tl.net Open in urlscan Pro
2607:5300:60:cd52:2d72:9352:b1ea:2427 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tl.net/
Effective URL:
https://tl.net/
Submission: On November 29 via api (November 29th 2023, 11:56:03 pm UTC) from US — Scanned from CA

Summary HTTP 345 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 77 IPs in 6 countries across 70 domains to perform 345 HTTP transactions. The main IP is 2607:5300:60:cd52:2d72:9352:b1ea:2427, located in Canada and belongs to OVH, FR. The main domain is tl.net.
TLS certificate: Issued by R3 on November 5th 2023. Valid for: 3 months.

This is the only time tl.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 45	2607:5300:60:... 2607:5300:60:cd52:2d72:9352:b1ea:2427	16276 (OVH) (OVH)
18	2606:4700::68... 2606:4700::6812:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::8a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c17::65	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
3	18.160.53.102 18.160.53.102	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.207.17.231 18.207.17.231	14618 (AMAZON-AES) (AMAZON-AES)
3	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 9	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
3 10	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	44.207.61.10 44.207.61.10	14618 (AMAZON-AES) (AMAZON-AES)
8 17	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2602:803:c002... 2602:803:c002:200::62	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:303... 2606:4700:3035::ac43:c19c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1	18.160.10.17 18.160.10.17	16509 (AMAZON-02) (AMAZON-02)
3	18.67.64.51 18.67.64.51	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.253.63.149 172.253.63.149	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::6a	15169 (GOOGLE) (GOOGLE)
34	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
2 22	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c002... 2602:803:c002:200::64	26667 (RUBICONPR...) (RUBICONPROJECT)
13	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
20 26	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1 5	23.215.40.23 23.215.40.23	16625 (AKAMAI-AS) (AKAMAI-AS)
9 9	52.73.176.86 52.73.176.86	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 10	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
2 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6 6	2606:ae80:145... 2606:ae80:1451:17::1370	25751 (VALUECLICK) (VALUECLICK)
6	3.226.40.87 3.226.40.87	14618 (AMAZON-AES) (AMAZON-AES)
4	23.197.184.187 23.197.184.187	16625 (AKAMAI-AS) (AKAMAI-AS)
7 7	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
4 12	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:29::17da:da4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
4	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
6	23.222.193.103 23.222.193.103	16625 (AKAMAI-AS) (AKAMAI-AS)
9 9	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
13 14	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	52.87.28.41 52.87.28.41	14618 (AMAZON-AES) (AMAZON-AES)
4 4	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1	108.138.64.70 108.138.64.70	16509 (AMAZON-02) (AMAZON-02)
4 6	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.235.18.139 34.235.18.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c06::95	15169 (GOOGLE) (GOOGLE)
14 21	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	2600:1f18:4e9... 2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1	3.215.193.114 3.215.193.114	14618 (AMAZON-AES) (AMAZON-AES)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 12	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
3	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	142.251.167.149 142.251.167.149	15169 (GOOGLE) (GOOGLE)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.220.226.232 67.220.226.232	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.40.207.82 23.40.207.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	52.3.113.141 52.3.113.141	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:201... 2600:9000:201e:ba00:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:207... 2600:9000:2073:1200:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.85.132.68 52.85.132.68	16509 (AMAZON-02) (AMAZON-02)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
12	23.222.192.28 23.222.192.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.160.10.22 18.160.10.22	16509 (AMAZON-02) (AMAZON-02)
1 2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2603:c020:400... 2603:c020:400d:3000:67b7:1059:7283:c690	() ()
1 1	23.105.12.137 23.105.12.137	() ()
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	2600:1f1c:a99... 2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1	() ()
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	131.153.148.4 131.153.148.4	() ()
1 2	3.91.115.71 3.91.115.71	14618 (AMAZON-AES) (AMAZON-AES)
1	35.169.162.91 35.169.162.91	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.125.152 52.45.125.152	14618 (AMAZON-AES) (AMAZON-AES)
1	3.81.188.147 3.81.188.147	14618 (AMAZON-AES) (AMAZON-AES)
1 2	38.68.201.140 38.68.201.140	174 (COGENT-174) (COGENT-174)
1	2620:100:a001::c 2620:100:a001::c	() ()
1 1	23.32.172.185 23.32.172.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.204.12.231 54.204.12.231	() ()
4 4	35.207.24.140 35.207.24.140	() ()
2 2	64.74.236.255 64.74.236.255	() ()
345	77

45 2607:5300:60:cd52:2d72:9352:b1ea:2427 (Canada) 1 redirects

ASN16276 (OVH, FR)

tl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:24e (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker3.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.53.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-53-102.iad55.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.207.17.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-17-231.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.251.86.50 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.207.61.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-61-10.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 68.67.179.155 (North Bergen, United States) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c19c (United States)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com.ng	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-17.iad12.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.64.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-64-51.iad89.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.63.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::6a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::64 (United States)

ASN26667 (RUBICONPROJECT, US)

beacon-iad2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.253.122.156 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.215.40.23 (McAllen, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-40-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.73.176.86 (Ashburn, United States) 9 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-176-86.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.150.170.96 (Washington, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.166.1.34 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:ae80:1451:17::1370 (United States) 6 redirects

ASN25751 (VALUECLICK, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.226.40.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-40-87.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.197.184.187 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-184-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.127.204.142 (United States) 7 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.71.139.29 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:29::17da:da4e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.222.193.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-193-103.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.211.178.172 (North Charleston, United States) 9 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.71.131.137 (United States) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.87.28.41 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-28-41.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.131 (New York, United States) 4 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-70.iad12.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.18.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-18-139.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 69.173.151.100 (United States) 14 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.193.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-193-114.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.36.113.107 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f149.1e100.net

6811282.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.207.82 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-82.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.113.141 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-113-141.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:ba00:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2073:1200:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-68.iad50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.222.192.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-192-28.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.22 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-22.iad12.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:67b7:1059:7283:c690 (None, ) 1 redirects

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.137 (None, ) 1 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 (None, ) 1 redirects

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.148.4 (None, ) 1 redirects

ASN- ()

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.91.115.71 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-115-71.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.162.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-162-91.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.125.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-125-152.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.188.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-188-147.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.68.201.140 (Ashburn, United States) 1 redirects

ASN174 (COGENT-174, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.172.185 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.12.231 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.207.24.140 (None, ) 4 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	298 KB
47	doubleclick.net 21 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 6811282.fls.doubleclick.net — Cisco Umbrella Rank: 696088	297 KB
45	tl.net 1 redirects tl.net	433 KB
32	rubiconproject.com 16 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 1616 eus.rubiconproject.com — Cisco Umbrella Rank: 602 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156 token.rubiconproject.com — Cisco Umbrella Rank: 458 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969	71 KB
30	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	87 KB
24	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823 image2.pubmatic.com — Cisco Umbrella Rank: 924 simage2.pubmatic.com — Cisco Umbrella Rank: 843 image4.pubmatic.com — Cisco Umbrella Rank: 1184 simage4.pubmatic.com — Cisco Umbrella Rank: 1289	43 KB
20	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1335 cs.media.net — Cisco Umbrella Rank: 1513 contextual.media.net — Cisco Umbrella Rank: 691 hbx.media.net c21lg-d.media.net	58 KB
19	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 26566 tracker.nitropay.com — Cisco Umbrella Rank: 24688 tracker3.nitropay.com a.nitropay.com — Cisco Umbrella Rank: 36140	201 KB
18	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	30 KB
15	3lift.com 4 redirects tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	7 KB
14	adsrvr.org 13 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	6 KB
10	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 931	10 KB
10	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
10	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 984 match.sharethrough.com — Cisco Umbrella Rank: 559	2 KB
9	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	5 KB
9	bidr.io 9 redirects match.prod.bidr.io — Cisco Umbrella Rank: 573	5 KB
9	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 683 ce.lijit.com — Cisco Umbrella Rank: 882	8 KB
8	yahoo.com 6 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	4 KB
6	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	2 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	246 KB
6	dotomi.com 6 redirects amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4850 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483 medianet-match.dotomi.com — Cisco Umbrella Rank: 11403	2 KB
6	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 659 us-u.openx.net — Cisco Umbrella Rank: 522	1 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 567	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com	2 KB
4	contextweb.com 4 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	3 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	27 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	294 KB
3	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 597 gum.criteo.com	1 KB
3	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 1400 sync.intentiq.com — Cisco Umbrella Rank: 886 sync1.intentiq.com — Cisco Umbrella Rank: 2801	2 KB
3	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 tps.doubleverify.com — Cisco Umbrella Rank: 515 tpsc-ue1.doubleverify.com	103 KB
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 d.turn.com — Cisco Umbrella Rank: 1384	952 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	191 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	mxptint.net 1 redirects pmp.mxptint.net — Cisco Umbrella Rank: 4887	967 B
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 1352	688 B
2	ipredictive.com 2 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	1 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 377	883 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	3 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 592	883 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 868	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	google.com.ng www.google.com.ng — Cisco Umbrella Rank: 31497	517 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1218	287 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1749	425 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1180	359 B
1	cpmstar.com 1 redirects server.cpmstar.com	610 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 709	154 B
1	quantserve.com 1 redirects cms.quantserve.com	594 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1055	339 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	792 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com	3 KB
1	smadex.com 1 redirects cm.smadex.com — Cisco Umbrella Rank: 2636	614 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674	2 KB
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1458	557 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 938	647 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 4024
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1589	168 B
1	krushmedia.com 1 redirects cs.krushmedia.com — Cisco Umbrella Rank: 3896	673 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	174 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 904	362 B
1	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 30560	36 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3752	20 KB
0	atdmt.com Failed ad.atdmt.com Failed
345	70

	Domain	Requested by
45	tl.net	1 redirects tl.net
32	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tl.net aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s.nitropay.com tpc.googlesyndication.com www.googletagservices.com
26	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net sync.go.sonobi.com u.openx.net tl.net eb2.3lift.com
22	s.amazon-adsystem.com	2 redirects s.nitropay.com s.amazon-adsystem.com sync.go.sonobi.com match.sharethrough.com u.openx.net ce.lijit.com ads.pubmatic.com
17	ib.adnxs.com	8 redirects s.nitropay.com googleads.g.doubleclick.net eb2.3lift.com acdn.adnxs.com
14	pixel.rubiconproject.com	9 redirects tl.net
14	match.adsrvr.org	13 redirects s.nitropay.com
13	tpc.googlesyndication.com	aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com s.nitropay.com tl.net tpc.googlesyndication.com
12	contextual.media.net	s.nitropay.com contextual.media.net
12	eb2.3lift.com	4 redirects s.amazon-adsystem.com s.nitropay.com eb2.3lift.com
10	sync.go.sonobi.com	1 redirects s.amazon-adsystem.com sync.go.sonobi.com
9	x.bidswitch.net	9 redirects
9	match.prod.bidr.io	9 redirects
7	token.rubiconproject.com	5 redirects eus.rubiconproject.com
7	simage2.pubmatic.com	1 redirects s.amazon-adsystem.com ads.pubmatic.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	pixel.tapad.com	4 redirects sync.go.sonobi.com s.amazon-adsystem.com
6	eus.rubiconproject.com	tl.net eus.rubiconproject.com s.nitropay.com contextual.media.net
6	s0.2mdn.net	aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com tl.net s0.2mdn.net
6	match.sharethrough.com	s.amazon-adsystem.com match.sharethrough.com
6	tracker3.nitropay.com	s.nitropay.com
6	tracker.nitropay.com	s.nitropay.com
5	image2.pubmatic.com	s.amazon-adsystem.com ads.pubmatic.com
5	ce.lijit.com	s.amazon-adsystem.com ce.lijit.com
5	sync.1rx.io	5 redirects
5	googleads.g.doubleclick.net	tl.net aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	rtb.mfadsrvr.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	us-u.openx.net	1 redirects u.openx.net
4	pr-bh.ybp.yahoo.com	2 redirects u.openx.net
4	bh.contextweb.com	4 redirects
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net tl.net
4	ads.pubmatic.com	s.amazon-adsystem.com s.nitropay.com contextual.media.net
4	ap.lijit.com	1 redirects s.nitropay.com
4	btlr.sharethrough.com	s.nitropay.com
4	securepubads.g.doubleclick.net	s.nitropay.com securepubads.g.doubleclick.net
4	www.googletagmanager.com	tl.net www.googletagmanager.com s.nitropay.com
4	s.nitropay.com	tl.net s.nitropay.com
3	cs.media.net	1 redirects contextual.media.net
3	www.googletagservices.com	aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com s.nitropay.com
3	aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com	s.nitropay.com
3	ad.doubleclick.net	tl.net
3	api.btloader.com	btloader.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	tlx.3lift.com	s.nitropay.com
3	htlb.casalemedia.com	s.nitropay.com
3	prebid.media.net	s.nitropay.com
3	hbopenbid.pubmatic.com	s.nitropay.com
3	a.nitropay.com	s.nitropay.com
3	c.amazon-adsystem.com	s.nitropay.com c.amazon-adsystem.com
2	b1sync.zemanta.com	2 redirects
2	pm.w55c.net	2 redirects
2	medianet-match.dotomi.com	2 redirects
2	pmp.mxptint.net	1 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	thrtle.com	1 redirects
2	dis.criteo.com	1 redirects eb2.3lift.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	sync.ipredictive.com	2 redirects
2	px.ads.linkedin.com	eb2.3lift.com
2	6811282.fls.doubleclick.net	1 redirects aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
2	image6.pubmatic.com	ads.pubmatic.com
2	dpm.demdex.net	1 redirects sync.go.sonobi.com
2	sync.srv.stackadapt.com	2 redirects
2	creativecdn.com	2 redirects
2	p.rfihub.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ad.turn.com	2 redirects
2	amazon-tam-match.dotomi.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	um.simpli.fi	2 redirects
2	www.google.com	s.nitropay.com
2	ad-delivery.net	tl.net
2	www.google.com.ng	tl.net
2	fastlane.rubiconproject.com	s.nitropay.com
1	c21lg-d.media.net	contextual.media.net
1	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
1	secure-assets.rubiconproject.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	hbx.media.net	contextual.media.net
1	rtb.adentifi.com
1	sync.bfmio.com
1	crb.kargo.com
1	server.cpmstar.com	1 redirects
1	sync-tm.everesttech.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	cm.smadex.com	1 redirects
1	acdn.adnxs.com	s.nitropay.com
1	js-sec.indexww.com	s.nitropay.com
1	sync1.intentiq.com
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	hb.yahoo.net
1	aax-eu.amazon-adsystem.com	tl.net
1	tps.doubleverify.com	s.nitropay.com
1	image4.pubmatic.com	s.amazon-adsystem.com
1	us01.z.antigena.com	s.amazon-adsystem.com
1	rtb.gumgum.com	ce.lijit.com
1	cs.krushmedia.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	tr.blismedia.com	ce.lijit.com
1	api.intentiq.com	sync.go.sonobi.com
1	d.turn.com	sync.go.sonobi.com
1	cdn.doubleverify.com	s.nitropay.com
1	trace.mediago.io	1 redirects
1	beacon-iad2.rubiconproject.com	tl.net
1	config.aps.amazon-adsystem.com	s.nitropay.com
1	analytics.google.com	www.googletagmanager.com
1	consent.nitrocnct.com	s.nitropay.com
1	btloader.com	s.nitropay.com
1	fonts.gstatic.com	tl.net
1	img.youtube.com	tl.net
0	ad.atdmt.com Failed	aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
345	118

This site contains links to these domains. Also see Links.

