFRWHpnWXJHWGhYZ2ozMGZRQjglM0Q
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mynet.com/ Name: __gads
Value: ID=b7c242115707663a:T=1698863807:RT=1698863807:S=ALNI_Ma5iXSicGvz6Q4-keKH4vJs9X_2xA
.mynet.com/ Name: __gpi
Value: UID=00000d9e527e491f:T=1698863807:RT=1698863807:S=ALNI_MZl7LfcNENFu88RbDgpdLDbBnrUWw
finans.mynet.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mynet.com/ Name: _pubcid
Value: ebc7ac45-f26b-4892-b288-1e4618dd8fc0
.udmserve.net/ Name: dt
Value: A068C3FE-8077-3F9D-A51E-FC6F273EB502
.33across.com/ Name: check
Value: true
.tynt.com/ Name: uid
Value: CoIKSmVCmsBn4xieBGZVAg==
.casalemedia.com/ Name: CMID
Value: ZUKawDK.TRds0rU7ur19jwAA
.casalemedia.com/ Name: CMPS
Value: 1431
.casalemedia.com/ Name: CMPRO
Value: 1431
.adnxs.com/ Name: uuid2
Value: 7081728085481991200
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
.go.sonobi.com/ Name: __uis
Value: 303b087c-cde9-45aa-8a17-dbb86e6d13f1
.go.sonobi.com/ Name: HAPLB8G
Value: s85172|ZUKaw
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: 0316efb0-db63-39cf-9936-a6381e9b2df2
.technoratimedia.com/ Name: tads_uidp_44
Value: LOG0RMW6-19-HDZ6
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 7860533598095315952
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAGIUJwp8hbzANromvLAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: a22d43af-f912-4b4e-9ed9-08d4be25ce1c
.technoratimedia.com/ Name: tads_uidp_61
Value: 212330262474782
.technoratimedia.com/ Name: tads_uidp_62
Value: 3418605706634131000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: MdFOpXIdKZjKBdqZ0zL9LtqXurRxyMa1
.technoratimedia.com/ Name: tads_uidp_7
Value: c8603050-af6b-4fd2-89fa-d6e766431c9f
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-63946939-015c-4d99-b977-aedd31db6ae9-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ZGjhoN8Ryln4_nNF9G2GrqQb1BH5WTgCcCOpqqJpp7c
.technoratimedia.com/ Name: tads_uidp_79
Value: 2596aee6-0658-406e-8324-ca71cda03fed
.technoratimedia.com/ Name: tads_uidp_80
Value: y-GvaQMNZE2uHtaFjt5P.PxB85WyuFwi8S~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZUKH2m2pkuBbwBnybtgtvgAA&3552
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 4007374239416462518513
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230719045631+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.smaato.net/ Name: SCM
Value: 2bca8c55ec
.smaato.net/ Name: SCMaps
Value: 2bca8c55ec
.simpli.fi/ Name: suid
Value: 3B0BD726E5DF48818E605A6E7F99D71D
.udmserve.net/ Name: sonobi
Value: 303b087c-cde9-45aa-8a17-dbb86e6d13f1
.mgid.com/ Name: lmg_usr
Value: 78da4519-7068-4644-93a5-ec56127063a8
.mgid.com/ Name: lmg_r
Value: 24
.udmserve.net/ Name: yahoo
Value: y-uy4BfKZE2uLRY6TnjKxKhej8umS1VkeU~A
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1698863808939%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1698863809033%7D%5D
.udmserve.net/ Name: udmts
Value: 1698863809.0
.udmserve.net/ Name: sncr
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.udmserve.net/ Name: indx
Value: ZUKawDK-TRds0rU7ur19jwAABZcAAAIB
.smartadserver.com/ Name: pid
Value: 8102726937115843756
.mediago.io/ Name: __mguid_
Value: 2a46ab3495f9a8282fty3400log3ncks
.udmserve.net/ Name: apnid
Value: 7081728085481991200
.udmserve.net/ Name: mgid
Value: 78da4519-7068-4644-93a5-ec56127063a8
.sharethrough.com/ Name: stx_user_id
Value: 4b9b55ab-128b-491f-b448-11160307ceb9
.media.net/ Name: visitor-id
Value: 3418654096634453000V10
.udmserve.net/ Name: magid
Value: LOG3NB0A-E-2RSZ
finans.mynet.com/ Name: udmsrc
Value: %7B%7D
.udmserve.net/ Name: pmid
Value: D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
.33across.com/ Name: 33x_ps
Value: u%3D212330338063484%3As1%3D1698863809546%3Ats%3D1698863809546
.sitescout.com/ Name: ssi
Value: cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1#1698863809547
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILgOcmwQcY_98Qc2ffI2bgWNwMVl7_2PpXvOXyHlKEV_EHwYBCDBtYqqBjABOgSSgrqOQgR98i43.U7DRbuZrEgD7ghGaLyUrrw8O66EU%2FlTEjwxZQOmTYEk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILgOcmwQcY_98Qc2ffI2bgWNwMVl7_2PpXvOXyHlKEV_EHwYBCDBtYqqBjABOgSSgrqOQgR98i43.U7DRbuZrEgD7ghGaLyUrrw8O66EU%2FlTEjwxZQOmTYEk
.openx.net/ Name: pd
Value: v2|1698863806.3|vPvMgakWgy.mmiKbwuYeShEgKwrg2f8
finans.mynet.com/ Name: udm_edge_floater_fcap
Value: %5B1698863809774%5D
finans.mynet.com/ Name: udm_session
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-fee5f018-dc69-383a-af3e-35ecd8c0ae34
.lijit.com/ Name: ljt_reader
Value: HlbcdBZHBgn1_7qYR6GvAvRY
.go.affec.tv/ Name: ck
Value: 65429ac122e23100018f0cc3
.go.affec.tv/ Name: oo
Value: 1
.eyeota.net/ Name: mako_uid
Value: 18b8c2c8587-393a0000010a5436
.eyeota.net/ Name: SERVERID
Value: 21558~DM
.linkedin.com/ Name: li_sugr
Value: 5f1e54dc-d96f-4b5e-8365-d330c38dc637
.linkedin.com/ Name: bcookie
Value: "v=2&a1297730-5a85-44f7-80e4-6e59e9558924"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2676:u=1:x=1:i=1698863809:t=1698950209:v=2:sig=AQEYoJaLoUJbcLjOAGoiGDfGmO1hInzG"
.udmserve.net/ Name: geode
Value: 63823635409:96.9.249.40:840:C2457:D505:S23:us:ypsilanti:Michigan:48197:wifi:hosting:?