Domain
www.teamliquid.com
liquipedia.net
twitter.com
www.youtube.com
store.teamliquid.com
trovo.live
youtube.com
jimwarren.com

Subject Issuer	Validity	Valid
tl.net R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-08-02` - `2024-08-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
nitrocnct.com E1	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google.com.ng GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.turn.com RapidSSL TLS RSA CA G1	`2023-03-22` - `2024-03-31`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-10` - `2023-12-09`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://tl.net/
Frame ID: E9FD5B956BA162768089463CFA10AD42
Requests: 129 HTTP requests in this frame

Frame: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B27DF86392AC52E34E91B386EDBC0A5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t
Frame ID: 367B37125A5E0A55EDFC2368BD0CEC6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CImfMxC8zv2KBBjUu4__ATAB&v=APEucNW_si7BVHhCXu2eoyR365zdkxD18kzhk7ZtzWERMgDBB8GMnGXNE8Kp8vU35QDiXniAriS7pACbXh6zKd8g5WVV7aQ09x3Xw0vclsGv_OiijKDUx68
Frame ID: 58D69B8E7829F12BEFB78E38215CDE9E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 71C779C47CF8DC64AAF57E71A3F0A83B
Requests: 18 HTTP requests in this frame

Frame: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E5DAF84E6D69F64BF4ECA673DEE76500
Requests: 22 HTTP requests in this frame

Frame: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DDC829BB8ECFFA1251BC19C90A9AF15
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmWXxDv_aWxBBjowr_8ATAB&v=APEucNX6NZ22lv4KcHWfezfvySwP2bOnD2eTOvDRTWKKceKLwtsGgjeuDtvnkPzspNHU_wc625de7WfN3_R29msjcv6h5WASWw
Frame ID: F40489933A5834C49DD396A904561D93
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 21CEAA682324EC7AEA5E6B79777D0DB7
Requests: 5 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: 135A0EC271B778894447288BA729C6D2
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: CD24C77623705F27689A4CD297A60CDB
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFpaAPuiMF4AMBaRURAAAAAAA&expiration=1701388556&is_secure=true
Frame ID: 3D980D89446BAA961F4B786C20C64D85
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: B92539A5D19C629DD34A54EF81A0286B
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: E732BC82F06BE155A81E6064BF3B56BA
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005&ex=r1uam.com
Frame ID: C3517F861CBD82F6ED68DACEF1E15591
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4511551991250421269&ex=appnexus.com
Frame ID: 6A9C58E82AED27A60DC4341123D6C5C9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: F446269AA186F888B18953E6B198B74F
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3517284719088716306008
Frame ID: C19FB8B1B60A981AF6FD3A5D1CC70493
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjgrKEEELPcp6oEGLnfpvEBMAE&v=APEucNXmzxAh4YzRYeh6nD0AEutDr5KiRhTvxQ_mzfrCdOpgpnGcPpKi84fLImWmwXRp-hiuTxtNyucDI4ZNtxyufI0wIglv7Q
Frame ID: 57E60762E0EB7C05B53FF7883BDB00A6
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Frame ID: 9D2459454A3D2B1C0B0DE510A539251C
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42F72702E91AB3DF32826D30D27BE81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E853A80C413C0871F060D03338B614E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 42F0E5F8A7F501C417486B1DF3A0762E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BA6671B10D2B55F9E4211EF952C9A934
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8614CA036369A7841184F57799970FE7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9DB21E03-9E94-4F68-9882-0144D5EF8BF9
Frame ID: 7623A7318AF927D5615467A49E92906A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 873704593D608AD6D6570986B72D03CF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250
Frame ID: 09050915C1EC1247F376ADA213AC2F5B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CAB0DC176D390577F99A4427675A20C4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CE46CDEBCAF95ABA69B7D563F7318A57
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 9AA9AC68832CD86CFA99D7414633CA42
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: FF23275C16086C8B90B89BB52987AC20
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 720391323B6FA87C5DB0C1762A043014
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 3CB09412356BE67A3D360D64530F380D
Requests: 13 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4511551991250421269&gdpr=0&gdpr_consent=
Frame ID: 56509FC5F707D10C7BD851E26467AB10
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB107Kz58AABOVKFHtnA&gdpr=0&gdpr_consent=
Frame ID: 17E836260E6896C004C27DD5711C5ABF
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 627442946DF620FF7049D5847033D236
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RE2yQxEevUVfQLUVEE2pQEZMtBdfTrFBEU4NgAIo
Frame ID: B0255BB7702454CFDD2459ABE9E231EE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 3C0BFB6362D442F83A6CDEA3EC1FF1A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 1D617BDF9C5E77AF9CDB1BBED33E5806
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 9162569D7EB88CEC88C0C170109C3C13
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=rkt&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=997336246572764449
Frame ID: 064CC7144A0BC0A6A3128AF2E9B34F35
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dpba%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 7B67547D29FC17A2DED8AB3D6A029588
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TLnet - StarCraft Esports News and Community

Page URL History Show full URLs

http://tl.net/ HTTP 301
https://tl.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

345
Requests

76 %
HTTPS

32 %
IPv6

70
Domains

118
Subdomains

77
IPs

6
Countries

2494 kB
Transfer

6448 kB
Size

165
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://www.teamliquid.com/
Title: Team Liquid

Search URL Search Domain Scan URL

URL: https://liquipedia.net/
Title: Liquipedia

Search URL Search Domain Scan URL

URL: https://twitter.com/tlnet

Search URL Search Domain Scan URL

URL: https://www.youtube.com/teamliquidnet

Search URL Search Domain Scan URL

URL: https://store.teamliquid.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/Portal:EPT
Title: EPT

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/
Title: StarCraft 2

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/
Title: Brood War

Search URL Search Domain Scan URL

URL: https://liquipedia.net/smash/
Title: Smash

Search URL Search Domain Scan URL

URL: https://liquipedia.net/heroes/
Title: Heroes

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/
Title: Counter-Strike

Search URL Search Domain Scan URL

URL: https://liquipedia.net/overwatch/
Title: Overwatch

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/World_Team_League/2023/Winter
Title: Liquipedia

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/ESL_Pro_Tour/2023/24/Masters/Winter/Regionals
Title: Liquipedia

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/Global_StarCraft_II_League/2023/Season_3
Title: Liquipedia

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/ESL_Open_Cups
Title: Liquipedia

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZ2h0d4tP0R8klduwj-_bDQ
Title: Blizzard YouTube

Search URL Search Domain Scan URL

URL: https://trovo.live/BombasticStarLeague
Title: BSLTrovo

Search URL Search Domain Scan URL

URL: https://trovo.live/Gusbuss
Title: Gussbus

Search URL Search Domain Scan URL

URL: https://trovo.live/IndyKCrew
Title: IndyKCrew

Search URL Search Domain Scan URL

URL: https://trovo.live/poblha
Title: Poblha

Search URL Search Domain Scan URL

URL: https://trovo.live/Migwel
Title: Migwel

Search URL Search Domain Scan URL

URL: https://trovo.live/aXEnki
Title: aXEnki

Search URL Search Domain Scan URL

URL: http://youtube.com/c/laughngamez/live
Title: Laughngamez YouTube

Search URL Search Domain Scan URL

URL: https://trovo.live/intothetv
Title: intothetv

Search URL Search Domain Scan URL

URL: https://trovo.live/LaughNgamez
Title: LaughNgamez Trovo

Search URL Search Domain Scan URL

URL: https://trovo.live/Kozan
Title: Kozan

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/STPLTV/featured
Title: STPLYoutube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ZZZero
Title: BSLYoutube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCK5eBtuoj_HkdXKHNmBLAXg
Title: AfreecaTV YouTube

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_CSCL/2023
Title: CSCL Season 1

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/_ESL_Pro_Tour/2023/24/Masters/Winter/Regionals/EU
Title: ESL Winter: Europe

Search URL Search Domain Scan URL

URL: https://liquipedia.net/heroes/_META_Madness/8/Qualifiers/4
Title: META Madness #8 Qualifier #4

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Challenger/2023/Jonk%C3%B6ping
Title: ESL Challenger Jonköping 2023

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Fighting_Spirit_Mania
Title: FS Mania

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_KCM/Team_League/1
Title: KCM Team League Season 1

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Bombastic_StarLeague/17
Title: BSL Season 17

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Copa_Latinoamericana/2
Title: Copa Latinoamericana S2

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_AfreecaTV/PC_Cafe_Tournament/2023
Title: 2023 StarCraft PC Cafe Tournament

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_AfreecaTV/PC_Cafe_Tournament/2023/Youth
Title: 2023 StarCraft PC Cafe Tournament: Youth

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/_World_Team_League/2023/Winter
Title: WTL 2023 Winter

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Challenger_League/Season_46/North_America
Title: ESL Challenger League S46 NA

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Challenger_League/Season_46/Europe
Title: ESL Challenger League S46 EU

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Challenger_League/Season_46/Asia-Pacific
Title: ESL Challenger League S46 AP

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/Elisa/Masters/2023
Title: Elisa Masters Espoo 2023

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_China_Seasons_League/11
Title: CSL 11: 2023 Winter

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Individual_Platinum_League/2
Title: Platinum Anchor Qualifying S2

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Bombastic_Starleague/25th_Anniversary_LAN
Title: Bombastic 25th Anniversary LAN

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft/_Torneo_Internacional_de_StarCraft/2024
Title: Torneo Internacional de StarCraft

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/_IEM_Katowice/2024
Title: IEM Katowice 2024

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/_ESL_Pro_Tour/2023/24/Masters/Winter
Title: ESL Winter

Search URL Search Domain Scan URL

URL: https://liquipedia.net/starcraft2/_HomeStory_Cup/24
Title: HSC XXIV

Search URL Search Domain Scan URL

URL: https://liquipedia.net/heroes/_META_Madness/8
Title: META Madness #8

Search URL Search Domain Scan URL

URL: https://liquipedia.net/heroes/_META_Madness/8/Qualifiers/5
Title: META Madness #8 Qualifier #5

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Challenger/2023/Atlanta
Title: ESL Challenger Atlanta 2023

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/BLAST/Premier/2023/World_Final
Title: BLAST Premier World Final

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/ESL/Impact_League/Season_4
Title: ESL Impact League S4 Finals

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/BetBoom_Dacha
Title: BetBoom Dacha

Search URL Search Domain Scan URL

URL: https://liquipedia.net/counterstrike/CCT/Online_Finals/5
Title: CCT Online Finals #5

Search URL Search Domain Scan URL

URL: https://jimwarren.com/
Title: Jim Warren

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tl.net/ HTTP 301
https://tl.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfPjNO2ZZo.ErrW8VsJLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjY1Njc0MDY3MjY0NjA3NA%3D%3D

Request Chain 142

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3443037560898621000V10

Request Chain 143

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AABB107Kz58AABOVKFHtnA&ex=beeswax.com

Request Chain 144

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7FCB205F58A246F382079BC68FDD55DF&ex=simpli.fi&status=ok

Request Chain 145

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e8b989fdbf25u6ic00lpkfdlj1

Request Chain 147

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 148

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4493890855c50fe5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFpaAPuiMF4AMBaRURAAAAAAA&expiration=1701388556&is_secure=true

Request Chain 151

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Dr1uam.com HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Dr1uam.com&cb=1701302156819 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=287945665 HTTP 302
https://sync.1rx.io/usersync/turn/2628261707126101944?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eb13a045-38d9-4efb-844d-50508ba13c38-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-eb13a045-38d9-4efb-844d-50508ba13c38-005%26ex%3Dr1uam.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005&ex=r1uam.com

Request Chain 152

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4511551991250421269&ex=appnexus.com

Request Chain 153

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com

Request Chain 154

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3517284719088716306008

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfPjNO2ZZo.ErrW8VsJLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMTU1MTk5MTI1MDQyMTI2OQ%3D%3D

Request Chain 185

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89&google_hm=OTI1MmRkYTMtMDk1NC00ZDRkLWJiNjctMDExNmYzNzYzZDg5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ8LgSQM5omi55kMwOSlPVM&google_cver=1&ssp=sonobi&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&us_privacy=

Request Chain 186

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=ca5fafd3-8428-480e-9171-2acf619595cd&pubid=91e92b73fd

Request Chain 187

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336246572764449

Request Chain 188

https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Q5WRN7WprJ699KewQqsm2gIvK0gC7SYJWIPqmRZlRGk&pi=sonobi&tc=1

Request Chain 189

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ERMWsRJhXKxxAxmZYZY3DEYZ_7o

Request Chain 190

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=274961a8-104a-419b-8634-81c53fd8d4d7&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=M1R0ZW92YV9Vd3YtRXV5X25tTTJWQQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC7SWZxjw8n7n1n-FcV8YkE&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8CcfhtpftGWC

Request Chain 191

https://id5-sync.com/s/434/9.gif?puid=274961a8-104a-419b-8634-81c53fd8d4d7&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/434/434/9/1.gif?puid=274961a8-104a-419b-8634-81c53fd8d4d7&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/434/2/8/2.gif?puid=4511551991250421269&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/434/112/7/3.gif?puid=3D6EDEE8B43D2E62&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/434/429/6/4.gif?puid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/434/441/5/5.gif?puid=u_fb7b974d-37b2-44ca-bd1f-7d95b89bfc9b&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/434/108/4/6.gif?puid=190f0788-7373-4d78-b3a4-58866c604c40&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=ca5fafd3-8428-480e-9171-2acf619595cd&ttl=%%TTL%% HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZWfPkAACn76OgQAa HTTP 302
https://id5-sync.com/c/434/136/2/8.gif?puid=ZWfPkAACn76OgQAa&gdpr=0&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mjc0OTYxYTgtMTA0YS00MTliLTg2MzQtODFjNTNmZDhkNGQ3 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEERI_DNyVzIbVM9Rewh4_9g&google_cver=1

Request Chain 197

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4511551991250421269

Request Chain 198

https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=274961a8-104a-419b-8634-81c53fd8d4d7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=274961a8-104a-419b-8634-81c53fd8d4d7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

Request Chain 199

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7

Request Chain 209

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZTBhNmZjZGUtOWZmMS00YmZlLTgyY2ItNjU4ODQyNjg5MDgx HTTP 302
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=

Request Chain 211

https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-111316b1-1261-5cac-7103-19996196370c$ip$70.25.255.186&gdpr=0&gdpr_consent=

Request Chain 212

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0

Request Chain 219

https://match.adsrvr.org/track/cmf/openx?oxid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0&gdpr_consent=

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEAafpbx9qShgFo3ADuoRcI&google_cver=1

Request Chain 224

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://ce.lijit.com/merge?3pid=AABB107Kz58AABOVKFHtnA&pid=85&gdpr=0

Request Chain 225

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0

Request Chain 226

https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]

Request Chain 227

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=5SrfJo5xkd6M&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nbIeA56UT2iYggFE1e-L-Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 242

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURCMjFFMDMtOUU5NC00RjY4LTk4ODItMDE0NEQ1RUY4QkY5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHw2hWoXjp95lFABbIeHXuU&google_cver=1

Request Chain 247

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FCB205F58A246F382079BC68FDD55DF

Request Chain 248

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=

Request Chain 249

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_SlolUpE2uWkkOLUaXaR1CePzrMj5js-~A&gdpr=0

Request Chain 253

https://6811282.fls.doubleclick.net/activityi;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://6811282.fls.doubleclick.net/activityi;dc_pre=CPXfk7a06oIDFSzoKAUdjEoBSw;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Request Chain 267

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=&expires=30

Request Chain 268

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ4ZDMzNWI1Y2IxZjM3ZGI0NGVhZTgwYzlhNjQ1OGRhYzg5ODgxNg&gdpr=0&us_privacy=1---

Request Chain 269

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBLRkRLODEtSS1ETlI=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIZ3SonhU2UeoeYWcM8ZQqM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLRkRLODEtSS1ETlI=&google_push=&gdpr=0