.quantserve.com/ Name: mc
Value: 65429ac2-0625b-9ba53-cf6d9
.richaudience.com/ Name: pdid
Value: f6bb3dc7-e234-4487-a282-0zz1698863809
.turn.com/ Name: uid
Value: 3122232386686183181
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUKawgAAiz1TOgAU
.bidswitch.net/ Name: tuuid
Value: 2f563103-0c1f-4c62-9f7b-4f469acb0125
.bidswitch.net/ Name: c
Value: 1698863810
.bidswitch.net/ Name: tuuid_lu
Value: 1698863810
.zemanta.com/ Name: zuid
Value: JRGHLFp1m5yWjqBkUI_1
.exelator.com/ Name: EE
Value: "15ed04f149c3c739af77e6e46816018a"
.3lift.com/ Name: tluid
Value: 132091664134189312048
.clickagy.com/ Name: cb
Value: ZUKawpvqYhA8ClhACcBne1ob
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-11-01 18:36:50"}]
.ipredictive.com/ Name: cu
Value: ec13e11d-fd99-437c-bc7d-26cefe5834b6|1698863810189
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQNDXFwCTN0MQy2TjZ3NgyMc3cPNUs1cTMwtDMwNAicXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6otDgxUUpaQyLSopPBR89JgYAibQqAg%253D%253D"
.rezync.com/ Name: zync-uuid
Value: 20212f60-3090-4066-ba12-9907ff511e0c:1698863810.178902
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3B0BD726E5DF48818E605A6E7F99D71D&KRTB&23486-uid:3B0BD726E5DF48818E605A6E7F99D71D&KRTB&23489-uid:3B0BD726E5DF48818E605A6E7F99D71D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEH36tXgCq2h_s4B970pucpM&KRTB&23025-CAESEH36tXgCq2h_s4B970pucpM&KRTB&23386-CAESEH36tXgCq2h_s4B970pucpM
.krxd.net/ Name: _kuid_
Value: P4-w6nWt
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY5ODg2MzgxMCwiaWQiOiI3MDgxNzI4MDg1NDgxOTkxMjAwIiwibHMiOjE2OTg4NjM4MTB9LCJ0dCI6eyJkdCI6MTY5ODg2MzgwOSwiaWQiOiJDb0lLU21WQ21zQm40eGllQkdaVkFnPT0iLCJscyI6MTY5ODg2MzgwOX0sInRkIjp7ImR0IjoxNjk4ODYzODEwLCJpZCI6IjJlYTY4OTE3LWNmYmYtNDM4NS04MjRkLTI4MDA5Yjk2Nzc0NiIsImxzIjoxNjk4ODYzODEwfSwidiI6MH0=|1698863810|ad1f89da3faceae815106858cdadadb307901cdc
.mynet.com/ Name: __qca
Value: P0-821405147-1698863809239
.mynet.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8IUCRcUPmJeaIU8v1x5bPNFM3SCdieorkZ_xd8J7BQHYejB9Ei28OmPvpFj6VMyaKfV0pfruacNS-E965YgEEi4c-mhhfYYwXG81suJPd1YLqoJEPZX9f7IeLvPx1sA37mLvPUIzTeQRiclF7jt_LVI4T_1g%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2ea68917-cfbf-4385-824d-28009b967746&KRTB&22918-2ea68917-cfbf-4385-824d-28009b967746&KRTB&22926-2ea68917-cfbf-4385-824d-28009b967746&KRTB&23031-2ea68917-cfbf-4385-824d-28009b967746
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7338-2!7338
.pippio.com/ Name: did
Value: KVntQkVRcqx_lXJL
.pippio.com/ Name: didts
Value: 1698863810
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMK1iqoGEgYIgr0rEAA=
sic.33across.com/ Name: JSESSIONID
Value: dsic-007-chi~7n4ekoy4-abh7ezt8-9hxddesv-eq42g6wk
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1MzcwMjU1NjY2MRXiM9TNCsyLCPBN8y1JCS8BAL-QILolAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1MzcwMjU1NjY2MRXiM9TNCsyLCPBN8y1JCS8BAL-QILolAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAwDsA_rhLNdcBO2oRwZhMmRvs2CqDZioBAH7Fg3FVWY3Sf54rnoyvRIYufMgn4XJS56OQAAAA
.mfadsrvr.com/ Name: tuuid
Value: 228b581f-144d-494c-bdd8-71fc6775964c
.mfadsrvr.com/ Name: c
Value: 1698863810
.mfadsrvr.com/ Name: tuuid_lu
Value: 1698863810
.bidr.io/ Name: bito
Value: AAAPVk7KhTYAABiwBT8Rtw
.bidr.io/ Name: bitoIsSecure
Value: ok
live.rezync.com/ Name: sd-session-id
Value: .eJwVzMsKgzAQQNF_mbUp8zCTx8-ItRMIrbYY3VT899rlhcM9YPjYOo-LLRvkbd2tg-lVr2qQD2j1O9sTMnAkFFKvAdl7Eek9nB00a62-l6E-_gaZuCg6wYSuR1V3H4ldShhK8USGUyZNMapcuxuFmJDh_AFYdCRe.ZUKawg.gH3sQwHUs640LQhw5yN_QGnnpDg
.liadm.com/ Name: lidid
Value: 2c9fb33e-7648-466a-9d56-007ab3acbeaa
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-dber7fbk5VUDGAjAjfq4uHNknqKDnb0R_qdOKQ&KRTB&23144-uid:k-dber7fbk5VUDGAjAjfq4uHNknqKDnb0R_qdOKQ&KRTB&23286-uid:k-dber7fbk5VUDGAjAjfq4uHNknqKDnb0R_qdOKQ&KRTB&23287-uid:k-dber7fbk5VUDGAjAjfq4uHNknqKDnb0R_qdOKQ
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPRzNOQjBBLUUtMlJTWiIsImV4cGlyZXMiOiIyMDI0LTAxLTMwVDE4OjM2OjUwWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTAxVDE4OjM2OjUwWiJ9
.omnitagjs.com/ Name: ayl_visitor
Value: ebda3410ab47bb7aa10684a744c8db33
.connatix.com/ Name: cnx_userId
Value: 9702e16eb2834407a818d7fd5edc6cd7
.taboola.com/ Name: t_gid
Value: df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
.taboola.com/ Name: t_pt_gid
Value: df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
.teads.tv/ Name: tt_viewer
Value: e146a886-4ee9-4c80-9ec4-9cefae0f4e92
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: f1c96fc8-8a2c-47cd-8884-77804d4828cc
.prebid.a-mo.net/ Name: sd_amuid2
Value: f1c96fc8-8a2c-47cd-8884-77804d4828cc
.mediawallahscript.com/ Name: mCookie
Value: 9f551020-78e5-11ee-9114-754cbae26fc0
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.360yield.com/ Name: tuuid
Value: 39f11fe7-3d53-4d60-835e-2393b3e2f84f
.360yield.com/ Name: tuuid_lu
Value: 1698863811
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: uUW991mSxZDlwY/b
.360yield.com/ Name: um
Value: !38,-1GljxpcyR9FwD9KVfTbT14c-NNqs1f4DLOggnNjGSxKSspz3M0df.qOpCls6e1wLLj.WXFO,1706639811
.360yield.com/ Name: umeh
Value: !38,0,1761071811,-1
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%229f5d7490-78e5-11ee-b513-c534e6f854b3%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%229f5d7490-78e5-11ee-b513-c534e6f854b3%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%229f5d7490-78e5-11ee-b513-c534e6f854b3%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%229f5d7490-78e5-11ee-b513-c534e6f854b3%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-3_l-nvbk5VUDGAjAjfq4uHNknqJYTjcDH1Z6tw%22%2C%22version%22%3A%22criteo%22%7D
.bing.com/ Name: MUID
Value: 3B6469F24235629312537A4E43BF63B2
.c.bing.com/ Name: MR
Value: 0
.postrelease.com/ Name: visitor
Value: 712cfd98-39ef-4789-b31a-b0af55c01ded
.postrelease.com/ Name: status
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M4.gF7/.XF']wIg2Hc#LLLxH!A#FA(<h!zS[j?WZ61sK*UyH^([n8t+EdZyr`6.)TzdUwqNa+$A9U5ZWk!XXF6sI+A#aL>G^*%t%(2K:$doY0'[wui2v.rqKDRng#'U[zC+.*R1#Sdx/y27[%noJ$/?(ww
.hb.yahoo.net/ Name: visitor-id
Value: 3418654116634475000V10
.hb.yahoo.net/ Name: data-crt
Value: k-m1kZmvbk5VUDGAjAjfq4uHNknqJKSnyEj4zodw~~63
.demdex.net/ Name: demdex
Value: 50190440857771225260660732180152169268
.ads.stickyadstv.com/ Name: UID
Value: 75527e5ee3c4a273825829902549ed
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-ERcFovbk5VUDGAjAjfq4uHNknqKKzR0GixHrvw
.socdm.com/ Name: SOC
Value: ZUKaw8Co8YsAAKnTFt0AAAAA
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_11_2023
Value: %7B%227bYSR%22%3A1%7D
.dpm.demdex.net/ Name: dpm
Value: 50190440857771225260660732180152169268
.rqtrk.eu/ Name: browser_id
Value: 1:0d49804e-88e1-491f-aa46-15c8b602106a
.agkn.com/ Name: ab
Value: 0001%3AKlF4j0nXwi0I7R6BW4FZQP%2FsYAnouFwz
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8vF3N%2FZzMnDUddU1CgqOUqoFAEg4Bgk%3D
finans.mynet.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Ddf3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
.pubmatic.com/ Name: SPugT
Value: 1698863810
.mynet.com/ Name: _sharedid
Value: 8ac557b9-77a8-435c-ac48-14410fdfbe33
finans.mynet.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%222ea68917-cfbf-4385-824d-28009b967746%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-01T18%3A36%3A52%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2810316567025533345
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23334-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23417-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23426-CoW8UMfBUSNUXv9jpxnClmAJ-Sg
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7081728085481991200&KRTB&23339-7081728085481991200
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7&KRTB&19420-1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7&KRTB&22979-1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7&KRTB&23403-1gD-vdlUqb3NBfy91VfntoJU_7zNVqy5hAzEW9E7
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553&KRTB&23418-cbc6e0a3-a728-4ec9-9f57-09df9bcd75d1-65429ac1-5553
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-ec13e11d-fd99-437c-bc7d-26cefe5834b6&KRTB&23011-ec13e11d-fd99-437c-bc7d-26cefe5834b6&KRTB&23355-ec13e11d-fd99-437c-bc7d-26cefe5834b6
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3122232386686183181&KRTB&23150-3122232386686183181&KRTB&23527-3122232386686183181
.ads.pubmatic.com/ Name: KCCH
Value: YES
.acuityplatform.com/ Name: auid
Value: 847523361694
ads.playground.xyz/ Name: connect.sid
Value: s%3AiD5V0oSjJyVd-Q_9dWPUkxMp09f5naU0.UqoinFXZ0J5LrnYPPmDjkvqZ9boPXBkmE4OVe0tN1r4
.deepintent.com/ Name: CDIUSER
Value: di_66bb61ecc3374ad5a3b55
.ctnsnet.com/ Name: cid_4047a0aabedc4dec9c19db2c02812f44
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1699833600%3A257%7C1698883200%3A255_248%7C1700006400%3A261_201_263_258_256_262_260_259%7C1699401600%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1700006400%3A8_233_166_176_214_3_13_264_249_71_54_56_234_48_250_21_196_99_165_5_22_243_81_220_178_46_55_204_240_104_231_238_96%7C1703980800%3A69%7C1699401600%3A38_15_223_2%7C1699660800%3A63%7C1701388800%3A224%7C1700092800%3A35
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-847523361694&KRTB&23428-847523361694
.adgrx.com/ Name: ADGRX_UID
Value: a0dd2d92-78e5-11ee-bebf-6e5179533f8c
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACpBt41ob6NANkkI0pAAAAAAA&KRTB&22713-AAACpBt41ob6NANkkI0pAAAAAAA&KRTB&22715-AAACpBt41ob6NANkkI0pAAAAAAA&KRTB&23519-AAACpBt41ob6NANkkI0pAAAAAAA
.adform.net/ Name: C
Value: 1
.kargo.com/ Name: ktcid
Value: b12f9cc3-05e8-0184-5d73-baefaa938722
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_af8c400b-fefb-4c38-96ff-536516d87cfc
.bfmio.com/ Name: __187_cid
Value: D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF
.bfmio.com/ Name: __io_cid
Value: 31ecb70d7651f765085643e0c95cc50c92b4f28d
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10B7A5111_6C454A54&KRTB&23092-R33645_10B7A5111_6C454A54
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: wfivefivec
Value: 114uNdiQ1QYg5f5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-08570027-32eb-4c40-9d76-c1e5924bc40c&KRTB&23340-08570027-32eb-4c40-9d76-c1e5924bc40c&KRTB&23498-08570027-32eb-4c40-9d76-c1e5924bc40c
.thrtle.com/ Name: mc
Value: eyJpZCI6Ijk0ZThhMWZhLTFlNWQtNGE1Zi1hNGZjLTRhMGMyZTBiMDc3MSIsImwiOjE2OTg4NjM4MTM3NDYsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-a0dd2d92-78e5-11ee-bebf-6e5179533f8c&KRTB&23275-a0dd2d92-78e5-11ee-bebf-6e5179533f8c
.adform.net/ Name: uid
Value: 4978319480049069945
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2f563103-0c1f-4c62-9f7b-4f469acb0125
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:JRGHLFp1m5yWjqBkUI_1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: ecf47b36-2b89-4d28-a88d-42b023cb1e01
beacon.lynx.cognitivlabs.com/ Name: ss
Value: tQmg6FAAnEQ8wbeSL0cW5bxGkUcNyC2ZGg0X06cnP41Hkg2wMJjngEHWh3LyTMVmzfvM96ELiB9Xfv%2Fk09Xtjg%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:114uNdiQ1QYg5f5&KRTB&23421-uid:114uNdiQ1QYg5f5
.contextweb.com/ Name: V
Value: l6C5vXmxhja9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 11ba407e64670727
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7521502131361552728P
.owneriq.net/ Name: pmc
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: e1dcad8b-24d6-461c-9cea-4e885948e0f2
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4978319480049069945&KRTB&23263-4978319480049069945&KRTB&23481-4978319480049069945
.adx.opera.com/ Name: UID
Value: OPU9638ec07599c4b9ba58ae1d251bf0cb1
.richaudience.com/ Name: cmpsync
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU9638ec07599c4b9ba58ae1d251bf0cb1&KRTB&23485-OPU9638ec07599c4b9ba58ae1d251bf0cb1&KRTB&23524-OPU9638ec07599c4b9ba58ae1d251bf0cb1
.adsby.bidtheatre.com/ Name: __kuid
Value: 74559447-8dd9-43d7-a2be-9d320f1b460e.468077813
.onetag-sys.com/ Name: OTP
Value: mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005%22%7D
.technoratimedia.com/ Name: tads_uidp_73
Value: AAAPVk7KhTYAABiwBT8Rtw
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005&KRTB&17107-RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005
.richaudience.com/ Name: avcid-sov-uid
Value: HlbcdBZHBgn1_7qYR6GvAvRY
.richaudience.com/ Name: avcid-ttd-uid
Value: 2ea68917-cfbf-4385-824d-28009b967746
.smilewanted.com/ Name: sw_user_params_infos
Value: wSuXl7bsfm3mlV0xXbRIHyhPfYP37Eikhq9ky45TGu8Y%2FXeGLonSIRXzYbjxvCUfCZg9D3Pse6lUGUF4db%2B0eL5cezxkc5CmsQ9jihFposcQ7EeLC34BI5TaEneicpxZTYNq%2BS4nbp%2BD%2F9RkTw3ZiQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAPVk7KhTYAABiwBT8Rtw
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nr1|7dN.0.AAAPVk7KhTYAABiwBT8Rtw|89W.0.1
.mfadsrvr.com/ Name: ssh
Value: !taboola,1698863814!bidswitch,1698863810
.rlcdn.com/ Name: rlas3
Value: K/TO1Y1xt3wv06QtogolPS8DXjGEwGjOZCFjtkoWvC4=
.postrelease.com/ Name: ver
Value: 1
.c.appier.net/ Name: _auid
Value: n2jWs8pcBwmBUG8sxppCZQ
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%23PMUID^0^0
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.mookie1.com/ Name: id
Value: 10594718132030713746