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJ0_f-igIJAnppIhO79z8Ck&google_cver=1

Request Chain 272

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/w-lkuky2cIIeMxmb7iub9Q?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Oj9FlEdE2oLJQR4Ufv4x87XfTVBArN07cAoFoA--~A

Request Chain 273

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

Request Chain 274

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=F8rVdgycToesBVo4oLx6ig&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F8rVdgycToesBVo4oLx6ig&gdpr=0

Request Chain 275

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPKFDK81-I-DNR&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Request Chain 276

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABB107Kz58AABOVKFHtnA&expires=30&gdpr=0

Request Chain 277

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

Request Chain 278

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPKFDK81-I-DNR&redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPKFDK81-I-DNR&gdpr=0&redir=true&us_privacy=1--- HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JSVdnUGhSRTJ1RjcwbmU3NHFvNjJCQ053Sm9aeWQyUn5B&gdpr=0&ovsid=LPKFDK81-I-DNR&us_privacy=1---&dpid=58160

Request Chain 279

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

Request Chain 280

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

Request Chain 281

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&expires=30&gdpr=0&us_privacy=1---

Request Chain 282

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1--- HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR&ckls=true&ci=hI559494et&nc=false&trid=742022572

Request Chain 293

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=ca5fafd3-8428-480e-9171-2acf619595cd&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 294

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEeo0i1G4I_JkmCyU5zBScc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 296

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D

Request Chain 298

https://pr-bh.ybp.yahoo.com/sync/triplelift/3517284719088716306008?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-N9MjSdxE2oSiHu6fb44kio_QuqUsp6yT_kHuB_ZrRQ--~A&dongle=0883

Request Chain 299

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3517284719088716306008&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=9252dda3-0954-4d4d-bb67-0116f3763d89 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=f7d390b0-012b-410c-9606-1d45242113c6&expires=10&ssp=triplelift&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=9252dda3-0954-4d4d-bb67-0116f3763d89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 301

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4511551991250421269&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 305

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4511551991250421269&gdpr=0&gdpr_consent=

Request Chain 306

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQjEwN0t6NThBQUJPVktGSHRuQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AABB107Kz58AABOVKFHtnA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABB107Kz58AABOVKFHtnA&pid=558502&do=add&gdpr=0 HTTP 303
https://sync.technoratimedia.com/services?uid=AABB107Kz58AABOVKFHtnA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AABB107Kz58AABOVKFHtnA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=9194282301195164687&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB107Kz58AABOVKFHtnA&gdpr=0&gdpr_consent=

Request Chain 308

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RE2yQxEevUVfQLUVEE2pQEZMtBdfTrFBEU4NgAIo

Request Chain 310

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dpubmatic%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=pDjZ7tMB3x5N0GQ2jSML0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 311

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=dde9f933-57b8-4c4a-adcd-a888af4bd873

Request Chain 316

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7d95556f11f14b3&is_secure=true&networkId=17100&version=1&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFpaAPuiMGcAMBHSD7AAAAAAA&expiration=1701388560&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 317

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&gdpr=0&gdpr_consent=

Request Chain 319

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10CEE6104_9F132496&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 320

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7064452645915482657&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 325

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 326

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Drkt%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=rkt&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=997336246572764449

Request Chain 328

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=274961a8-104a-419b-8634-81c53fd8d4d7

Request Chain 329

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dcon%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=16fa8ef5815b0fe5&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dcon%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=con&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=AAAFpaAPuiMGeQM5x12xAAAAAAA&expiration=1701388561&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 330

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dopx%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=opx&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=dd87c8e8-bfa4-0b47-02b0-4ad03e242485

Request Chain 331

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dr1%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1442412770 HTTP 302
https://sync.1rx.io/usersync/tradedesk/ca5fafd3-8428-480e-9171-2acf619595cd HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eb13a045-38d9-4efb-844d-50508ba13c38-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dr1%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3DRX-eb13a045-38d9-4efb-844d-50508ba13c38-005 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=r1&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005

Request Chain 332

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ0MzAzNzU2MDg5ODYyMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIctc1irdXDNB-WjRUHIn6U&google_cver=1

Request Chain 333

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=dxu&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=9KyygcOt1R8upr5

Request Chain 334

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0a460c31-b378-46a6-8bb8-bd768c9c0acd&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 335

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0ff3a976-0b74-433a-b61f-fb3238086833&ssp=medianet&gdpr=0 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 336

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=jLdf3OJA2ZPMC5zX22hf

Request Chain 337

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3443037560898621000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3443037560898621000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=0ff3a976-0b74-433a-b61f-fb3238086833&cs=1

Request Chain 338

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca5fafd3-8428-480e-9171-2acf619595cd

Request Chain 344

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LPKFDK81-I-DNR HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LPKFDK81-I-DNR&gdpr_consent=1---

345 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tl.net/
Redirect Chain

http://tl.net/
https://tl.net/

82 KB
17 KB

508ms
119ms

Document
text/html

2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

249f9c50881a54f14bd4b8f5578fdf9dccd28b25cbf792aeb450fdbb17f02110

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; disown-opener
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; disown-opener
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:55:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 29 Nov 2023 23:55:52 GMT
Location: https://tl.net/
Server: nginx

GET
H2 200 tla4.min.css
tl.net/mirror/v45/ 80 KB
17 KB 155ms
154ms Stylesheet
text/css 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mirror/v45/tla4.min.css

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

427aee860d0df2442e43bb88f4a0368aeb028c976868cc2dd69e024720d61b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 22 Sep 2021 14:41:54 GMT
server: nginx
etag: "614b40b2-4136"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7257600
content-length: 16694
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 frontpage6.min.css
tl.net/mirror/v1/ 13 KB
3 KB 166ms
165ms Stylesheet
text/css 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mirror/v1/frontpage6.min.css

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

167da377f0faa645239b5fe0666a93eb29b545de5be31ef83cabb631dadfb9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 10 Apr 2019 09:40:47 GMT
server: nginx
etag: "5cadba1f-af6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7257600
content-length: 2806
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 ads-464.js Show response
s.nitropay.com/ 477 KB
148 KB 526ms
129ms Script
application/javascript 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-464.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c5e5db4efb85fac319034712eb0857b8bfe8c4d46c1e71f03332e8ece96878

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1701283403
age: 10206
x-guploader-uploadid: ABPtcPqKatqgWHT6Lz_vmiXzHMvib5cHwtgq8fNAsDQbEi4W1yKfebXPprgjz_RgC3hzPp_WWo8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 20:55:48 GMT
server: cloudflare
etag: W/"5ce043abe6c0df054b1ea65509e51078:1701291348000:CA"
vary: Accept-Encoding
x-goog-generation: 1701284144630102
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=442NYg==, md5=XOBDq+bA3wVLHqZVCeUQeA==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 485839
cf-ray: 82dec8bdff0536c0-YYZ
expires: Thu, 30 Nov 2023 08:57:36 GMT

GET
H2 200 WCSPortalLogo.png
tl.net/staff/R1CH/ 3 KB
4 KB 168ms
167ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/staff/R1CH/WCSPortalLogo.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

d2b05dd965d18c3886aa6ba27ad83d450f3cf9a1a0ed5c5d017916fd0998ebeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:11:48 GMT
server: nginx
etag: "605cd264-d9a"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 3482
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 wtlfp.jpg
tl.net/staff/Waxangel/CTC/WTL2023Winter/ 61 KB
61 KB 170ms
169ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/staff/Waxangel/CTC/WTL2023Winter/wtlfp.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

83a9a3bac46709b85eda526d6573d862c60bf17140245c3c62c56da7f1ce9a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 07:47:21 GMT
server: nginx
etag: "65001789-f27a"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 62074
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 sc2_16.png
tl.net/images/frontpage/games/ 836 B
1 KB 103ms
102ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/frontpage/games/sc2_16.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6e843d604cde071a013684c2c224d746a32a3f84e62cf9e6a3ddd682878641da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 11 Apr 2013 02:00:03 GMT
server: nginx
etag: "51661923-344"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 836
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 esm504.jpg
tl.net/staff/Waxangel/EPT/ 42 KB
43 KB 111ms
103ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/staff/Waxangel/EPT/esm504.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7375d3d67e020606de6a3cace59cd87446076dc061d7bc950f0e0c3acd88859f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2023 18:33:12 GMT
server: nginx
etag: "63f7b168-a8d2"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 43218
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 solarwinfp.jpg
tl.net/staff/Waxangel/GSL/2023/codes3/ 37 KB
37 KB 158ms
151ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/staff/Waxangel/GSL/2023/codes3/solarwinfp.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b2746d66fec71f5b883277f2a7506afaf96bd2297c8318f13ba9a6a1ced9ff95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 02:27:30 GMT
server: nginx
etag: "654af212-928d"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 37517
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 fp.jpg
tl.net/staff/Waxangel/TLMC/19/ 83 KB
84 KB 177ms
171ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/staff/Waxangel/TLMC/19/fp.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6c5fe7056421b113fb1a1423089fc0a8c8a7cc457d3f837ecd8b754c1f66da0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 23 Oct 2023 18:08:27 GMT
server: nginx
etag: "6536b69b-14d4d"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 85325
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 b87af6af17cfaa91a9f50dc11faee78db3b157bf.jpg
tl.net/images/news/ 7 KB
7 KB 200ms
194ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/b87af6af17cfaa91a9f50dc11faee78db3b157bf.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cdbbff477b8a1d572a6f81ec1179fbaecede6fd88eadee8e34a09a4203fc36f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 07:47:48 GMT
server: nginx
etag: "650017a4-1a1b"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 6683
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 4c53e864d46894b59478189d71c38db66ac3ca60.jpg
tl.net/images/news/ 5 KB
5 KB 202ms
196ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/4c53e864d46894b59478189d71c38db66ac3ca60.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

0791e81850916e1e4bb2e3f8b50bf18794fea62b2a1228efcc65447ab4172dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 05:02:22 GMT
server: nginx
etag: "6450995e-130f"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 4879
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 9ad60b2b9ede6906d432d3c2005a3e40605a16f9.jpg
tl.net/images/news/ 5 KB
5 KB 203ms
197ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/9ad60b2b9ede6906d432d3c2005a3e40605a16f9.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a9350c374aa8e8cfafec76205d60af8f942dd89ec498057f58bb2a49ca7d7c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 02:39:14 GMT
server: nginx
etag: "654af4d2-1311"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 4881
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 656793d3726a8c0caae78d54c4addd406dad9b65.jpg
tl.net/images/news/ 6 KB
6 KB 203ms
198ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/656793d3726a8c0caae78d54c4addd406dad9b65.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cc402f410d5e2672b9a6eee90a8edb3f68da210e4fbb2545659b831561a309b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 09:58:51 GMT
server: nginx
etag: "6537955b-161b"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 5659
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 sc2_13.png
tl.net/images/frontpage/games/ 676 B
962 B 204ms
199ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/frontpage/games/sc2_13.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

8a1880d558363753b030615758091940f48fce6913ae5a461ffe434038aa3c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 13 Jan 2014 14:48:23 GMT
server: nginx
etag: "52d3fcb7-2a4"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 676
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 bw_13.png
tl.net/images/frontpage/games/ 561 B
847 B 205ms
199ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/frontpage/games/bw_13.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c75192aab40ca4dc5814da81ec39d9099780c2379f005a1664e92ebe77546850

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 11 Apr 2013 02:00:03 GMT
server: nginx
etag: "51661923-231"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 561
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/x57ApUc7CO4/ 20 KB
20 KB 551ms
115ms Image
image/jpeg 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/x57ApUc7CO4/mqdefault.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742461e7952f1bd94bd0f30ea0567ce12561d1c1d123344b6bb78c8456049f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:48:03 GMT
x-content-type-options: nosniff
age: 470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20333
x-xss-protection: 0
server: sffe
etag: "1697218825"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Nov 2023 01:48:03 GMT

GET
H2 200 rss.png
tl.net/images/ 421 B
708 B 205ms
200ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/rss.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

816a705e929c79cdbbc1edffa5b20d6653e43ec44572281722bea394385a8650

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2011 04:20:59 GMT
server: nginx
etag: "4d37b82b-1a5"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 421
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 refresh.png
tl.net/images/layout/ 149 B
435 B 205ms
200ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/layout/refresh.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb704b6b0f25e751a0ba6c31fc8e974c0909bc4d991e6c9dc69c7ad72bb4f512

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2011 07:02:17 GMT
server: nginx
etag: "4ef96d79-95"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 149
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 SC2Z.png
tl.net/images/race/ 368 B
654 B 205ms
201ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/race/SC2Z.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

4aa089f79a3c9d33cc1d6606455ead445e2f85021e9479c91fcae484e09e82da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 May 2019 16:18:59 GMT
server: nginx
etag: "5cc9c6f3-170"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 368
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 SC2T.png
tl.net/images/race/ 336 B
622 B 206ms
201ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/race/SC2T.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

68d2c6b4f48ae2cfd8c59f877d4cb6c389a068c8fb26aabd073e4e5bcf67f891

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 May 2019 16:18:57 GMT
server: nginx
etag: "5cc9c6f1-150"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 336
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 br.png
tl.net/images/flags2/ 583 B
870 B 206ms
202ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/br.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7bae86a1b07080f258052537a4e993d21e3343d587e6f6978306e8626faaa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:30:11 GMT
server: nginx
etag: "53d27803-247"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 583
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 SC2P.png
tl.net/images/race/ 284 B
570 B 206ms
202ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/race/SC2P.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

511012062bf0002b5e7b071b06f759d5426c24bcf2477077cbb0be12e4f9311c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 May 2019 16:18:54 GMT
server: nginx
etag: "5cc9c6ee-11c"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 284
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 Ticon.png
tl.net/tlpd/images/ 356 B
642 B 206ms
203ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/tlpd/images/Ticon.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

00461b68887916e909c94bc425b96691a4c915e9d83e6fe4edd428c1d1fea003

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 17 Apr 2008 06:18:48 GMT
server: nginx
etag: "4806ebc8-164"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 356
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 Zicon.png
tl.net/tlpd/images/ 351 B
637 B 207ms
203ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/tlpd/images/Zicon.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

282a9c922832166e02febc289543e1e40fd951c067ffa725bcfe2179d9a075ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 16:04:29 GMT
server: nginx
etag: "53d2800d-15f"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 351
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 pl.png
tl.net/images/flags2/ 445 B
732 B 207ms
204ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/pl.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6a9e215cfc7fd6b81194ca46bee681d44db106d00032d9c72416070154f670a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:31:22 GMT
server: nginx
etag: "53d2784a-1bd"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 445
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 fr.png
tl.net/images/flags2/ 442 B
728 B 207ms
204ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/fr.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1175a98fff0559b56791ee231f9bc4fc293cba9f187ec906e0ed11afae2830bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:30:37 GMT
server: nginx
etag: "53d2781d-1ba"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 442
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 es.png
tl.net/images/flags2/ 515 B
801 B 207ms
205ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/es.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3ee15a36957af60bbf010cd17a07c00ab3864ac84132c9b56e540a8b3f723e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:30:31 GMT
server: nginx
etag: "53d27817-203"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 515
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 kr.png
tl.net/images/flags2/ 538 B
824 B 208ms
205ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/kr.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1c5b452610059b726054a8c5dd8d1fae7b7b8a5daf772b3d5fa51fd43a2d393

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:30:59 GMT
server: nginx
etag: "53d27833-21a"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 side_search.png
tl.net/tlpd/images/ 675 B
961 B 208ms
206ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/tlpd/images/side_search.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

d125d94ed572e8e31628ebe8ebf7d93cbac3c395f8cd0e5223e78fcfdd290a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 17 Apr 2008 06:18:50 GMT
server: nginx
etag: "4806ebca-2a3"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 675
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 ks.png
tl.net/images/flags2/ 538 B
824 B 208ms
206ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/flags2/ks.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1c5b452610059b726054a8c5dd8d1fae7b7b8a5daf772b3d5fa51fd43a2d393