.mookie1.com/ Name: mdata
Value: 1|10594718132030713746|1698863814230
.mookie1.com/ Name: ov
Value: f71518324f798f7694e47d11d60b68bb
.pro-market.net/ Name: anProfile
Value: "-13ggdu5ue9mgz+1+4=8z+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000201040000000000000005+s0=(8g)+s2=(s3gjpi)+vm=23-df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043"
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-n2jWs8pcBwmBUG8sxppCZQ
.pubmatic.com/ Name: PugT
Value: 1698835336
.richaudience.com/ Name: avcid-smw-uid
Value: f9794e9a6bdc7990d9f6696e54e51d6d
.intentiq.com/ Name: intentIQ
Value: bKSiOMSxN7
.intentiq.com/ Name: IQver
Value: 1.9
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13MIQ6AMAxG4ZBgUTtHyd9261puA4QdCIlEIjkhDhLkJ967u4Et3E2dtUCu_nNWyJ5MICzNQIoAZZjRMrNQBGprhXnDOr0RRq4ekCN9I2Tk8-cHpTjaAHkAAAA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231101%22%2C%22143%22%3A%2220231101%22%7D
.richaudience.com/ Name: avcid-ont-uid
Value: mN64vkZnhx9PPWwiT5zF0o-acV_MZQpa9ve1D7INmYU
.advertising.com/ Name: A3
Value: d=AQABBMaaQmUCEIdxU-Qspzg6uKdcmyhIqOoFEgEBAQHsQ2VMZdw10iMA_eMAAA&S=AQAAAvRwXG7iVqSSz-VKi7bQoJs
.mathtag.com/ Name: uuid
Value: fbb86542-9ac6-4700-bd4b-aaa10c0881a4
.analytics.yahoo.com/ Name: IDSYNC
Value: "19di~2et6:190u~2et6:18za~2et6:18z8~2et6:18zh~2et6:19e0~2et6:19cx~2et6:194o~2et6:18vk~2et6"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e4c2eda9-3348-421f-a826-59e66031b2ba-005%22%2C%22nxtrdr%22%3Afalse%7D
.agkn.com/ Name: u
Value: C|0AAAAAAAALNVXRgAAAAAA
.ml314.com/ Name: pi
Value: 3639635123206357020
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSmDr2HtTO9bfyhnD6zc_yuUDBUZzgzQWHSPpIjRLhMZ0E_PnrIpQIqQJXsrMC4Q2
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1698863814408
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMT0czTkIwQS1FLTJSU1oiLCJleHBpcmVzIjoiMjAyMy0xMS0xNVQxODozNjo1NC40NDE4NTEyNTdaIn19fQ==
.hb.yahoo.net/ Name: data-mag
Value: LOG3NB0A-E-2RSZ~~63
.rlcdn.com/ Name: pxrc
Value: CMK1iqoGEgUI6AcQABIFCOhHEAASBQjbThAEEgYIuuoBEAQSBgi46wEQAxIGCJC8KxAE
.primis.tech/ Name: csuuid
Value: 65429ac670bee
.onaudience.com/ Name: cookie
Value: 7df1cd738d59e136
.onaudience.com/ Name: done_redirects236
Value: 1
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.adscale.de/ Name: uu
Value: b48ad48155ff48ec824435cf1d526db7
.connexity.net/ Name: COu
Value: e85a321beaa6cbd5-076b2d2df26c25eb-2054ff70a9232f3d
.in.treasuredata.com/ Name: _td_global
Value: 3fe25dc5-a3c5-4564-a9be-3106464a2108
.creativecdn.com/ Name: u
Value: DfQmfKyCUNjIWZLNKMvn
.creativecdn.com/ Name: ts
Value: 1698863814
.storygize.net/ Name: U
Value: 41b9da7c-6f7c-491a-8a2c-7dae5fa8dd5c
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdU52UXd5IzEwMjUzXzAmVHVOdlF1ag
.intentiq.com/ Name: IQPData
Value: 1611266341#1698863814543#0#1698863814404
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: OTRkY2Y0ZGM3MjBhYzQy
.adscale.de/ Name: cct
Value: 1698863814576
.id5-sync.com/ Name: id5
Value: a6446f4d-a0b6-77d6-a373-b2ceb03f7ae1#1698863814453#2
.id5-sync.com/ Name: 3pi
Value: 464#1698863814577#-1170588497#df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043
.adgrx.com/ Name: ADGRX_CM_RUBICON_BRIDGED
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODg2MzgxMzUyNSwiMTUiOjE2OTg4NjM4MTQ2MjIsIjM5IjoxNjk4ODYzODA5NjIxLCIxNyI6MTY5ODg2MzgwOTg2NywiNyI6MTY5ODg2MzgwOTYyMX0
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRWMFSR+AmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVjBUkfgI90aGlyZFBhcnR5VXNlcklkIfuAMvpCxEMlAUVjBUk/mkQlAUVjBUk/mkUh+/uGdmVyc2lvbsL7
.quantserve.com/ Name: d
Value: EOoBDgGpKvijDCA
.smartadserver.com/ Name: csync
Value: 79:k-d1o-n_bk5VUDGAjAjfq4uHNknqLu6vAYONJkFA|104:LOG3NB0A-E-2RSZ|127:AAAPVk7KhTYAABiwBT8Rtw
.blismedia.com/ Name: b
Value: 65429AC6FAB77C8B8B651166BLIS
.tribalfusion.com/ Name: ANON_ID
Value: aonvnuq0I1f9yNy6PkmFmv2OZbKJpbuQckRZaoeNuZaALoDraRQ3mYFnN37BhRAYvO37gyQ3ZaJjy3XpblX7sZboNEZblygTTd1ZdVqNPGULgLumH8k
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi8keW08cStPBAFEhsKDHNoYXJldGhyb3VnaBILCKi0x7XxxK08EAUSFgoHcnViaWNvbhILCN6jsLjxxK08EAUYASABKAIyCwj2_LiMiMWtPBAFOAFaBmV5ZW90YWAC
.dotomi.com/ Name: DotomiTest
Value: 243494afab8b06a9
.mxptint.net/ Name: mxpim
Value: R33645_10B7A5111_6C454A54.1.000000000000000065429AC5000000000000000000000000000000000000000000000000000000000000000065429AC6
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxJLIZRjht9J5VYvo2XO8wv+z0QnGM0pmGTFztEKb3wgAOwe4C1UTYTVNaJctE4uo3byjo1kl9/rI2jYHTlS9mMvPLbBnrgxuhkniRJAchBCsLwbHaqKaKSd6OMgEKSl3aPh+QU5Xr4wCg==

8 Console Messages

Source Level URL
Text
network error URL: https://bidder.criteo.com/csm/events
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning URL: https://bid.underdog.media/udm-r3_v2.22.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://bid.underdog.media/udm-r3_v2.22.3.js(Line 10)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20D244D6B6-CFAB-4A90-A5E5-EB69082D2DDF&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://finans.mynet.com/&pixelId=58809
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&gdpr=$0&gdpr_consent=$
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=c667b84df7e5cb4904c3c034b42c60028d8c214ad5037ecc3b30a0c2a52ab182&gdpr=$0&gdpr_consent=$
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ups.analytics.yahoo.com/ups/55973/sync?uid=df3f4256-198b-4ac3-85b7-d339cf90e2a6-tuctc3c2043&_origin=1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.tribalfusion.com
a182e1571565df2e864b54f20fb12bb5.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
adl.mynetreklam.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
ads.yieldmo.com
adx2.adform.net
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apv-launcher.minute.ly
apv-static.tldw.me
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
bs.yandex.ru
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
capi.connatix.com
cat.va.us.criteo.com
cdn-ima.33across.com
cdn-sic.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.mookie1.com
cdn.taboola.com
cdn.tynt.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cm-x.mgid.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
core.iprom.net
counter.snackly.co
counter.tldw.me
crb.kargo.com
creativecdn.com
criteo-sync.teads.tv
cs.admanmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csm.us.criteo.net
csync.loopme.me
csync.smilewanted.com
d.agkn.com
de.tynt.com
dis.criteo.com
dp1.33across.com
dpm.demdex.net
dsp.adfarm1.adition.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.mediavine.com
f322c9895ceccb557e4a529738670432.safeframe.googlesyndication.com
fastlane.rubiconproject.com
feed.pghub.io
fei.pro-market.net
finans.mynet.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gethit.mynet.com
gixel.gnetwork.me
gocm.c.appier.net
google-bidout-d.openx.net
gum.criteo.com
hb.adpone.com
hb.yahoo.net
hbopenbid.pubmatic.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
img7.mynet.com
img7.mynet.com.tr
imgrosetta.mynet.com.tr
imprchmp.taboola.com
in.treasuredata.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
lexicon.33across.com
live.primis.tech
live.rezync.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
match.taboola.com
matching.truffle.bid
ml314.com
mug.criteo.com
mwzeom.zeotap.com
mynet.rtb.pixad.com.tr
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pandg.tapad.com
partner.mediawallahscript.com
pghub.io
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid-s2s.media.net
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.connexity.net
r.casalemedia.com
rbp.mxptint.net
rcp.c.appier.net
redcarpat.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rubicon-match.dotomi.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.mynet.com.tr
s.richaudience.com
s.seedtag.com
s.tribalfusion.com
s2s.t13.io
sc.tynt.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.insurads.com
shb.richaudience.com
sic.33across.com
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
snippet.minute.ly
snippet.tldw.me
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stx-match.dotomi.com
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.bfmio.com
sync.crwdcntrl.net
sync.ex.co
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr-gmtdmp.mookie1.com
tr.blismedia.com
trace.mediago.io
trc.taboola.com
trends.revcontent.com
u.openx.net
udmserve.net
um.simpli.fi
ums.acuityplatform.com
underdogmedia-d.openx.net
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
usr.undertone.com
ut.pubmatic.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widget.va.us.criteo.com
windsplay.com
ws.rqtrk.eu
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
ads.pubmatic.com
bs.yandex.ru
contextual.media.net
gixel.gnetwork.me
id5-sync.com
mynet.rtb.pixad.com.tr
sync.outbrain.com
tpc.googlesyndication.com
104.18.41.104
104.22.69.131
104.36.115.111
104.36.115.113
107.178.254.65
124.146.153.162
13.35.77.44
13.35.77.61
13.35.77.77
135.148.122.134
135.148.55.194
141.226.124.48
141.226.224.32
141.226.224.48
141.94.171.215
141.95.98.64
143.244.208.184
147.28.129.37
15.235.42.104
151.101.129.108
151.101.129.44
151.101.194.49
151.101.65.44
159.89.246.130
162.248.18.32
162.248.18.37
162.55.120.196
168.119.146.39
172.104.70.67
172.105.220.23
172.217.13.162
172.64.151.101
172.64.152.89
172.64.153.173
173.231.184.20
18.161.31.77
18.161.34.107
18.161.34.119
18.196.42.80
18.232.190.217
18.232.41.116
18.233.115.175
18.239.183.39
18.239.183.56
18.239.183.96
184.29.129.73
184.29.130.170
185.167.164.43
185.167.164.49
185.184.8.90
192.132.33.68
195.142.105.15
195.244.31.11
195.5.165.20
198.148.27.131
198.54.201.131
199.127.204.171
199.38.167.131
205.185.216.10
205.185.216.42
207.198.113.203
208.115.232.150
212.101.122.30
213.19.162.90
216.200.232.249
216.22.16.0
23.105.12.171
23.105.14.106
23.205.2.235
23.23.163.185
23.36.85.188
23.40.179.59
23.44.203.22
23.47.69.5
23.56.220.66
23.72.185.28
2600:1901:0:8344::
2600:1901:0:8eee::
2600:1f18:4e9:5a01:644d:6614:5b6b:ed06
2600:1f18:ed:550a:20d6:29ab:74:798c
2600:9000:20ea:2c00:6:44e3:f8c0:93a1
2600:9000:20ea:4400:1a:5235:f980:93a1
2600:9000:24eb:a800:19:fc2c:a140:93a1
2600:9000:24ef:7600:1b:5138:8a40:93a1
2600:9000:24ef:b600:5:c4ab:c3c0:93a1
2600:9000:26dc:6a00:1b:6b7d:2300:93a1
2602:803:c002:300::98
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:1957
2606:4700:10::ac43:1b1a
2606:4700:10::ac43:266a
2606:4700:10::ac43:b0e
2606:4700:20::681a:658
2606:4700:20::681a:ada
2606:4700:20::681a:b19
2606:4700::6812:19ad
2606:ae80:1471:1b::1780
2606:ae80:1471:1c::2010
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:824::2002
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
2607:f8b0:4020:806::200e
2607:f8b0:4020:807::200a
2620:100:a001::16
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::24
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::11
2a02:6ea0:c454::1
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::485
3.212.136.27
3.212.185.188
3.220.156.61
3.225.78.235
3.229.12.239
3.33.220.150
34.102.146.192
34.102.243.38
34.102.253.54
34.107.140.113
34.107.148.139
34.111.113.62
34.117.239.71
34.117.77.79
34.120.135.53
34.120.63.153
34.149.20.76
34.149.50.64
34.160.111.29
34.197.235.211
34.200.174.91
34.200.65.202
34.206.214.59
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.194.66.159
35.207.24.140
35.208.249.213
35.211.178.172
35.214.168.108
35.241.45.217
35.71.139.29
38.98.69.175
40.76.134.238
44.193.54.186
5.161.92.137
50.16.174.192
50.16.193.198
51.222.39.186
51.81.107.96
52.0.156.250
52.215.237.180
52.22.134.111
52.3.45.131
52.4.102.254
52.44.0.179
52.46.155.104
52.5.96.97
52.71.10.237
52.71.55.107
52.95.125.22
54.147.68.48
54.157.9.133
54.165.64.233
54.208.192.0
54.209.96.121
54.235.112.177
54.235.123.154
54.243.79.242
54.85.98.164
63.251.114.136
63.251.28.233
63.251.86.49
64.19.224.208
64.227.64.62
64.31.24.174
65.8.197.6
67.202.105.24
67.202.105.31
67.202.105.34
68.67.160.184
68.71.249.118
69.166.1.66
69.173.151.100
69.90.254.78
70.42.32.31
74.119.119.139
74.119.119.147
74.119.119.150
8.18.47.7
8.2.110.161
8.28.7.83
8.28.7.84
8.28.7.92
8.39.36.141
8.43.72.98
80.77.87.161
82.145.213.8
85.114.159.93
96.46.186.182
014fa470d8576c402af064029e005b19ffb4ed610bb281d7b52857d07bafb6c1
0164ce509803fc6210f597581b66a4734c39bdf4f4cde617282acf437752551c
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6
02fe38dc12a15a597549c84ccf37b58521dfc42c143ce82d0a6685a5f53bdc5b
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04dee8bba8c694a04a22bc62e5ba2f3f7e08a5f210b72f09d46899ac8fa7c252
055adb96d55aea49081034ebc4d4a22951bce0292fe23c22fa8d226a7f2a4f8a
065798c3743052bb3a8dafa210a39b6faa6292906c17c3b187f58726e97b8cd3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07080db4a60b13090f06061aa2383d4aa43bd283c3c113e557a0454fa2e2edc6
075c19e8bfd08072fcfe14dddd4fde1d69737880192e0ef05ab111105c72c9aa
0804922375443bb3c6e692891b49bd60d3a010eb710719a29070f9eed4ca4f37
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0830551f112e9417755513fac6e1f146eba9dfa7e55f895927cc4daea8ad126d