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 25 Jul 2014 15:31:00 GMT
server: nginx
etag: "53d27834-21a"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 gettimezone.js Show response
tl.net/mirror/ 4 KB
1 KB 209ms
207ms Script
application/javascript 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mirror/gettimezone.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

dea9657fd248d6b1ba78402b8c43aaca3ae269092f70e87bb64764b00671d69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 31 Jul 2015 12:17:19 GMT
server: nginx
etag: "55bb674f-47b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7257600
content-length: 1147
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 588ms
155ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-576564-1

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b468ff264acd6622af969a48b00c98dae7ac3c13122da4f62998426a3e24fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68586
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 23:55:53 GMT

GET
H2 200 jquery.min.js Show response
tl.net/mirror/ 87 KB
31 KB 129ms
122ms Script
application/javascript 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mirror/jquery.min.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 01:21:11 GMT
server: nginx
content-encoding: gzip
etag: W/"603ee487-15d9d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7257600
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 functions4.min.js Show response
tl.net/mirror/v20/ 37 KB
11 KB 140ms
133ms Script
application/javascript 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mirror/v20/functions4.min.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

0dd3d936baff623e34a778df1078caf8c47a591359cffb7dac07a2ff74832578

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Dec 2021 15:08:11 GMT
server: nginx
etag: "61b761db-2c87"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7257600
content-length: 11399
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 tlnet_banner.jpg
tl.net/images/layout/ 22 KB
22 KB 202ms
200ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/layout/tlnet_banner.jpg

Requested by

Host: tl.net
URL: https://tl.net/mirror/v45/tla4.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

cc62bb43a3f19e7afce8a10c6fdc58e1b9ccf7624a49f27fb52ded2dfcfea947

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/mirror/v45/tla4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2016 18:01:18 GMT
server: nginx
etag: "56cb4cee-57c5"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 22469
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 topbannersprite.png
tl.net/images/layout/ 7 KB
8 KB 202ms
201ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/layout/topbannersprite.png

Requested by

Host: tl.net
URL: https://tl.net/mirror/v45/tla4.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3397e5770232f1ea4cb2276fd0ab6acb7be067edeb5cbe3e821cf2693c5fca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/mirror/v45/tla4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2017 13:08:58 GMT
server: nginx
etag: "5936a96a-1de3"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 7651
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 tlnet.png
tl.net/images/layout/ 8 KB
8 KB 207ms
207ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/layout/tlnet.png

Requested by

Host: tl.net
URL: https://tl.net/mirror/v45/tla4.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

832bcd7a931277cd747ff81560910911cb8c126aff6983ae6eaba95fe4218460

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/mirror/v45/tla4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 10 Apr 2019 11:06:20 GMT
server: nginx
etag: "5cadce2c-1f4a"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 8010
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 5db25d2e10dad968265487d0846fdfeffb0ea9c7.png
tl.net/images/news/ 19 KB
19 KB 201ms
201ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/5db25d2e10dad968265487d0846fdfeffb0ea9c7.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

4bae400e26640be1bed27f65cd093048f20f9ad47d59111640cb0db380b59f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 16:14:56 GMT
server: nginx
etag: "64ff3d00-4ac1"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 19137
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 d586bab28b9444064acca24382aebc0c55387fd3.jpg
tl.net/images/news/ 4 KB
4 KB 205ms
204ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/d586bab28b9444064acca24382aebc0c55387fd3.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

08668f41b5aaa75dad6e1dfcfb62b7e8b39b821a598606a328fda371f401273e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 17 Dec 2022 09:12:18 GMT
server: nginx
etag: "639d87f2-f79"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 3961
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 b99dff5c9536a8851b09099c42bd0878d299787f.jpg
tl.net/images/news/ 6 KB
7 KB 205ms
205ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/b99dff5c9536a8851b09099c42bd0878d299787f.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7aae2a136b2bc864e5262a8d1e14126bdc86baaa4719532deb68b3530832ab2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 02:36:15 GMT
server: nginx
etag: "6513951f-1936"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 6454
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 f13563a38ea34650f36fb418378134a057a291c5.jpg
tl.net/images/news/ 4 KB
4 KB 206ms
206ms Image
image/jpeg 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/news/f13563a38ea34650f36fb418378134a057a291c5.jpg

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

62bea8b3623201b25cdc7b52c681f94ff8dd70012ca262a68e16b098a2c8b390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 22:54:55 GMT
server: nginx
etag: "650a26bf-fb9"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 4025
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 586ms
145ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Origin: https://tl.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:12:41 GMT
x-content-type-options: nosniff
age: 592993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 03:12:41 GMT

GET
H2 200 1.png
tl.net/images/games/ 7 KB
7 KB 172ms
171ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/games/1.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b436e9bfb03f24daa9427fd3fd880bd9aa095228207f79f56e1a1fec654a014a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 May 2019 16:39:23 GMT
server: nginx
etag: "5cc9cbbb-1c91"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 7313
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 2.png
tl.net/images/games/ 6 KB
7 KB 172ms
172ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/games/2.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

4dea7b5427abc06ef146133e53558233f952274174c0be95c029515a250b522a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 May 2019 16:44:10 GMT
server: nginx
etag: "5cc9ccda-19d9"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 6617
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 4.png
tl.net/images/games/ 890 B
1 KB 172ms
171ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/games/4.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a7a0c211abaaf34994a5b18cfbc2dac388c4a46203ecb6116d0573fd7bb11d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 20 Jun 2016 14:56:04 GMT
server: nginx
etag: "57680404-37a"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 890
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

GET
H2 200 3.png
tl.net/images/games/ 239 B
525 B 172ms
172ms Image
image/png 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tl.net/images/games/3.png

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

82ab158e2cd1de7ee858722027eb1d991d375ca629bd161887f6c2da5908dbc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 20 Jun 2016 14:56:25 GMT
server: nginx
etag: "57680419-ef"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7257600
accept-ranges: bytes
content-length: 239
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 23:55:53 GMT

POST
H2 200 set_time_zone.php5 Show response
tl.net/mytlnet/ 11 KB
1 KB 211ms
211ms XHR
application/json 2607:5300:60:cd52:2d72:9352:b1ea:2427
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tl.net/mytlnet/set_time_zone.php5

Requested by

Host: tl.net
URL: https://tl.net/mirror/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:5300:60:cd52:2d72:9352:b1ea:2427 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b56d4dceef1ecefc445190a62651f00d9594963cfcdcc1003859ea6b46027941

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://tl.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 23:55:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 136ms
136ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BM5TJQWK4B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-576564-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccc923572207aff98fa5d9bef573a3b269bed07ce43411e4cdb326278c8198fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 23:55:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 518ms
133ms Script
text/javascript 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-576564-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 22:27:34 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5300
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 30 Nov 2023 00:27:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 197ms
197ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-576564-21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-576564-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3678a2c7f4a05fed5888c3c84fa1c45a06197e60c988f1729e5f0a1f70192070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68638
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 23:55:54 GMT

GET
H2 200 tag Show response
btloader.com/ 87 KB
27 KB 478ms
115ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9596bccf2b48d42377b8e3ca52098f7d2808c07bfbd86b9a248ba3bc4a57fa9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 23:29:24 GMT
server: cloudflare
age: 1585
etag: "2b15a83187a227b4783bdde4f6a11ac0"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 82dec8c2895638e3-YYZ
content-length: 27400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 585ms
179ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972d116efdf996964d7d33758de8fa280e44d2000534dc6f08b6095726b4d661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29982
x-xss-protection: 0
server: cafe
etag: 187 / 19690 / 31079807 / config-hash: 12262027422145358037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:54 GMT

GET
H2 200 gpp-1a69fb4.min.js Show response
s.nitropay.com/ 255 KB
48 KB 113ms
112ms Script
application/javascript 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-1a69fb4.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef3f38fbc4379406a164b12ef71390cd60266256f54c063a33fb160e1c447288

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 17932
x-guploader-uploadid: ABPtcPoguFWEurXTGSA4WGLL6b-jH5ZNHADPVJp12l7_xnZRBNRsrjfvsI5QxS3AfeRDI704TbE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:45:05 GMT
server: cloudflare
etag: W/"2521d464f1350923e1868e68d5b9e8c5"
vary: Accept-Encoding
x-goog-hash: crc32c=rG3Gsg==, md5=JSHUZPE1CSPhho5o1bnoxQ==
x-goog-generation: 1700682305462354
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 261066
cf-ray: 82dec8c08bc636c0-YYZ
expires: Wed, 06 Dec 2023 18:57:02 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 408ms
108ms Script
application/javascript 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:37:56 GMT
content-encoding: gzip
via: 1.1 c889e9448c63bb4bf9dd41fcb2250e08.cloudfront.net (CloudFront), 1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD55-P2
age: 1079
x-amz-server-side-encryption: AES256
etag: W/"08899ab5b5f986f64974630ad47b39a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: u4IXhsWjSoXjTOeRr3GWL8i2u1dTS2JZdQ5N2fmefzxibBsrzYL1Tg==

GET
H2 204 analytics
tracker.nitropay.com/sites/464/ 0
0 558ms
185ms Fetch
text/html 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/464/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly90bC5uZXQvIiwidiI6OTYsImEiOmZhbHNlLCJzIjp0cnVlfQ%3D%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html
x-cloud-trace-context: e2fb278eb556173a345116d631a976c0
cf-ray: 82dec8c2fe7fa1e7-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 204 a
tracker3.nitropay.com/s/464/ 0
0 571ms
189ms Fetch
text/html 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker3.nitropay.com/s/464/a?ab=eyJocmVmIjoiaHR0cHM6Ly90bC5uZXQvIiwidiI6OTYsImEiOmZhbHNlLCJzIjp0cnVlfQ%3D%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html
x-cloud-trace-context: 991fcb7cd17a25032cd915d5b125f378
cf-ray: 82dec8c308ab3a06-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
142 B 330ms
321ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v4/openrtb2

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49ecc351539042180edab9d542900dfe0fe89a2d2571d9d52c1afc3647e270d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Nov 2023 23:55:54 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c0dc7836c0-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
119 B 485ms
171ms Fetch 18.207.17.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.207.17.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-17-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 628ms
307ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
2 KB 464ms
188ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 1fc6e67bd332f8135644503ffc397b99fe76578f0507ce4fef9a03ec0150a5f1

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 23:55:54 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
517 B 546ms
199ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: ae356f2a506795c0322f9efd2ce843526a6434b5f2ef7a7a0faa609854f38258

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 29 Nov 2023 23:55:54 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tl.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
540 B 400ms
145ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=548870
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615d029cb5ee73a9ba4d587bc36e7114bf0a3a579ae9cd4ee112df9a8e6fedec

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd7z5jolOyDKB9dlBtyavipSlnisZbLz45TbojBYk6Y1NI%2BaX5zALoq8CUmHFnNXN0POymB3AwbeOTa8jeq6P%2BXsaygBXwhY%2FnrljDvQTfmRRraauKelIhGrIw0JqkKymL5YBpqN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c28f8736c7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
537 B 452ms
98ms Fetch
application/json 44.207.61.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Ftl.net%2F&tmax=1200&gdpr=false&us_privacy=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.207.61.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-61-10.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
accept-ch: sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
695 B 437ms
130ms Fetch
application/json 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

66adb5e1d728998106082a48fea51edac5747c838120649e9f86aded738403d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
an-x-request-uuid: b5cea479-25d1-4c78-9050-ecbea0cc5f40
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 746ms
244ms Fetch
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=339244&zone_id=1788298&size_id=2&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,55,1,,,&eid_pubcid.org=c0e2ab8a-4403-48af-b219-3866e343c9f2%5E1&rf=https%3A%2F%2Ftl.net%2F&tg_i.domain=tl.net&tg_i.page=https%3A%2F%2Ftl.net%2F&tg_i.name=tl.net&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=728x90_ATF&tk_flint=pbjs_lite_v8.16.0&x_source.tid=94713da8-f502-47f9-8556-c13fa3225758&l_pb_bid_id=161429daf069c9a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c1f9857a-e63e-4f3d-87da-ead52e27f1cf&rp_maxbids=1&p_gpid=728x90_ATF&slots=1&rand=0.480094431338959
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5d22cefb27bec31512dedfe700e44c09101cabf23b2d9450f2c351caa939745c

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
267 B 150ms
149ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v4/openrtb2

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2267bafa4a334218b597be80d6a66708ef0865d32e467f26173ec8babb14d128

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Nov 2023 23:55:54 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c11cda36c0-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
552 B 424ms
99ms Fetch
application/json 44.207.61.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Ftl.net%2F&tmax=1200&gdpr=false&us_privacy=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.207.61.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-61-10.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua
x-auction-status: 17, 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
15 B 444ms
172ms Fetch 18.207.17.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.207.17.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-17-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
15 B 444ms
172ms Fetch 18.207.17.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.207.17.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-17-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
517 B 538ms
191ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 85c61dfa6495981356b2ddc786e4b0340a12977229d858163a71b59ac4cdc1b2

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 29 Nov 2023 23:55:54 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tl.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 250 B
806 B 409ms
131ms Fetch
application/json 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f1efcfda1bbcb462f62360619059a265b2226ae6e0e3f41af38c6a2e44636c23

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
an-x-request-uuid: 775e34ee-f72d-4cd0-8ca0-db01b3238edc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 250
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
2 KB 468ms
232ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 8c545727d243002a6bb279245ce94f3d6201efbf2002e8524d8e79905e591193

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:53 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 23:55:54 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 458ms
181ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 363ms
146ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=548866
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0bb33deca4a006e6abf069c3ba93cc5bb356e4fd638d3137bd7ec11c66e062

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMGOL3yN32HB5mit9T21sv%2B62Drg5fgMD4QMSVuBo5Ck21lEzSAQ9MRL02dzMSB5FAygrSYmbHZLMAe8zsQHT4zVtJLuljgD8%2B%2FHPVgGEWiZv7MVRsYKWUNGfAIkEOG2bACz%2F9SF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c28f8936c7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 1.gif
s.nitropay.com/ 42 B
370 B 122ms
121ms Image
image/gif 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 17933
x-guploader-uploadid: ABPtcPq-vjwG4bgEpxbB3uI-3iGINHtQdXI0NFxjdwFZJkTLxC228FddFnd1lw_CITlouktuI4M
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 82dec8c15d3836c0-YYZ
expires: Wed, 06 Dec 2023 18:57:01 GMT

POST
H2 200 openrtb2 Show response
a.nitropay.com/v4/ 57 B
190 B 3295ms
3294ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nitropay.com/v4/openrtb2

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662356c2574b3173b3a68baf2c73f1b6da663ce0510eddce08c05a5f23a7ee21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Nov 2023 23:55:57 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Origin
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: max-age:0, private, no-store, no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c18daf36c0-YYZ
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
517 B 531ms
192ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.16.0
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 499dd7e5544beb4dbb6e0cad4bc4dd352785f603b7a14c6d7c17f1426c3c84d9