08fb945ecff3080d5c4b244ba0b1d40287098115d9ab3e76d00365a6ca2dca6c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09786c41a3905cd2436a020cad81c09334bb3f2012b4da70012edc55f427592a
0a4af8b7388358aaa76733bebe79d2d7d84792b9488a54431f0d75217c2123ce
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd543e7dbeb25e340c1acc4648c7b82d5301765f110cd34b15475c049d8eb4f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c952f5b29b19b2413156632302a2fb8a637f162c0d617e115726faac49b2829
0d40fab9a6c3b8defb700d3e7f3453127f9fdd7ac9ef13b7bab1f253b5ba42fd
0d613ba0e478b9a0db3481d87caff8cb0bd479ab81cb6e8e3283905ce639a924
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf
0dcfa455e01770d3e10fc8c77d2a191c7b9ad950f7ef4a021bfb807cd75d86bf
0e877df4e9e2832216107c0deba5ba6cd03b4df7e5e3c2a789aa62cb6439db49
0f6de6cbf854fc545bbbbc22a610e4f4fb706ab87641a5202af212d083ede94d
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
0fbed36f1d5bbc3152724c9164f2083415b4b55e27162fdd9918b4b6addef0d9
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
11b76b0a3deef2926813d8398baf2c1c525e5b77a294331dde62aa3a73191ecf
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1310f5f105b6352a91149fe2a292368568fa3bf851007d96b4a7cfda2de06e49
14e380b29683177b367a8ef4356b17111b367c5396d0e5077730d0c2f79e0df9
161d1a13deadbef3346b3a0a22dab97771fadb50fd158f5937c489f5084b1881
16519f02cd04c7d61dd738385238629dd5d90a7137468c88bfd31c4ea8c77fb9
171e1152112aa644b26e522490fac6d7af8fbfe84026f57e84643a0a9f89597f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e403b4ef714f789598459b3586725a50a2309c7029719ffa6312ed8d2ffcc6
1aa99e3703ee6004253234af79780b3a442c9f8d815db8af63339a7e087371aa
1b04761b52e03384f43756054b6373f9be5d3d4259eac47a740a105ae6ae6b2b
1d5b740164d6e20111054cdbca1e9f71aad0b6b2f3d8bc9f880d1e38446e240d
1e3f0443a552ec84edd37eeadfd51b05ccffbfb6432f4ecde68efade307e4219
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
1f4fd9ad329677ab75a20d16e52912e93faec9b6ef732e8a1fcfd4cca8bd6085
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2
22745a3da167318432390f344e359c5b1086c2215ea1b098fcb23ac669b0b20b
227583e6c4104eed39454068496455b1f28c7dae55c5970e8d92b75d4503bc10
2376b3c5ed9934fd8f2bd7a3700d3c2acfc9c7e6c56ef138763cd14c0af7f8f5
2398b00159eecff8a7b2511bbd897599167b3b2003e50ce508179d9083958ae4
239c0404f41b8ecfabfc27e304f56c551de955bb3444aae3059f197326f36eaa
2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219
2665b1f56bade8919ab8e7b65767a5a6019890ca0d9eb2283346f81668053fcc
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27e6044195f80348486dfa4eaddfa2d36e35251885fb3796f442b3227377cb3d
28bae386c7312f92e3acce044e2a365106c821fe057069e65de0c33dca5986a2
28f32200af57a2f04c5a9b93153c9ee375f443c581a042cb792ba49c6063afe1
297ac77938b640e31d7608ed1f0472d14fc676789ca12488d4554113b53aeebc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7605d328b531f7ee2dc726223d575281c1637673bba309919cbd874db7d7cd
2c31e0440721be289db43c010e82e597edefd55990c3ee3b064fa839ab1ca7bc
2d2a5e993bd96fa97e0be46776dd666f8b95f6efff965d5d9c2c5fd01faade2b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7ed4e77c9ae0c81247f1868ff69ab63d0e7c9ada05cc79356d8f671cba3a0d
2f80bcf5a307825304d2fbc1503764f916ceddbeb7b29cd34a0ad16a930a90c3
30e6acbc0b4e4df291f8288427a382443c33df34af7ddf6cb74ac23052de7e35
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34e4bba78ee42b77965d69cdde3121823f045356aa2038fa3618b4808352991e
363ee3fc6abdd6bc3589155f6e465aa3432f10715859611979bbba8c844cea2e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39def6e32642775fae66a946b5ffad5534d61f1bd605e035638aed11750981a2
3a6a65bc8c09f50c2f9ae470fa60c49e6e1efa7e04466d5a1044f5f917a360ad
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9
3acc4b97d2bf93f371f191dc5fa85a1da8259718ff09cb8f5bb06b479c4b19f7
3c8a5ccf28d1a56b704a5a22f9ec235a4443affa442b9e5cb818b2c1dfb0e276
3d0660498ab0d1bd836663fdd30c5d4fe210309f729de28b27d57aafa2fb56de
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e418e2ce87928e65184bcf57615049c15660e06d71f0ca13d4d6e7049d2aa42
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e5ada833754d06997e1b2b7797bc7901c972b8831de0e61705c1cb5b835e45
43260b3e830dc7e16eaf0554d00f15020357d9c13e553978034d878850cb763e
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48
45336f6501dea8588209c08e7b1361357e55806390b64f9e0c6180924fab3591
467f375a3dac802234e287ff0b70b3b409f0bf10807843847c962f04735273cb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
474b07dd5c2ac6e79a970223fb68ea782ee1e8397322fb9e29438203d089e564
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a409238c055b436448c79dc6ec414dc972dd71210132594b7db90bce2f34da7
4b13b8918cbdfebdbc7727fdb82a83fdd77465b002501f6d718ee871b16fe9c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b878826767db4ddd4320d17440d1209000c5de9617beb8af048ee96f4dd6aa3
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c6cfc5416af0b5713e19d15318350026765867eed1af21a3bf9a05513bd725e
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e712aa485451a3407001e95d95162361525022095acd9ee56ed0e22a77ddde7
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4
4eb0a75635fde13446abcbb921760e865a3d250f1f4c9475ec80980c39c7f80e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
51fd992d66e77bd01447c0bb371081aeb2083ae55016d99f5a22b62659e4fe2a
523751279f0abbd232b21c3bbe8b53d1632a8536814498d39a8c674d2cca597a
5289c6bdfecd2abcaceff21310ea74a1b07d4607108642f46a35d73e02dc3dd9
52d3aa3b6beb711662fa7a9ef0cd1bb8a1a97078d99d6eedcdddc41235bc4646
5352598de66410b75bcd02c874b7c4a6e3ce6fc31dcfa9def8be08700d615c9d
53704555f50cadee7ae092729ee953f3f72a39d30777924e3aeb70bf48a19dac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
544a87dee6707e4eb9ad9c2368e6ed392949a8e2a6edb0a51a602fb97c38c7f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553e3a8daacfc030b0a81a0a5b45c7c37caa74d1f4756998f6664900ea3e10c4
559d912b382911480e0c82b0e384e099d5a8511505ba5b657d7fd5504cf7408b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562b0f723956e54741572d4c30312c7d950e898ac951870c238f781f32cbc229
56367325de85b2e06b638bc4da34d5f7a0d481e6884c99e04e6453cf51b6c2fb
56fdab0a58f4183fc31dd6e88a826e3dd8d8119d1a3354177fe30a8f0e333538
575127dcfe80f5b40ee6a0eb6a76de5d8af1f6f6a603257faf52c1430dba9b86
5863317c541754164f1868df84a9f3e353bb7ca7629537d38844766f24b23547
59bf69bcb73a067dc5a15f87f4d1236bf10b7eb558ab5697286d3f4419b604fc
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920
5abfd8ab46a4e86711cb174b6d104b0ff139b26d11602ac3176fa82372cbc06c
5d49eb01ca02540e170d720e1b0597b53badbb891ceacf6fb6f86e942c480653
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
5e42c2be34effffcf1c1e633b88e56641256dec07d2399ebe499382943aaf144
5fd3fe93b9ced3ac801fbb50bcd18767bafa3614d750b84ffbe4b9cf68442f5c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61157c7be31c8bc5b8b78f1edd9c3e94e00814731572ad7fa8a26adc2e9f7db1
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640ba2c4b6a52fb19d78486d2c38a0dc7a0b6cd7eba077c41989b7b4bcd7b8c0
652d31e3d9805217655dfc98acedfea563bdb655fb88a7a436b081ee94142370
65751200ea89a1e5d6d8db461a2280ef7bfc56087d2e475b4f428037b3d7d6f3
66fa09e22e15b02f114989c7ce2fa03d3eb50c9275c4a80f2fe6080c95eb4e50
69ce48c80f3a45a94099cc794cbf2f58877b46b0fb1b2ef71726c5f898acaea1
69fa366843542c917a02764a2b4e3f67a4c004c73e5e31e5674a8fc3264dd417
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9ec0366f8c6525f0227429debe2fc6de836c8b50d1ab8d1fa72238cddc353d
6cedbc291aecab3a112ac4fa4ead7d930b6ec2ae5631c7d7ea12dd28f9f859e9
6d01485edc889f10ce5f17056301e09569f8e893bba2c306bde9f788119343cc
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd
6d649e51ff53a388135f4abc549dde7dc2ce7490f76132ebc37eddb329c45e4e
6e31acf63e434886817895a03fe632f38ace76c3cdc14d7e0111bc8b0f3a33ba
6e5aeadecb57dfeb8fa94fd8fb3b7feda13d73a4c0a7663ca1626cf7e879edd9
6ebd8786a26b2f08364398d3140eb89c4b03706c2f68b3f9b820b304c749b80e
6f088dddadb2202e19382dc052bdc61ceb5710257b48a48c055127e66ba553f6
6f390c4096369c05fa9818a81b248f5452fe0a7d1f9afa65bbd9ca73402710b5
6f7cf69e3239becc6e1d07a5794bad6cd73b3de3bc9eba298075e3bbec454de6
6ff2915e0b128eb70b843aa092a6d2b0701fd8c22a72d0fa5a0d984ccce0ae00
70cdbb7596918e8ffa7451f2e430370661fb617d2a2906623ac585f13ef199d6
71999c775efee0d90ecc5e5ce4830c9f1f025b6e380314e0d97276f56f146e9b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
77ac795bc58c914311cbbb9f505de139a0bca0e1a7ba8475a519edd27e5ac913
79f735dd561da3568a320dfa48b941156b06814e343942f55b2ef7e4a214d5e2
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7b1dd19a266505184096d44355e0b3e77198a752a48a26abeedc9c9a5e88c937
7b9c1d3bc699ae6b65dc768b566335008ec8bc61707a03b620b76c33836aca5d
7c0d9b475133f1eed1996d69fe390776e490045a8accbe491d2158372bfb15ae
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e25add94195047c4d04eb063f97e308db44b32093cc19010a71e3acb234e81c
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
81b70ed4020a9bedf1d0b24b7dce42a4c8946750e9d3df215c2a6e7dff75d50d
81b8017abe5da96be9135b4cfd6553bb4649aeb9ef4d2a9a4b99166819aa30d9
81d50b42dbcb38e18e0cc3384f8d06e8e58279ab956763619d629432c3a23a56
82d68919ac4dd04350f90d87e73b41f8322e2d41788399a09d39e3297eb6d795
832fc9a14d7dd966fa104e481f14ba219060d367e0b32b534d698bb79897cbcc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cb0e8355d2618914eda65af8c01f53b193104076a7dab600740eca88fd33f5
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
85ceeb932710968444775a17888188e82c20e7181e7f6a75504f9a7ac98ecfdc
85ed4284f4265536d1ee7cf85771a133ee662fa6d3b8654f72cae4ed7c3efd42
87301f139a48566970a0a3796f7d58f388a16b35485a324b9dc69c498893fc42
879b12ebd3812760d99e96559d4889748fd4b3a9626e724450514fcd5f3c8de3
880c0eabf03f4fec614a19bb0dcb8ea745b4c5afc974ecf1a100cf8f0cbdee0b
881384880bc84b6e2998e914732f05e8cecf82f877f1603ad12812b0132ea64e
886c9e9c1ce436b961a3b3faeb4b450f0e4b93d8f6e5486d4d89c10143dfb24b
899e983bd5904ba304f7a97a5f553e79089875640b3d9a6c59d7de4c3f61dde5
89ab9372b3ad228cd37cf0b4d1e57f5d80463a3ae3dcfb31531ff1474c69fc5e
89be99b9f1c2eaf66055e87d96e907811dd2df193fff43ea6ef39d7d52bd8a10
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a24a013d0d51ec949db155f205e63c2c27ffc44431173bf8efece138fe3eb0a
8a7948d5993a97547ff1e87dadc06eb1ef153c5670a9156f99665c238f82a4e2
8b8021127d464e3b21afcacb688d79b4ff96886e70c0ccb68d70943fdce862f6
8c004a719b3ab79e4d0a55e688ffbbcff101d18808aa93717181e9d9ebc58b33
8c2cd95f7b850bde6b7532f76511d16df664032e6fd424f3b918ecc3df4fe42d
8d59dde90e75aa683a3d3bcfbd2396c5bb9a4f66ec1047cd264ee73f2ccbe0aa
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5c4dd25ffd23e474d2c19e35830f0a9301487863571af94e72cf683df02294
90c6f0173af209a738ef4a31e1168a7ffdbb259928673dbe1beb88ee65e80407
918c55ecf036a1faf033a52b2b9c04981b8721bc0acd6f3cccc0c3984e2bb096
9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b
92da3562ef937a25a6361ca56785b824bbfaa63ea9c56a311223547dd1135bc0
93140e81df4e3ea409cb4d84b11b957249db859c5374141ccd188c7e40522ff2
934512b964268a68c63e71d100c5eedb8077939deaba6b317159e552f86f331d
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
942d15d7ae205103bb1167e7a474e351c4ba411c7bf222078e2a4fc63c0a2117
946734d47a8f34328d5b91ff5db2aeff627ac73062477305cc1bc090d46e4c6a
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
95acaa393a26bd1c5d32e38f928f4f5454e81901bcd52ad9d54076c8dd63b30d
964d7eead413c7ace594bbf3c3d36f2e8951fd2b398bd547324d2a0ca0901ba6
96ccc6e54a137dc65da3e6a1bb265fd289a0ad842988e25d4675e3a6a611a1b9
97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce
97ec8317eca94aee1e1b14950a33b74a6ea8ab93671d4192b0b29caa2a0caf85
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
998396080f582dc768d4f8e47661218902e43799f2253aa66d3cfe445bf06bc4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a821a00da9903f0b9cc63e7ca5c8509017b9807bf69d4d77f46b42571576cb1
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f06561abd3e08c6308ebb38f79c912c04a096b5e33205b3012726af83b80f91
9fb45290b41aff9fae64ec2283399b7bc55dabdf66428cfacc142354f7efa559
a0015fc7791128b4c046015c2f3946f64f7f7c534f456f0f300c7d48feb396b9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1a635df2e37f2e83ef80aab643358014182d71b79a676edbc0f8e8b9074033b
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a30fbdd4cbf2a6b5393fc1cb893505023d171f20d71347a7575890b1fec1c413
a38c824236b07f6db0bbd9932502de8c53dace44997f64c615b74136a68fa6b6
a41680bcdd579f2172bb0fdc6a88245a9b0e6330941d3544f5cf1975d1123bdd
a468ea1ed5ef12c1121e7349c9da833f2f83252c8e07135d12b04560e706317e
a47c713c21f44aa4d2c37d6e1e79b5a5c250c6446447773d8eb2b2e39efc6bf6
a504d9a540220578a7e4a58dbc120ca6372bf3743e0a530f8f1f1fbf8f1b8e73
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5440147c494bb87fa48e4591f10c8ab73e6bde14482823a8cc14f3743e88cba
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a721a8b2b5e9834c6fb1bff6153558a3aa182bf17d35dbcad400bd188ce5bec1
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
aa8a55ad091507039c0b325a8774cf3ec969feedc32f6fe3fe4325e7f65c5257
acb947e2eebaa33f79022a4f09c62a2aa2fe66d14bbe5b3e526496e79e2e7bc6
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf120af56f71041c6863003c7c380cfb1d24bafd0b519f21070cd842653a330