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 29 Nov 2023 23:55:54 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tl.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
695 B 378ms
165ms Fetch
application/json 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9e8f884ae0a18e15d481747267a00f129e039c5d4a22ddc10c11d7903837ec7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
an-x-request-uuid: 3a48a8c1-d7c1-40ab-8a07-22077271946f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
15 B 377ms
172ms Fetch 18.207.17.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.207.17.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-17-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:54 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 395ms
181ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tl.net
date: Wed, 29 Nov 2023 23:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 679ms
271ms Fetch
application/json 2602:803:c002:200::62
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=339244&zone_id=1788298&size_id=15&alt_size_ids=9%2C10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,55,1,,,&eid_pubcid.org=c0e2ab8a-4403-48af-b219-3866e343c9f2%5E1&rf=https%3A%2F%2Ftl.net%2F&tg_i.domain=tl.net&tg_i.page=https%3A%2F%2Ftl.net%2F&tg_i.name=tl.net&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=300x250_CENTER&tk_flint=pbjs_lite_v8.16.0&x_source.tid=0762acb0-e114-47a5-b9ff-83d08a147a05&l_pb_bid_id=4995d7ff813cc04&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5e5218e9-52f1-4885-b797-fc64b3bb6b39&rp_maxbids=1&p_gpid=300x250_CENTER&slots=1&rand=0.6864645426568803
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2bdd710a308f5b81dc83283d8b2b34b33d0ea87ab10985427151c23dd1d367ed

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 17 KB
17 KB 399ms
230ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6f50461ebf463c7d78b533e729bb9534ed2e3a57d0abff4f9c62e93f01c45375

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 23:55:54 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
536 B 352ms
99ms Fetch
application/json 44.207.61.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.16.0&referrer=https%3A%2F%2Ftl.net%2F&tmax=1200&gdpr=false&us_privacy=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.207.61.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-61-10.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
accept-ch: sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
313 B 298ms
147ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=548866
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd0e9b747c1763daed397b5bb8dd468b216469f9e6b768427e2c9eb6eef3a1c

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3qYjWY6Lq2guYbYlg5N79EA5i3u%2Bz4vGZtgbuz956TB4ybrV7%2BEkT4GzCNwLu7YmMus7UmOwq4F4sAmk1u7ldDI5%2FdT0rsnsghxCM%2FMb24t%2BEZEP3NOMV4ZUOmW3DaIvhXLpVEW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82dec8c28f8b36c7-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
165 B 301ms
189ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BM5TJQWK4B&gtm=45je3b60v9134951772&_p=1701302153526&gcd=11l1l1l1l1&dma=0&cid=1050371512.1701302154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701302154&sct=1&seg=0&dl=https%3A%2F%2Ftl.net%2F&dt=TLnet%20-%20StarCraft%20Esports%20News%20and%20Community&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true&tfd=2081
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BM5TJQWK4B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
36 KB 473ms
109ms XHR
text/plain 2606:4700:3035::ac43:c19c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-1a69fb4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557914
x-guploader-uploadid: ABPtcPr5TYAKorVkIwAXKP4hBeI6JuzBIZqLGVYSEYx9pw2bUiotthlDkhIHJ9sZ2V9wmGxFgYM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
server: cloudflare
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary: Accept-Encoding
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation: 1689147090287559
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3iXzAu6IFYDtOPPR0qMIGynl8nPcU4b9HhAnweKBTJLSQyFTSaexHlQ5rp9b5jAWyIxl1ytobWgn1xxEHQnVPxbOPAsfh0vzuD8aVdG%2FantXH1hdoDML1g6xrPGsMD35QddxT7USQeDBTBK%2B7MFMcNwVTY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 119221
cf-ray: 82dec8c43bed54d3-YYZ
expires: Thu, 30 Nov 2023 11:58:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 133ms
133ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98E1TX5TKZ&l=dataLayer&cx=c

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f4754f81d9b0ef260659caa22b216a33b35962fcc9c02ecbdf96b901d4c6abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 23:55:54 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 572ms
188ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-98E1TX5TKZ&_ono=1&gtm=45je3b60v9133973696&_p=1701302153526&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1050371512.1701302154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701302154&sct=1&seg=0&dl=https%3A%2F%2Ftl.net%2F&dt=TLnet%20-%20StarCraft%20Esports%20News%20and%20Community&en=page_view&_fv=1&_ss=1&ep.anonymize_ip=true&tfd=2306
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98E1TX5TKZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 681ms
220ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-98E1TX5TKZ&cid=1050371512.1701302154&gtm=45je3b60v9133973696&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98E1TX5TKZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.ng/ads/ 42 B
409 B 648ms
241ms Image
image/gif 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.ng/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-98E1TX5TKZ&cid=1050371512.1701302154&gtm=45je3b60v9133973696&aip=1&dma=0&gcd=11l1l1l1l1&z=1187193954

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 da657530-03e5-4306-95bc-d4eb370426c9 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
813 B 486ms
166ms Script
application/javascript 18.160.10.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-17.iad12.r.cloudfront.net
Software: CloudFront /
Resource Hash: 254f74b5486dc7c03d239e5884450d11b2f30ba61f3ec6c1dd93822eed9c4c76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:57:07 GMT
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P3
age: 3528
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: AGNu2ufRJim_dNBle9Ag8U6gA99dNIS3wjaLgk5O8YCU-ovb9OXfsQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 96ms
96ms XHR
text/plain 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftl.net&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:29:55 GMT
via: 1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD55-P2
age: 5158
x-cache: Hit from cloudfront
access-control-allow-origin: https://tl.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 1sf0jcR4jHBwTOXB8d3XxD1NV2QZAPsiTGVFr9SQG7wZeeXnt2bSdA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 699 B
1 KB 658ms
302ms XHR
text/javascript 18.67.64.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftl.net%2F&pid=kpZ7pgM173yFC&cb=0&ws=1600x1200&v=23.1108.2350&t=1200&slots=%5B%7B%22sd%22%3A%22728x90_ATF%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C55%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.64.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-64-51.iad89.r.cloudfront.net

Software

Server /

Resource Hash

a026f7b228ec9a46b30b3f1cce01ebde3b78ba54c1888140c82f220524b04056

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD89-P1
x-amz-rid: E1YX2C16PFPSQFQC568A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tl.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 699
x-amz-cf-id: zTxsXYCjUmvOSnPymYGMRNqSwaqte5tE8fapTqDhls865ohxvaEmRw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 195 B
629 B 733ms
380ms XHR
text/javascript 18.67.64.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftl.net%2F&pid=kpZ7pgM173yFC&cb=1&ws=1600x1200&v=23.1108.2350&t=1200&slots=%5B%7B%22sd%22%3A%22300x250_ATF%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C55%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.64.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-64-51.iad89.r.cloudfront.net

Software

Server /

Resource Hash

2b9119b55c043871eb70fddb46104025663dcb23448fcbe6d385c74125307850

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD89-P1
x-amz-rid: G2QWXQCXDG6FY0DZYN37
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tl.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 195
x-amz-cf-id: jD7RiX6v3CwoXEzZ96z7f9dT6rRsAddiTXLEPgVREn7q5phlvsonkA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 195 B
629 B 729ms
381ms XHR
text/javascript 18.67.64.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftl.net%2F&pid=kpZ7pgM173yFC&cb=2&ws=1600x1200&v=23.1108.2350&t=1200&slots=%5B%7B%22sd%22%3A%22300x250_CENTER%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C55%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.64.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-64-51.iad89.r.cloudfront.net

Software

Server /

Resource Hash

d328592255999f317efbe713ec2a66fb6d7499c292fd420124db81071b9c0595

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD89-P1
x-amz-rid: DZDJTD2DW3Z0YXQB9PMG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tl.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 195
x-amz-cf-id: jP1YitBUs2keaRNGozay1-1LT_W5Y07uuF6KnlRxpBRu9CSptPbJEw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 412ms
113ms XHR
application/javascript 18.160.53.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.53.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-53-102.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 1531d925e2f1f9058974d2e519bbc57e.cloudfront.net (CloudFront)
date: Wed, 29 Nov 2023 00:39:28 GMT
x-amz-cf-pop: IAD55-P2
age: 83788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ityFbb-ilwFLljFmVskor53SqAA9ZLJMypcGgzCWKNnP9gUGYwzafw==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
102 B 438ms
146ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Nov 2023 23:55:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 539ms
182ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: tl.net
URL: https://tl.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2442162
x-guploader-uploadid: ABPtcPoCNwhiALcktML_yl5yo1BILg8XCvuhYarH18a4QnIHT87IdwPHma7PsWhlSq8P0lk5Grg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfBBl3pwTRCZB0%2FhEjGwgB4Ii7FHr9FnDf8wmcz%2BH7F0l0N2XYxqAGCNF6EmHCQ%2FHx0d2C2cJDhe7IYTl0zbRddfdgYOKScT4Xhc6oBxVRMXLMwVbE4hgvl2H6Bf5OAMVCPCppTO2nXR4FjUgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82dec8c60d8fa20e-YYZ
expires: Wed, 01 Nov 2023 17:39:35 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 493ms
166ms Image
image/x-icon 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 10:29:21 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
918 B 538ms
181ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7729702397337803
Requested by: Host: tl.net
URL: https://tl.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2442162
x-guploader-uploadid: ABPtcPoCNwhiALcktML_yl5yo1BILg8XCvuhYarH18a4QnIHT87IdwPHma7PsWhlSq8P0lk5Grg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDSwwNdZAB%2F6H9rwjsd067osuQmxhAMROnrUIz8%2BVQYzehfrJ3j4OcCC8mBjr9WfGxDcCFSvBlJyBK3nbqN%2FZanmh6LWXpxifYxMV%2B4ozfDEswGs6QssnIxy%2Bz7%2F9CPNOQikAsc4KrcFuzT64Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82dec8c60d8ba20e-YYZ
expires: Wed, 01 Nov 2023 17:39:35 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
93 B 120ms
120ms XHR
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1049566673&t=pageview&_s=1&dl=https%3A%2F%2Ftl.net%2F&ul=en-us&de=UTF-8&dt=TLnet%20-%20StarCraft%20Esports%20News%20and%20Community&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=693081743&gjid=1812200439&cid=1050371512.1701302154&tid=UA-576564-1&_gid=1522325836.1701302155&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma=0&jsscut=1&z=252161657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 211ms
210ms XHR
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1049566673&t=pageview&_s=1&dl=https%3A%2F%2Ftl.net%2F&ul=en-us&de=UTF-8&dt=TLnet%20-%20StarCraft%20Esports%20News%20and%20Community&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=186586589&gjid=1135932704&cid=1050371512.1701302154&tid=UA-576564-21&_gid=1522325836.1701302155&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1718074327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 120ms
119ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15833
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 28 Nov 2024 19:32:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
70 B 362ms
221ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-576564-1&cid=1050371512.1701302154&jid=693081743&gjid=1812200439&_gid=1522325836.1701302155&_u=YADAAUAAAAAAACAAI~&z=1031456496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Nov 2023 23:55:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
156 B 361ms
220ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-576564-21&cid=1050371512.1701302154&jid=186586589&gjid=1135932704&_gid=1522325836.1701302155&_u=YADAAUABAAAAACAAI~&z=804527310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7feadfa8229b413934c893aa2519e750c73bb6ebb2c38e541b347f43541fb7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Nov 2023 23:55:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
142 B 99ms
98ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
67 B 180ms
180ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=9pisdfKCGs&w=4893190552289280&o=6278260873756672&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Ftl.net%2F&sid=EdbzQdLk8&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Nov 2023 23:55:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 641ms
236ms Image
image/gif 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-576564-21&cid=1050371512.1701302154&jid=186586589&_u=YADAAUABAAAAACAAI~&z=1203973718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.ng/ads/ 42 B
108 B 130ms
129ms Image
image/gif 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.ng/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-576564-21&cid=1050371512.1701302154&jid=186586589&_u=YADAAUABAAAAACAAI~&z=1203973718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 315ms
315ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637932292937505&correlator=2628748155378959&eid=31078986%2C31079807%2C31078988%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=308365556%3A23616703%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701302155467&lmt=1701302155&adxs=430&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftl.net%2F&vis=1&psz=740x-1&msz=740x-1&fws=4&ohw=740&ga_vid=1050371512.1701302154&ga_sid=1701302155&ga_hid=1049566673&ga_fc=true&dlt=1701302153294&idt=1858&prev_scp=ncpm%3D0.10%26refresh%3D30%26domain%3Dtl.net%26hostname%3Dtl.net%26contax%3D680&adks=2408282231&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c76862d2362867d6e90bd0fdad57f46e500921be1fb1afba7c1cff67cb4b5e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9908
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tl.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 598ms
138ms XHR
application/json 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b6f746aaa32766e038e0dd588e5dd54a09bcba072f2618731bfc7e518d7095f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H2 200 container.html Show response
aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B27 6 KB
3 KB 539ms
132ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:55 GMT
expires: Thu, 28 Nov 2024 23:55:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 367B
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t

365 B
1 KB

132ms
132ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

7224e96c182515c908f27567850de02eaecbf09b6eadaacdf46d0a68cb3202e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 365
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 29 Nov 2023 23:55:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 6NW13GT3G4KMG7PRCPA4

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Nov 2023 23:55:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FFHQ2DQ8FKA3SHB0J2CX

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 371ms
370ms Fetch
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637932292937505&correlator=3594389581862612&eid=31078986%2C31079807%2C31078988%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=308365556%3A23616703%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701302155583&lmt=1701302155&adxs=1188&adys=288&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftl.net%2F&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=1050371512.1701302154&ga_sid=1701302155&ga_hid=1049566673&ga_fc=true&dlt=1701302153294&idt=1858&prev_scp=ncpm%3D0.00%26refresh%3D30%26domain%3Dtl.net%26hostname%3Dtl.net%26contax%3D680&adks=3666590714&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079807

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dbd9c940a73dd5fc22eb5cf5c7d0eec33a7c016b11ad003ead4d3ec045e8c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42715
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tl.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 58D6 0
192 B 133ms
132ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CImfMxC8zv2KBBjUu4__ATAB&v=APEucNW_si7BVHhCXu2eoyR365zdkxD18kzhk7ZtzWERMgDBB8GMnGXNE8Kp8vU35QDiXniAriS7pACbXh6zKd8g5WVV7aQ09x3Xw0vclsGv_OiijKDUx68

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:55 GMT
expires: Wed, 29 Nov 2023 23:55:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 71C7 89 KB
31 KB 678ms
279ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71C7 42 B
108 B 194ms
193ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFrVOxBmmNYbqygs2E9gGbV0o7EqRHwNNXdsyfOuixAyKYAT_aicpYW883w1XqITJf9Bs34U-LNa3V4SXFfbDuTOH2NdUICw5wdlanMHcP808kUm4

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71C7 0
57 B 194ms
194ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3796461804459295381&x=8&ct=76

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fd7a63b9-a7eb-4e62-b673-4744c5a56bf5
beacon-iad2.rubiconproject.com/beacon/d/ Frame 71C7 43 B
228 B 753ms
171ms Image
image/avif 2602:803:c002:200::64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad2.rubiconproject.com/beacon/d/fd7a63b9-a7eb-4e62-b673-4744c5a56bf5?oo=0&accountId=17374&siteId=339244&zoneId=1788298&sizeId=15&e=6A1E40E384DA563B61C89FBC9C252A506C9241D8769B0AA58FDC2FE10144295EC0BE539F59B807B2DA38A93856C67F668535F281A4B1321C5620F4E34BD57FC84313BD33464C29D5000A6936A0F24B61CEED68A2537451A48CFFBFA126480E2B6810C9946087FC1E936048F2E53F4C2357AA86845A92E3760029725C2BCA4AF752F2556DBCA7D8C2C7A5BB23C1A2ABACB579DAA5F959D2318C6BB4901255828C7CB4E3C4DCB89B9AD4173BF3710B51C192A19E3C5503274F