ad9abf9cf2714d085138fbe644afa591850c9465f093814529ea89b2b8993574
ade9b56bb11495aa59ce69c1ac3a4867c2314a0ae1c506041cc67f0c356f18d6
ae1c06e52b4d644ef0c94459ad52801198fcc8f6be120e731cfb3abbda776bb5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05bf1769da8596f575f074474fde72f795f02b7797d7ae0b58b939e1c216047
b081ec38d7c0ebdef59b1baf2e7193806196d1ffa51dad41474222000b81347e
b13588785ca151c7d5c44da515b61af335f758c9dbefcacc92503c692a94da69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2341b9f495b3a3d812ca1ec7568c120b71c593657ff8e97fd7f11ba8c17e372
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b4a4f15e0e3f11f5c6cc536d1310b8e388dc1c0ceb5f4a46707318c3457e44b9
b5e3738508aaf0c8fea2bd8b9ce4d1b0ae76dec5b43eb0f75d69f83f4d9e3b14
b652c7af4cda3d8395a637b1b9f615ef6ec3c6dea7c73cd70393ab5a054eb69b
b67b831d7c5ec56a828e6bd749b73f3c10b14851324a42d600021ffcda5149f2
b6e9c4e8e9aa03f6e5f73af96f923fa4dfcdc7a94f110df0f233248a1516846f
b7a4d576dd59da934fee65cb3c69ff0906f0f4d7ed5ea148d4e674166283dc40
b811bba243402dd0f4e387efc1134be758728283b481cce3deb139d868245010
b8a447e614c5314611fe4e600e1004207157281e92ff459bed054257b6e08491
b8b41c81ad84d05d870268e9ef73c1b560b9e6a2b24e5eb15dbabae5f51b7105
b921e908d6ce4ef392ea9dcccb81979ecabff1b270efc6cb64154154af56f3fc
ba21bb261e60524ae86d2ea83d49c88559f81df18b1a82542ac2e92be722961f
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
baaede8a1d4456d899e7790328a699c32ba2bdb41171ba06c60315a80a45efad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb55cc7dbdf5b209ce3feea51a79225d52a7299f1cf0e1c67840c0d6c3868899
bc11ef7a188e884688451232534f8a4f12e50517ce9fd36eface7fed07d95bdc
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd62fdb47c5864853af3824151c917e6bdab6a93a801df8fb717a02748886596
bde19f4a3fa16cd6de5aa9e7881ab84d9832ab6875b811f41969f51951abedcc
bfe27df2acb78baf3b832ac6308d3b9b6549785f422bb3b0c2af242e1d90bb7f
c2011cfd63bee587e8f983468db059a65a45a38ea47423b5032fdb899292feaf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c2e84edc4bd4173ae571a5b4892601788b0eb46a29aea64e6a2cc3efcc569ca2
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c35f7063ada521375d370bb614f556d48d09c69fb0d85f6d1dbc26d40a4327df
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e
c5d0a0f766a01e023e4a7d2fcbc881167bdd5dc6c964aecc648b51b5571f5165
c6a64a5398b9ba6931d60744d3191c11ff3a1815eea04f668a9ae91ccb4f5f38
c6bfac501387b5db779c443e722e2b0a8dc9476046807b0630eccdfbd2847896
c6c3e99115a5d17592224f646b18b5911bb7e8268873309da05ef3c914c63f4a
c782a1acc188b3a3e9d07fa5db393d7714461963d3b9ed50889ff1975786b3d2
c8442b533f77f2b1d8eb88bedc894de785d15eacd394aa4816b3fa02a96e9cca
c97a7c8ce188c7ba915e3cb8ac312493144ec9cae44adbb94559487fc1c878f3
c98ec68b1a4fd8761a572caac1ede85a1e85a6669cc95b103196991de366f8b2
c9dd5c7281651a302c06927e287e478446a89d66db9c8740eeb6209ba7818621
c9fed353fb11a71740b2ad0220054363461e6ba4d476eda33fe5765f69f3d847
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafade4a0038de9cf59d612ce86d71405c1db0ba1b9c6c6c625e921b12ea14a1
cbe1e40eb35845784dc7be57df5272ca34bd4f7d454aa15aa4a5b2a9206e9616
cca2431341601875c2bbd7a98bce59e4f2d76e56d3b27272626271a4a24b5062
cce705bad8159ee0388f7cb6870602d80e6f3c435beb75777d9b648457c53e8b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf95b7ae6f7e251fdc3b4169e7d2641dfcc9f40264432c4da036d131e12fd70
ce2263e7282dc2cebc6c9214fcf60d867ab9f2fe28e28c3cd87642ad768992ab
cf5a59a057964558cefa9f827a5efdc6dabc613bbca58a4631bd0ac906e16005
cfbbfce1447ab847b1d12d2383986fe7c72429b34cc517d47876f0df7393a91c
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1ae713ab73bd613d74ddb6785c710666b603bb9d7de5bd94148f36242516ee8
d27290658bb98c032f524c8275aadb26d405bb10388d41d0925b76e4539b94e5
d4ecb8443d5739ee4fa4db07695d7dcef10dae73c1d391c0b15b395482fc9933
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d87b4b821657af7b82c1b628e6a434f3f5a7229deb0a53cb896ff97c1063faa7
d89e0a29a607fefda8fe7fbd42c1b3de6ff3615e1424b9bc86c5a3e28dda952c
d8a356ae7ad51af25f41e9529ed11b1da27f59c8de35ba04c7d66aa2146fbdfc
d9db0e7e8655f3d799fcf82e863cafff878d49a608a9a7c06b0950374255d53b
db77af48c35c69acd0af71b8a80ea2093600963cee8aa585cca43170a462f2cc
dcb9f6b71dda409df416d6d3aef266dcbf05c3ce82acd9bcc764edce78c0ee7b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7287c9b0bc593bb61c5713d6a45d36567ea792a4633a37dd117084dd2e96b2
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e140552958d0836f76bcaef3a9a9707588d21cc8f990927cc90b037d460d93be
e2731ee1af7becf6f2d343204973fb247e3742924362e8d22cadc5bbdcd3d659
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e450109b1306817cb914db65e6781e931fa5f820efd06c14faaa37a77e53d4ba
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66b934045dda6260708dfa6bd7cedeb7defa5b52fbe23fede1b90c3dc1ed011
e734001f9b5dc5f853731ea8a8381412114a462fc3149bd17ff090613b4bbca1
e79ea1660891c1fa8fdfa06807f426ce708da4734ab373dbc83cc54bd88d7c46
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e911bc233973fac136f8ae6d13d39feb3fbf1d48832fc54c79bfd708ec59dfce
ea3950be34b39ce0ffc4e8101cfdffd6daa18dfea63afc464305805a52b67fd1
ea4ed6c5bda4e4ac7d92a03b740bd108f16967253f048f87ad7a7795f2d20c82
eac4e49a2344d78231c321ecd762f42ddc8065135b159d7a6ee833806980e46a
ed6a3e8ec3fac1b333cfcd2b27d1e8bc0cf2b6f3e12c47824dd53a373774db9d
ede5464d17d6a88a7718024b167033dab8c60ee61041b6857846ccab737fdcef
eed5901fd5955a29a7afdd078852c9819ee51c76dcd5450c67a39d7338859143
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1995da9d16faff6a71541b1aaccd06011d4329548544760e90a695e28b574ec
f1afb6f415fd545753fdb37277ae67733cd31f7ce1991b0c20f0df10278b28fd
f26e40109b0475bacea3fc2fcad5a91f2003e11c4bbe736141982da246ac155e
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f572b706e8885457d01675c991e530a7a2da373c225fd849d0e24a05bce1d9f5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5d83c8d23080d6323e1aa14df00f23d1dd5729dbe59bbbb16368cab271adf1e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7d286e7d9000db83b87acf32f08541994c71d5f9eae651aac7cb6904edb342d
fa0e5ec495d669b4b3a68b8c8af579d8d06efd0a0ef1b7da434c3ffa24af968b
fa4cc8a2262e3f4910730a1d3552ae4ada6610dcde63f16048e4bc333f13769d
fafd3623f0910824163053e42b2ea632f66c10cd6fd1989ab96378d3a0daae85
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb62f19a5a2a5b2925ccd50bf9857225200af91641aec8c57397616dd03943f9
fc0733663ef32c5ad20c46f55ebe690e71fd61c9ac3ce725a607c1bb24d7d263
fea8fa6cca374bef06530e25207876800c809a84666bfca794929bff87db6619
ffb5bd74bf660b05d3f9f247429f108c6e0c5b8796b34d5d5e458af6f5a4d53a
ffca9f8126574f59ca85f998efbd8ac2829fb31970f80122f7dc2a6fc76194b4