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:200::64 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 i Show response
tracker3.nitropay.com/s/464/ 2 B
332 B 137ms
136ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker3.nitropay.com/s/464/i?wb=eyJhZFVuaXRDb2RlIjoiMzAweDI1MF9DRU5URVIiLCJjcmVhdGl2ZUlkIjoiMjI0OTo1MzUwMjcxNTYiLCJiaWRkZXIiOiJydWJpY29uIiwidGltZVRvUmVzcG9uZCI6Njg0LCJoZWlnaHQiOjI1MCwid2lkdGgiOjMwMCwiY3BtIjowLjEyLCJocmVmIjoiaHR0cHM6Ly90bC5uZXQvIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJhZHZlcnRpc2VySWRcIjo4OTAwNzIsXCJuZXR3b3JrSWRcIjoyMjQ5LFwibWVkaWFUeXBlXCI6XCJiYW5uZXJcIixcImFkdmVydGlzZXJEb21haW5zXCI6W1wianVzdHdhdGNoLmNvbVwiXX0iLCJyZXF1ZXN0SWQiOiIwMThjMWQ4Mi1iNGM5LTcwMDAtYTViNy0yYWRlZTZkYjViM2QiLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcwMTMwMjE1NTY2M30%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 518ca118e1113c493cd86b35bef5806b
cache-control: no-cache
cf-ray: 82dec8c92aa93a06-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 pixel.png
tracker.nitropay.com/ 73 B
254 B 136ms
135ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=464&wb=eyJhZFVuaXRDb2RlIjoiMzAweDI1MF9DRU5URVIiLCJjcmVhdGl2ZUlkIjoiMjI0OTo1MzUwMjcxNTYiLCJiaWRkZXIiOiJydWJpY29uIiwidGltZVRvUmVzcG9uZCI6Njg0LCJoZWlnaHQiOjI1MCwid2lkdGgiOjMwMCwiY3BtIjowLjEyLCJocmVmIjoiaHR0cHM6Ly90bC5uZXQvIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJhZHZlcnRpc2VySWRcIjo4OTAwNzIsXCJuZXR3b3JrSWRcIjoyMjQ5LFwibWVkaWFUeXBlXCI6XCJiYW5uZXJcIixcImFkdmVydGlzZXJEb21haW5zXCI6W1wianVzdHdhdGNoLmNvbVwiXX0iLCJyZXF1ZXN0SWQiOiIwMThjMWQ4Mi1iNGM5LTcwMDAtYTViNy0yYWRlZTZkYjViM2QiLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcwMTMwMjE1NTY2M30%3D&t=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
x-cloud-trace-context: 06d135af88152f99a17f4b047e0e8d62
cache-control: no-cache
cf-ray: 82dec8cd78bc3773-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 73

GET
H3 200 n.svg
s.nitropay.com/ 1 KB
1 KB 106ms
105ms Image
image/svg+xml 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/n.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 3530
x-guploader-uploadid: ABPtcPrT9QK55nPOtoM5OAH8vZum-m7dMVgj1cVTUFL_Or8OAVXU7uMhWrS07-hMn64kMpB9ZgE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Oct 2022 06:19:07 GMT
server: cloudflare
etag: W/"47ce57ca1cac5f9545f1e2fb9c6bd90d"
vary: Accept-Encoding
x-goog-hash: crc32c=Tm86FQ==, md5=R85XyhysX5VF8eL7nGvZDQ==
x-goog-generation: 1664950747723912
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1437
cf-ray: 82dec8cd78bf3773-YYZ
expires: Wed, 29 Nov 2023 23:57:06 GMT

GET
H2 200 container.html Show response
aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5DA 6 KB
3 KB 201ms
133ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:55 GMT
expires: Thu, 28 Nov 2024 23:55:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 i Show response
tracker3.nitropay.com/s/464/ 2 B
282 B 134ms
134ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker3.nitropay.com/s/464/i?wb=eyJhZFVuaXRDb2RlIjoiNzI4eDkwX0FURiIsImJpZGRlciI6ImFkeCIsImhlaWdodCI6OTAsIndpZHRoIjo3MjgsImNwbSI6MC4xLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vdGwubmV0LyIsInRpbWVUb1Jlc3BvbmQiOjM3MywiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGMxZDgyLWI0NTItNzAwMC1iNDNhLTNiZDU0Zjc4NmRjNiIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzAxMzAyMTU1ODI3fQ%3D%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 63c3e8034f27c5ef388162d3697e9689
cache-control: no-cache
cf-ray: 82dec8ca2c193a06-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 pixel.png
tracker.nitropay.com/ 73 B
254 B 138ms
138ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=464&wb=eyJhZFVuaXRDb2RlIjoiNzI4eDkwX0FURiIsImJpZGRlciI6ImFkeCIsImhlaWdodCI6OTAsIndpZHRoIjo3MjgsImNwbSI6MC4xLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vdGwubmV0LyIsInRpbWVUb1Jlc3BvbmQiOjM3MywiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGMxZDgyLWI0NTItNzAwMC1iNDNhLTNiZDU0Zjc4NmRjNiIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzAxMzAyMTU1ODI3fQ%3D%3D&t=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
x-cloud-trace-context: 22df6bfb43b46ac594bdda29a0bdd768
cache-control: no-cache
cf-ray: 82dec8cda90a3773-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 73

GET
H2 200 container.html Show response
aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DDC 6 KB
3 KB 136ms
134ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:55 GMT
expires: Thu, 28 Nov 2024 23:55:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i Show response
tracker3.nitropay.com/s/464/ 2 B
415 B 135ms
134ms Fetch
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker3.nitropay.com/s/464/i?wb=eyJhZFVuaXRDb2RlIjoiMzAweDI1MF9BVEYiLCJiaWRkZXIiOiJhZHgiLCJoZWlnaHQiOjI1MCwid2lkdGgiOjMwMCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vdGwubmV0LyIsInRpbWVUb1Jlc3BvbmQiOjQ3OCwiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGMxZDgyLWI0ODMtNzAwMC1hNjk4LTBkNmZjMmZhZmFjNCIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzAxMzAyMTU2MDU2fQ%3D%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a0deeab817261ac57905d2d04971e31d
cache-control: no-cache
cf-ray: 82dec8cb9fb336aa-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 pixel.png
tracker.nitropay.com/ 73 B
254 B 136ms
136ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=464&wb=eyJhZFVuaXRDb2RlIjoiMzAweDI1MF9BVEYiLCJiaWRkZXIiOiJhZHgiLCJoZWlnaHQiOjI1MCwid2lkdGgiOjMwMCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vdGwubmV0LyIsInRpbWVUb1Jlc3BvbmQiOjQ3OCwiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjAxOGMxZDgyLWI0ODMtNzAwMC1hNjk4LTBkNmZjMmZhZmFjNCIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzAxMzAyMTU2MDU2fQ%3D%3D&t=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
x-cloud-trace-context: e65c4ec6bd2857e7a8ff1b7e65f53440
cache-control: no-cache
cf-ray: 82dec8cda90c3773-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 73

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F404 624 B
246 B 139ms
139ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmWXxDv_aWxBBjowr_8ATAB&v=APEucNX6NZ22lv4KcHWfezfvySwP2bOnD2eTOvDRTWKKceKLwtsGgjeuDtvnkPzspNHU_wc625de7WfN3_R29msjcv6h5WASWw

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: Wed, 29 Nov 2023 23:55:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E5DA 89 KB
31 KB 277ms
275ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 42 B
111 B 148ms
147ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUhLUZzujiTlHmvfDisJiuEAFwYZLZ4FrDdAHFndg6A8jn4ggOIE0UnbOHpMbXA--we8qAIXnfgLFtPg3XWHPQYSrHp2sCLB6d-3bU4vM4VxbPUII

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 0
350 B 147ms
146ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9506844345274601229&x=1&ct=76

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame E5DA 3 KB
1 KB 592ms
195ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame E5DA 20 KB
8 KB 543ms
146ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5DA 202 KB
64 KB 148ms
143ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 155ms
154ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 21CE 3 KB
4 KB 103ms
102ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

245d5917ae2c372febc0f6162a6b3403db713e037e9805ec439e046596fc4cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 3140
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 29 Nov 2023 23:55:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: RVZPJ8WWXVQ87NW4VS57

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F404
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1

43 B
742 B

110ms
109ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmWXxDv_aWxBBjowr_8ATAB&v=APEucNX6NZ22lv4KcHWfezfvySwP2bOnD2eTOvDRTWKKceKLwtsGgjeuDtvnkPzspNHU_wc625de7WfN3_R29msjcv6h5WASWw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pvDKceOrTT%2FiGlXsDcfIs3EbTFjrdsRt1TWrv75Y4553PPeSSvFH%2BO%2BNy9%2Fkyz%2BrFc2KM4Dqyfo%2Fltuyxvc%2BmZykBqzjwoy%2BsfjBNOUgdehtlPEqyx7U%2BM1hmk2ztzvozBtaYddbvzkQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dec8cfafcf36f9-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F404
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfPjNO2ZZo.ErrW8VsJLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2

43 B
767 B

106ms
105ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmWXxDv_aWxBBjowr_8ATAB&v=APEucNX6NZ22lv4KcHWfezfvySwP2bOnD2eTOvDRTWKKceKLwtsGgjeuDtvnkPzspNHU_wc625de7WfN3_R29msjcv6h5WASWw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js0b2VfO8q9STWMgbpbeG51gOlE5DynQarzgJP1RlJc4m2D646u%2BHmaavNLyCDEf4SmZo0xyAQXYj43X0EbPL42tcI2ZoVuTF4grz8hehWYlyv6PdBVWPaEKxjKhnd5oes%2FY0uHfIHAhAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dec8cf7f6436f9-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F404
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

43 B
846 B

99ms
98ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmWXxDv_aWxBBjowr_8ATAB&v=APEucNX6NZ22lv4KcHWfezfvySwP2bOnD2eTOvDRTWKKceKLwtsGgjeuDtvnkPzspNHU_wc625de7WfN3_R29msjcv6h5WASWw

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
an-x-request-uuid: da284b7a-33dc-4274-af58-b74b921fc061
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F404
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjY1Njc0MDY3MjY0NjA3NA%3D%3D

170 B
410 B

175ms
129ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjY1Njc0MDY3MjY0NjA3NA%3D%3D

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
an-x-request-uuid: 051ff477-842f-42e8-b1a4-260f4aa7d6d0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjY1Njc0MDY3MjY0NjA3NA%3D%3D
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 21CE
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3443037560898621000V10

43 B
479 B

486ms
165ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3443037560898621000V10

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JDQBWBWX7QW6B6E7EXHM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:56 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3443037560898621000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 21CE
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AABB107Kz58AABOVKFHtnA&ex=beeswax.com

43 B
479 B

434ms
132ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AABB107Kz58AABOVKFHtnA&ex=beeswax.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9JXC1RET3M5E926DB0A5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AABB107Kz58AABOVKFHtnA&ex=beeswax.com
Date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 21CE
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
https://s.amazon-adsystem.com/ecm3?id=7FCB205F58A246F382079BC68FDD55DF&ex=simpli.fi&status=ok

43 B
479 B

490ms
160ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7FCB205F58A246F382079BC68FDD55DF&ex=simpli.fi&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YBADG2GM90GJJ2M40JWD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?id=7FCB205F58A246F382079BC68FDD55DF&ex=simpli.fi&status=ok
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Nov 2023 23:55:56 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 21CE
Redirect Chain

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e8b989fdbf25u6ic00lpkfdlj1

43 B
479 B

108ms
108ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e8b989fdbf25u6ic00lpkfdlj1

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KREND5AK9E82HPHKAPHX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 29 Nov 2023 23:55:56 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e8b989fdbf25u6ic00lpkfdlj1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 uc.html Show response
sync.go.sonobi.com/ Frame 135A 2 KB
3 KB 429ms
122ms Document
text/html 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0b596532dda5366bd2dea4d50e4d979b4c404dfefbc6015278d313fc775705dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
content-length: 841
content-type: text/html
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
server: sonobi-go
tcn: Choice
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
x-xss-protection: 0

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame CD24
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

693 B
733 B

121ms
120ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 22f686aba5bece18fcf3251dd51ff4d05117dc66af94c8a7fdcf09bfe0a4832c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 399
content-type: text/html
date: Wed, 29 Nov 2023 23:55:56 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 29 Nov 2023 23:55:56 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 3D98
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4493890855c50fe5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFpaAPuiMF4AMBaRURAAAAAAA&expiration=1701388556&is_secure=true

43 B
479 B

208ms
180ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFpaAPuiMF4AMBaRURAAAAAAA&expiration=1701388556&is_secure=true

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: HYA17F003HK2RS6JP5ET

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFpaAPuiMF4AMBaRURAAAAAAA&expiration=1701388556&is_secure=true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame B925 601 B
787 B 514ms
167ms Document
text/html 3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 2dc02f249ac1c861f44a6ef05b112b74c0e9d67a4bd729bd6eea4e512f1cb616

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 601
date: Wed, 29 Nov 2023 23:55:56 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E732 16 KB
6 KB 442ms
129ms Document
text/html 23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93164
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: Fri, 01 Dec 2023 01:48:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C351
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Dr1uam.com
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Dr1uam.com&cb=1701302156819
https://ad.turn.com/r/cs?pid=45&rndcb=287945665
https://sync.1rx.io/usersync/turn/2628261707126101944?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-eb13a045-38d9-4efb-844d-50508ba13c38-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-eb13a045-38d9-4efb-844d-50508ba13c38-005%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005&ex=r1uam.com

43 B
479 B

104ms
103ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005&ex=r1uam.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: RZFKQQC0WEP1A07042GV

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 29 Nov 2023 23:55:58 GMT
ETag: RXeb13a04538d94efb844d50508ba13c38005
Location: https://s.amazon-adsystem.com/ecm3?id=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005&ex=r1uam.com
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding: chunked

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 6A9C
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=4511551991250421269&ex=appnexus.com

43 B
479 B

106ms
105ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=4511551991250421269&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: W11TW8H0MFQ4VFKC6FDR

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: fe91b516-cad6-4716-a5f1-dd99ed75bc88
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://s.amazon-adsystem.com/ecm3?id=4511551991250421269&ex=appnexus.com
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H/1.1

200
OK

amazon Show response
ce.lijit.com/beacon/ Frame F446
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com

1 KB
1 KB

507ms
187ms

Document
text/html

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 9e2bbdbb6acbe39e377311df95dc713e55543bbceca26395580bdf84c9ad8655

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding: gzip
Content-Length: 521
Content-Type: text/html
Date: Wed, 29 Nov 2023 23:55:56 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-Sovrn-Pod: ad_ap2dca1

Redirect headers

Content-length: 0
Location: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C19F
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3517284719088716306008

43 B
479 B

198ms
98ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3517284719088716306008

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: C215CW37EZJCNJZKSQW2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 29 Nov 2023 23:55:56 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3517284719088716306008
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 57E6 624 B
242 B 143ms
142ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjgrKEEELPcp6oEGLnfpvEBMAE&v=APEucNXmzxAh4YzRYeh6nD0AEutDr5KiRhTvxQ_mzfrCdOpgpnGcPpKi84fLImWmwXRp-hiuTxtNyucDI4ZNtxyufI0wIglv7Q

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 3DDC 24 KB
9 KB 135ms
134ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 11:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 11:17:15 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 3DDC 7 KB
3 KB 134ms
133ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 11:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 11:54:50 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3DDC 0
0 168ms
165ms Fetch
image/gif 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstqaLTyED4q3hpqbt1IaHRnACQqZEHiihn9VDseAKfp3z9e_uSXFsdgIKw_1Zs4rgJBNjTs2Le2qXPyvWfEk3t_0bkqGGKPWipO1K7WxsWiv9R6wAhQmWmbJhRbu3kTgGe1_hLGVnLjGdwWKD9LaHqeMUcfc7Of0SwsPIKsrpctGzVDJMw9fdy4fZX-NOstB9FaW1DeL8Rbil6quc8yuRMTt3SFC-uV7togEheTA76gd2AMASWSO-YR36VU2YOmN7IZZBa1M19m-CELHm833wvHEk9wyYboY2lkfLDtQtjyVyUt-frpJSwasLvrjBoRfNoUmF6AUOIYe_qza-w8gwUHbJ2RGJrWnT_yGnldnFk34xCL1h74-k1Clbp1ua-zm_Boa0ToMepfevimsuow7m856GkGMFWx13nN7F3m9Y_S3-5Lr-9Je_Jx8u61Fa2mpalVtRDI-_jeD3cWMyOxhl6iAp9raW0fDxntTrw-TRzgpvYO61IoO3i79eSYDFQT4wVgVYDJ_PR_hbZ-9pAF46T-g052V5O0IAheYqtuZ6O4_87UbCa_6AmJ8mwpDBNmFvwMcvfugQMVm0K3pyf89kQuadobPDXCtjJSt_2-haGaaCYogCfq8WMh5BzfeRTLSEuaeh_kyS6Xqiz5suSHPZyWO4Pp6_m9isumHMqt7aatQRhKMC_HGeuoZMxo1tTHXmuzuNSphT-yAQGrc5yRg6RdPKHQAa7lytbsJnJXbXcDZ-0zWjodaVT4MQlxDSOu7DNaz5ZMmpQB8XHhKskhQZrRQIzcIUk6QQKPHsNqUjonQcbUwN5fbAcrs8ltPAuYKYWfBn35Pc-mDbTx2WLj7VpfsRhs7DwmJzbcbq41wrhPSQMYtToYSI5XthydB5RvPFdQ1rhUf4o74hGuD1JzEV0toGlz-20a8wWKNV9zRYYr3_skwJhEexRAIboETaJte6RyhlxPtQUzv0KN0rFa848kH35287kFe84vu6d3GhhB6i9axE_YclHt62rN-a_FitMbaOJWohdro_IaeRxVq3kPmiOBfaW3CmGzEYdz9vs6cTd4n4jyZaGWzwhFFLLvElnT8PcWw2AEsFLCe005XI2Q5aSe51feb4g72sJz-nQD9rXX2RN-aOyd4zrZdhMvV8xvRb9qv8qU7bGuLgod0dYBo7E-gKPIRvIwuExkw7hSTCkbQ0DMtRZNdWZBvH3Y8PQPqMwvkm30T-c0VTxoPmDh0ulIv55m625QXqFpXpbt8ocrAHIKVLKbOexuTJmOamgp1QdtN0XIqEE2d5QxGMaH7yQaOlTP6HL_yyOzY05-DIneSCCNtSAh8Nt4S3ZIpuvMRxYJ_ski9ZspUXgFyyHrkbM2D2xpCFsCW_nTLXGb8LjhVJkTq-kLzyHrkoeXh6gYQdtEAe5-uE4I&sai=AMfl-YRuiJY4UK3haxShCdQIGpFam0GaDcZ6EGl-Ki0ZtNsabj4vNm2_Pz7ogMQ1trNboO7FnmTTkhMlpyhE4xWW1lDOkXEOAI-1l-PmbCGa_aX9h-2NDsanbcmEcPg4qpJmvfZmKzC42jw_S2x7vpoEgwmfVqMeN-eiCG1RwTJb6RZso8vwUQzGNcN_KoMtIiNPWd9gCH3uhoEqpBebNe3-FoGU6mii-ufi4pmRZa2lo1nBbDI_1664IAmA834czR2St-TWDHAGxrSeqDscadHUyGWuV3hixXzCgmtHcrP5vcIdz9oAIOp8xskVhG3iXYtsoryhNU1z-thQ07Lur1LgMfzNh7gYhKIcLjv-I_PvxzQWzNNOi08cDvHusBMlOQzFIlRRBTDWb7KxOyWMvTAl1fQ1ZRpufswniELH4704-cbAHwKKaX8qvIfLdTlbufGf8_pgkteanp9RJK3M3fsZDvdkYUKmx4VM6aSHCM1YMU4Unh9wDtyqgkJolDxcavY5O97QJopQapjDCQ&sig=Cg0ArKJSzL5ACsCPy2BHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9pbnR1aXQuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231128.01778&arae=0&ftch=1&adurl=

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DDC 41 KB
14 KB 412ms
197ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 409893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 06:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3DDC 3 KB
1 KB 410ms
195ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 3DDC 20 KB
9 KB 355ms
141ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:48:35 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DDC 42 B
108 B 141ms
141ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcM8RWURAd8jXFx_DMVS8CIBExZJ7preE3iGSa7KyQKRFxCivSCMiUHumF5K6XvWG1FRdJ0XJsRZ21qjI3vH1AYLCC7WLUzD5fJIUn_plJFwhXQF4

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DDC 202 KB
64 KB 139ms
138ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:56 GMT

GET
H2 200 7705661245929360944
s0.2mdn.net/simgad/ Frame 3DDC 28 KB
28 KB 120ms
115ms Image
image/gif 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7705661245929360944

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

4b01334c2806f3300ce1d798a9fd1dde9a3b58c968222732c3f8ca2bc2405e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:37:18 GMT
x-content-type-options: nosniff
age: 26318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28795
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 01:44:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 16:37:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71C7 0
20 B 151ms
150ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9046445918608&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71C7 0
20 B 152ms
151ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9046445918608&version=m202309260101&ct=76&x=8&cor=3796461804459295000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 71C7 94 KB
38 KB 177ms
177ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHLn-TicSx-bVOv0FcwnjeKPHzLaoL7YPcrevTEbdxJGns6TNAup-s-IsMiWOlGUxwqX8W_aBXYuIMSWnH7HtewMdrSpPSaYoW1zuU1iRIYCSqMmVJnFPhc5ogyeCKf4YMiRfMwT6Rg0VqknP0kCfooM8Be2P_gPq62I4VKbMNYIIqveg&dbm_d=AKAmf-B2hyocCpjLpA0G0XBgvTuMDwuoLxLAlOdk24ii3M8suN7sjMKoFk9G_5lSUytyo7_Qv5eF2Vu0_17jAtWMkg6Z71w9or5K8jZOjNt37xnG2MllXEPBEUroPzgWRqrDz9kqbqxmGtCiEIOzGI3tZ5qAxMguGceTHQc7LyOUMgnvyVk1uk73XCIxfd8FZ6YWqgdF2c6fdY6En-gyUtbr7SZLiGm_qoThsNGJwKbRGg-00DoIaQegyoLYCeet3PywLMV01krRX9-dKKp0LQZBMiOiyt4OPIxMoASaJSDZBToeWOyIDQOri9LKB41HgwZcE_NWGMGjQkCv-D-OaTcq9PzGkx2QvNK7rjigDD1l9Uo7aOWur6J_vFHyNy7yuoUQnz2FSxRWOMEKsPMeMJAYOnmrB4iPj6AJVyeN3pBWCoRK6PaM1YJzoCMXzjHCPwYi8zSj-_8JTHYr-CERi9c9rx1zsMWtM0t9oBxEAjsFvsEc7NIbRBNLVCJPsWV5WOd7_TIAqElWa0RpdQ_MkkRhC6lX5KTlSNzYt8Q5p2lNK-_1TpPpinbdFTU78lwhNA6yxzTPvqrprqtACMFcelDh--XDmvKymW_JZpw8pzCWaTQookkCx21oYHeSgidRZx1RtShJhnH8nNHf6oOslzzzVlKYHoptDCRFdRKKTdBgP3QffJelsToz1iKo8XC8uVONcVWZJgpXZbknpKCFzmetJCVOPChKxGGF6JnEXW2alyTl-56dTOLiS76K_r1FcNR9TL4eMEjTCXUK1TA1bAuBtuq4wwas1uDTIGjBDGLsL9FCQZFex4n8Lemo0MOZBbrzlfGfxFpTy_t_dBQdTg_DnBG2tpiw0cDGZBPRPveUePUummEN_5u6oMS4TUmfpXE4p3-vh2AL_DN4lFin3xFfHP434VVFGLvk15NriHUbIX40tRgdNqMHGcWfYkPByK8CNqIOrqUqm8cQF_2oLwL6Pb1nOUBlbCL3uEe8ULvVohBZs0XNyuPV4J7iibrjTgbQz9wBJk9p8oSZFxcYaYs9IC-ZzL7nnA1PnmqmmPim51vgg5vYUxJsL6O24qLjPt2oWlI5z68hZvd-BkiKcSRiYSvAnC47DkuS3pB7wbQ5udqkMaDE--DriWZNza2XmFAF-9DC0gMWpUtSVnHaIhEdQu5z2A6PBDU0Aul9SLWygZK_3IWI8mYsB7qOMHH5mw9sXuUaz4DyHRrT082pBw4lB8bV9Q7Fpm4t7Kf9a8fyJid2t3_CnD2orMRLa3XEqYCIctPyErGtFCcmreRg9y1gBQBGHBFjwZH4jjVghqaM4lzBRRGBe6TwDAiXZ5QIrwD4GQFeORbsC5Qrf_YFpY1ZUnWrG7R1ZEKVt2wPJYHidSeT72Xq0lwQipFPI72X4gmu2F1m0xnEXkSJW98G-4CbJfhtnnxVnHDQ5TzUOxckZq8Qj5Pup-2KhlCGkcSOu0WTeodeIsaCUesJF1dXE_tmJr7W1SqqzY6BPYqSoXKt0aeZXmmjSZk1sFsS_Yy1Iut0T5iYDkXeGSlwE-cVFoTDGVOxUPw0qBSrgwMctgy-gst97sB_KCjoe33WN_MkLmdI6gC5GGH0JZj6Ao98G4WVflgv8ykcs2f_jTkFOfK_ZrTlAqkaNq6sWKBjeOMaeY0Z6XLFWEsWRwkCTv_KsKFYLjRseUWY3rt5rI2doRCRwIelwyxcegloalGNhK8N_hCihaDy5ZVNeXWjlu3IkVp3PJAGtlzwRFp-fxpSLm4IOvR_U6MaSQ6EykzixjLg1IXMt9N1umlupho9tkjILyVPy3NE_cfyqKnQbd3mIjp9vwETXNzETniuaxJsGz1eiW9Q_29OIHiKvb65CvTwMHUoD4AFhbGiGJVlL_QKP_UF5IO4jEmdj0dWHdmXonD2s1NxpDFmsjD5E3sIlVKVBLGG-lNRBMHXjAZYHgXb9UMW_G65dUoUVRKAe5poGw3sV8V5duyPmRIqX6jVQplkmFdbSs98GbV-aQD8eszqN7hQuMoop-daqfZGlWOMAKQV2fse-0h__Zetd3JGxY5l5mDXzBo-g_T2xLyHPBs2q22HdA-9CKm6dI2UYm1cP5UBeVjtqiKIDO3ijNq-iHGQq7dHTfqLwLosMH9QJRPg8cBLHApzRpAzm7-OpblJ8D0Ba7b-kRz-ecBQR_yXLi60bogH-qXf0mw1odsyWyKtyv-_AxYY-U_kfccq5GGAdHMKBhstnr-u4SBeBClsdRLFHJdSK2T9Za_5yDUqvjZ60CZuV2LcYtGe6dQCVr8dOVCwrp1h5-HOFXSbY1gtgzLGAmItUF1iyh7XfuxHxfBg1jKln16-SFtko-YzyWRC-hs50xCRhN5OZczyyoVEuMSQnnfxa2k991iMAF-4BN5yMv1IPm5t0qz3FSPtxu1jcs9_zd0iqxs_cPdYlqxCyUSdRfGWyTTgngiUq0X0ba3pAXOG9jyZJOk57cD24EF7ShsVp05g4v1FBXRKkUb6wvE7wVmy2X7rjOx6TEG2czzVKHerg2tI5-nuHvVAAVxZTFwTf2A7mNgkhajTzjKxotK1QkRrxEQXLfBVWrR4oyjHsxac7c1SlluE-LNj8x6q9Dv1h5tDQ1XVwAp29QqGVy3B7rnfcG2VxPMRDTGEzobywbst5pIKJK_FqfgCnQxSGzAbFeeC8r5hifqjoLBukHb397p0kee4ADp8o5aOzV7pPf1PVIYA2lkQcPqOTwo1seHQB1M-8CCpV8DFSnibVMfdnrYeiW4bnstSg5_AdO36QQMROQvS27QCod-lI1RG46dgRW5oS_QgD_S7mWGoteIGNyuGxeWOHo3D1WTxv6-xnJz6sWeDLVl-WESUXtPQ8EEOb2TLM292iG17DQKfGgbNMBW6u0RmbArIqhWusp9LKR5HbznLWVcDesFs8V8pSOT4VQzSmPTNEmqZI-WQd0yshu8OJNdrNiIJ085f7kzJ8YJJ2H6U819lyML5MTJXgK2i3sV0xpwFhc9h7D8rMZEmtP6R03hsgQDzVQlHvPZq0q6ScpIdsey-0pR08wo87A3gOy_97PAKL2he3ZkNJ9cViyyNUVh4C7IWyZps5sDFlulhTIbEWKidhCgAiWihRayqCcxAx0dCQ6xC4KjJE4a_aictXl9D4XGL8reEo8O2_axNOPIXekswCms_9sX8pa17RnGqqQhAEsYtGJhHGAsK-J1jFtwJpBukJ7YMWjC6_p-ZKArgVj9Kxlo_XirUyu4nDAeLeiR1EX3iPArR781xB42YHHI64LTAa9r0eqf0haBmbRAMYzq3sveLnBXSUcb35YwkqlnUOvzevC4_KEDCFibzpUMEf5iVkM4rkHn_RjUJVZW3AqqpDDTWV7kMOyuJzrcyWjfDO3XAoAp4nOcLREoA29kdYnimZAru3zpofNKPVuC73qGTCvqk83nNWcD_jCgYBkOELuxXTGT6RFEqJXGjLTsVcKMg7MFUHjfrc0K7578eM-Hgqx3T5178DEOMLnicju7pzMJFHIyBqTHz5akGK96FLWtpj4la78NwVXvxVcGRJbZeixnBCxiepMoUoKpcXl3dTGaVVESG_KUTi4WtWlmBV0GPrj3PSMvZk2A3PEbpi_P8b98&pr=8%3A2F0DDC41D5BED776&cid=CAQSMgDICaaNGnwGdoMpcn_jPh7OsAaWrk3MDKHF4hxyOMJ9JXIC--lIEGnyTsZYp2hQQApGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftl.net%2F&ds=l&xdt=0&iif=1&cor=3796461804459295000&adk=2056123629&idt=695&cac=0&dtd=69

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d8be152678952e3776e2c71ab6c9a5f3d45c2fb1c562f24fba8f1c8cfefe431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 57E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1

43 B
733 B

108ms
108ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjgrKEEELPcp6oEGLnfpvEBMAE&v=APEucNXmzxAh4YzRYeh6nD0AEutDr5KiRhTvxQ_mzfrCdOpgpnGcPpKi84fLImWmwXRp-hiuTxtNyucDI4ZNtxyufI0wIglv7Q
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lejZzjsgckuSiiEFOHLQPxDpiXX%2F2KA%2Bblh6OPpPf%2BqMcOGCp1mOQm7JgelVn6JtWtu9esjsls1glEbQH0tO0IiaaDhcf5qFVCleCpocp%2BwMY2LagMYfFCeQBWBNhoW6OztRymFUsHCqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dec8cfafcd36f9-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 57E6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWfPjNO2ZZo.ErrW8VsJLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2

43 B
738 B

112ms
112ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjgrKEEELPcp6oEGLnfpvEBMAE&v=APEucNXmzxAh4YzRYeh6nD0AEutDr5KiRhTvxQ_mzfrCdOpgpnGcPpKi84fLImWmwXRp-hiuTxtNyucDI4ZNtxyufI0wIglv7Q
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rP61nrRAUJIEHwREdmJGeBNOql%2BIYWVxqHe%2F5Tbi9%2FVcXGYLCz55%2BcWLEGJBJoesVvOswHvyJ4OhKHA16wJhz1W11h%2BHNXvptBKdK1ZZ1r7grg6IZkcgs85Lnmm2zoxzEHwpJRghPrLvQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dec8cfafcc36f9-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL47DQENHaBD7kinFKrozFE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 57E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

43 B
847 B

104ms
103ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjgrKEEELPcp6oEGLnfpvEBMAE&v=APEucNXmzxAh4YzRYeh6nD0AEutDr5KiRhTvxQ_mzfrCdOpgpnGcPpKi84fLImWmwXRp-hiuTxtNyucDI4ZNtxyufI0wIglv7Q

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
an-x-request-uuid: 699fd193-e5f9-4653-99de-52ff31037cd8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxmVp4h8g-e_VS1yNkUqLk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 57E6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMTU1MTk5MTI1MDQyMTI2OQ%3D%3D

170 B
233 B

124ms
124ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMTU1MTk5MTI1MDQyMTI2OQ%3D%3D

Requested by

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
an-x-request-uuid: abc2ab17-2a83-4ca2-ba66-6af62796c665
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMTU1MTk5MTI1MDQyMTI2OQ%3D%3D
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3DDC 0
0 127ms
127ms Fetch
image/gif 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstqaLTyED4q3hpqbt1IaHRnACQqZEHiihn9VDseAKfp3z9e_uSXFsdgIKw_1Zs4rgJBNjTs2Le2qXPyvWfEk3t_0bkqGGKPWipO1K7WxsWiv9R6wAhQmWmbJhRbu3kTgGe1_hLGVnLjGdwWKD9LaHqeMUcfc7Of0SwsPIKsrpctGzVDJMw9fdy4fZX-NOstB9FaW1DeL8Rbil6quc8yuRMTt3SFC-uV7togEheTA76gd2AMASWSO-YR36VU2YOmN7IZZBa1M19m-CELHm833wvHEk9wyYboY2lkfLDtQtjyVyUt-frpJSwasLvrjBoRfNoUmF6AUOIYe_qza-w8gwUHbJ2RGJrWnT_yGnldnFk34xCL1h74-k1Clbp1ua-zm_Boa0ToMepfevimsuow7m856GkGMFWx13nN7F3m9Y_S3-5Lr-9Je_Jx8u61Fa2mpalVtRDI-_jeD3cWMyOxhl6iAp9raW0fDxntTrw-TRzgpvYO61IoO3i79eSYDFQT4wVgVYDJ_PR_hbZ-9pAF46T-g052V5O0IAheYqtuZ6O4_87UbCa_6AmJ8mwpDBNmFvwMcvfugQMVm0K3pyf89kQuadobPDXCtjJSt_2-haGaaCYogCfq8WMh5BzfeRTLSEuaeh_kyS6Xqiz5suSHPZyWO4Pp6_m9isumHMqt7aatQRhKMC_HGeuoZMxo1tTHXmuzuNSphT-yAQGrc5yRg6RdPKHQAa7lytbsJnJXbXcDZ-0zWjodaVT4MQlxDSOu7DNaz5ZMmpQB8XHhKskhQZrRQIzcIUk6QQKPHsNqUjonQcbUwN5fbAcrs8ltPAuYKYWfBn35Pc-mDbTx2WLj7VpfsRhs7DwmJzbcbq41wrhPSQMYtToYSI5XthydB5RvPFdQ1rhUf4o74hGuD1JzEV0toGlz-20a8wWKNV9zRYYr3_skwJhEexRAIboETaJte6RyhlxPtQUzv0KN0rFa848kH35287kFe84vu6d3GhhB6i9axE_YclHt62rN-a_FitMbaOJWohdro_IaeRxVq3kPmiOBfaW3CmGzEYdz9vs6cTd4n4jyZaGWzwhFFLLvElnT8PcWw2AEsFLCe005XI2Q5aSe51feb4g72sJz-nQD9rXX2RN-aOyd4zrZdhMvV8xvRb9qv8qU7bGuLgod0dYBo7E-gKPIRvIwuExkw7hSTCkbQ0DMtRZNdWZBvH3Y8PQPqMwvkm30T-c0VTxoPmDh0ulIv55m625QXqFpXpbt8ocrAHIKVLKbOexuTJmOamgp1QdtN0XIqEE2d5QxGMaH7yQaOlTP6HL_yyOzY05-DIneSCCNtSAh8Nt4S3ZIpuvMRxYJ_ski9ZspUXgFyyHrkbM2D2xpCFsCW_nTLXGb8LjhVJkTq-kLzyHrkoeXh6gYQdtEAe5-uE4I&sai=AMfl-YRuiJY4UK3haxShCdQIGpFam0GaDcZ6EGl-Ki0ZtNsabj4vNm2_Pz7ogMQ1trNboO7FnmTTkhMlpyhE4xWW1lDOkXEOAI-1l-PmbCGa_aX9h-2NDsanbcmEcPg4qpJmvfZmKzC42jw_S2x7vpoEgwmfVqMeN-eiCG1RwTJb6RZso8vwUQzGNcN_KoMtIiNPWd9gCH3uhoEqpBebNe3-FoGU6mii-ufi4pmRZa2lo1nBbDI_1664IAmA834czR2St-TWDHAGxrSeqDscadHUyGWuV3hixXzCgmtHcrP5vcIdz9oAIOp8xskVhG3iXYtsoryhNU1z-thQ07Lur1LgMfzNh7gYhKIcLjv-I_PvxzQWzNNOi08cDvHusBMlOQzFIlRRBTDWb7KxOyWMvTAl1fQ1ZRpufswniELH4704-cbAHwKKaX8qvIfLdTlbufGf8_pgkteanp9RJK3M3fsZDvdkYUKmx4VM6aSHCM1YMU4Unh9wDtyqgkJolDxcavY5O97QJopQapjDCQ&sig=Cg0ArKJSzL5ACsCPy2BHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9pbnR1aXQuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=186&vt=11&dtpt=184&dett=2&cstd=0&cisv=r20231128.01778&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 0
48 B 226ms
225ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7389594709840&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 0
57 B 224ms
224ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7389594709840&version=m202309260101&ct=76&x=1&cor=9506844345274601000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E5DA 91 KB
38 KB 205ms
204ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV-O3epCEAhYy_nsRaUlA2yFjXXur4LEKmK4zBAgR2hxq77EAjlgFSC-bXk9E71SrwiT3Xq8OIzpgMA60nzhBe6aaVHGZfH9XTm77LIi2nJyr4MwfYXv5LZ2X59RhQAjQTFbzVSpe2r6JzOuOJ4fxFve2EQjSVCeuXoM2E9YCjaKDXNiQ&dbm_d=AKAmf-Ao7RPPy6UnEIpAviX9Gukqz7v7kQ3XiF6ozK_6A93DwcDZMwkph7K_IIFa-ewm_foVOwbrf5sjO2xO7dndI1mTZVJoeHTw3guZAmyOVI-mZFSRvDf3iEdi3CKnWF65aqlCXh5aNlBH4H1CDZONJtmpXBWUIp-5o6HTWD8lJGiLV9VqzvltKwdPP1SLi_g5eZrL2nfCVJpFD8WDYTsIVRf477oHlI2aSWydQfOUhBOVVj6eSSDuXIdpvWNsUc2kHhXRkl3EQUTihFykfjqkDlwSgh35MatDOG5U2ubVD2R6lezqwfBd_p7O0RJOfEZziWEORwvS-Dgjf_iSl8wgaoFXZqgdUo09kVDVvUg_QutdgVlgQscfZakzBGefmJbktjcX_0D4OJQ_NyQcrz8klYhNSl0FsKdUvaaL1h4f5p_61fyBpnit3MYZtDrJnVd7XflHCMe1KZCjo07KA7s5P2mHXidPP2aoDL6Xs0eHeuYUrRAbUp0MRHfGjs_qCVHDRgTJ9kYnjXTJS-FUGR9hLY9546ejxe_9IXxZwcIpR-EWcpcL2pPObU4m0GfLxxMplERuYdx6zEytok8H9YElJZo4XFE_rIUbwn_YJ4F4e_OU_rlS5VHAMombceWEhE78Dab3ssIAuAM2Bl7qW1LoD4GHBSkh1ie3E2KxpLy2P4Iic47ozoA4spcsHjuMgTG3ebbS-jCr57RjrXg8xLPruv9GUl1K_Ndzn48urH-LbnxBJI_93sgtbWt9E4MItRqQYQURceHA8xdkW5os9uJWGzrfCpHV-msORJXSSaM2facE5Qb-YKaX8jQQNYNpZsG7xTBhfKh5E6eKzvLJBTAVf9pna4ma0NwoRSZheUcXmZMuTOGf7LDP0RGOnQbi-Isd_qbxNHzbwXIPtBzPbID0nsA89faMymC-TVWkUXfuLKUymDxpUK6kxWwwTKVPua97jdAktT87ufm-G_Hl3jTTcsCvzCQ1ahax0dzVUPZLEE6Uy9HlbNsArF3rpBeqLvyoITFtOQOKSNB34ACmiGRCBg4Z76ERspOAdce0y8FhRfuZWgoDwH1AaHuWNdjkv8qwyBAtQ0YhfAI5QQfxW2GdmSf34yjYaAlVPcameYVOz4huswxOKFx8ASHn5MAaNhCv-sgFNbCDSvCLpzg9DWuLIWIWJpIOC4JaCCu82qDlDow7lLSH9ZY5BPqwbKJPPobwaadQVo4h8DTIH0v1mlw3kPmO29ex5lta7B6fCMmJZKzAJl_K9sMzHmf3n_V568vH9-zTFaHXjZIWjZstcrHmg55zwq1fqLQGJVksUHvybsZxvH4MmSm-qM4zEgIDM84f7nIH5PXB4flowX73hh33tREC86udQ6jYvs-eu1SGPw6-fRf0i_hL8ytJOlqAKr28h-nopcpKf0rNzEoNjGGH0mq6jdpcvJ6TRZNWW6vJkYe9D1o5nwYT_UW8uNZf1hdiwVgI2_dQA6mXSmU9A_3ANgM_LQSV87x5DPvFL52zi6_PdUe2jP-Mo16gmUzt3iLk-WB9SZogbUaLxdg9vTVJXbEyFt22B1ub5yKcx23v19LU4BAme_6I0Kk1DiQv0e9i06AvTpKmS9Tea3iUc32FCvjsRtBJwuVNIA8bF_gC4OuRh08ufNrp7tiafGs1zw_uDxbjZjUiU9XJ1VVrtSHoP6th5kn1DSz02V3bQlkZSto2ekW4QIC4UDBJtmEKeucMZdF90kwGFooeGJZ7IQcpdGmGVuoISKsaEa6rAy2ISJ3NeDmExkC24PgJbTgzZlTxUFjpNNmuKci3yOGR40j55kFPWudZpCd-6lkR0hVs1kbksq5eMt0aG5xE604EJkIUFim2X98R0cgsynTkA3TOn6zJ_rDsFamGECsdnw_2gC0ZYk7FGaKeofbLlzBhAY29JLl7hjzHRipp-uBeOLY0UK4-yb9mlLSV6kf0PFF8N5FUaKYSv01DnOs9Wxdmg8qGhzBwvMA_byZ-C2pFg-wEMpx1K8Z0qtzOCSoUsZG1Dzf-T2f_lW_6yObeHohk8l7O8F5SHkpTku6zhLghDZ0geViDn6RIuSBKL-xiw4mANb4_i4LpkVNhmg30Kg28m13qNjUegfaAfghlhVfxIm99hV9XzYupY4GJvKI3oehx4_9EDfABF36UfBTlsImRvUhmLDHnFsIWjLRzIOA9tjAc9jpczGXvAiPCAH9c3jzaQ4K1ObbCsfOl2kHuRS19VLfVSN9rOuYOIBchPmesfUzgNSO9RU88yHsSWnDBm_9PYrX0pTF64BtxXrj1m6puPXStXSI8D-qtjWWfL1mQwyfSzFkgyLhVRBXcA6Oi3QtoBr5OZlwaYwrLvLRAUYF_TR2XCSvuOhbjyxPgRznIjghSv2Z2BQRsSO1Tim3vRrFuMBl5AsrmBwJxRecrjBFyqwJUs0eu9TeYcWvpjMewhYb8T91zq34EmiHRiopfyzROwZUUbHqnDuLekizRsz3o24VS8X1Qwc99Eoqeb8QP5XtR92gN4ayypbgUtEQ0NVsuN8Tpz4djUs5Iqh-EvS2WWOsg1HPwdT8ai2hWmj-JedzGj09RMVdJSedf5Ye26Gh7evopQfMo3DqPWCSagvr3DRv7JkwhhXQnenz5T0Xs5lmNhzLRS2RLqlWLezz7F9yAbkqVCS5xcfRkE8g8utwNiWnjEl1td8xfxlZFtVvzutsEsp7T-xan7paZbNOG7X9sqwv1KtpF5VBaVc5rBWQi7UXtctNFxzGg5zQYP5L_0paZkYtB1rGI8QJj2W3T33TNmHWUVzbceLbDgWjtVPK4jDsfZ7EkcH6ZC8Xk8DLVdAlrXXnDUzv-RObnqJlVNNDrXxn0eDSVsyF51NSeTShtZOYFgMgvn00jzRHNbBPkQ3JzuTSMOVh54LtQIWgwuT56PbnlM9D2iirQ2Uc6sn9aOgH7M5OH8UC87BafMakNShLCeqBiah5KGF704TwYRoHpxjGZw6HdJ7oWlx9j4CWtAJW1vDyW8z0fVZ3adzdbN-XoU9RtEmKoKeXK4sl81cBrmyrlnRbi-cU8J8Unp3VyNlqN7GHWxW8Oo5EeVg3jAx_56r6WFnMqz9jasyOhqo9leGa6U9pBUeUOmU5JuDdknARjYg1qEjbkTkdr1OkIl6hlIUa8A2Ph81ZeVyitlhek5eB6DNtMGDX3rXrNqMrbo36FFC7162PZ7G8JaVlT_rDEVMpZCxT8-vr89jkl0RVn0ImwsU5ZFK-nd0ERNIFjaPOeix2qvnQEHI_Yj_xtnNXG4jUut8Q-x0KG_H85CW3QsJsfc9TGrpCirXdwP_ke9h77qApp_fDUUIg-g3fPtJ28qz48W0GLolC6lqZfcaYHM-WbUdaK-0sjTBhBoO8OnJX5jaXYDjWAcnYjbhFBXEStiC5mNwNRh676bzuAcXAf9joYABZ6sWYM2Y08jWki-6V0z1x0NWBVtsZ37hoHZObSkrtkDy_mqzSJHXwGPnjfqF1B8x2XAs-7SFKxzNLD-5o729yv4tkwZyAo6tjPJSlZfUXdHT_oSDBCmHTSZ8R46XdO2bwa5YnJ8llmdndKzJq81Hyh-khyQIQlBbt7TzZMBElzca6uc4va5yOFTckQfAgs2496z0SelfhK33oDwFDfdhyS4lfE&cid=CAQSTwDICaaNuc0nnwarQ7NX482tgdnnU1YhN8X5xCwyGWbR7MCmdWRl8UaIWFG3jZkkB3wA3NjZHgHJwIyjpEhNYzBGsjNVxU2Aamupgaqf10YYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftl.net%2F&ds=l&xdt=1&iif=1&cor=9506844345274601000&adk=1964084972&idt=311&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a950fa6b8ffcc5d2700e1cd4d6ac6eeb110e8a99994a84a4856368b4c01f8ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38869
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3DDC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfadb433c64ae6914ed5f4a1a102ae5a0f2170e51952b1069043b848620aad3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbm.js Show response
cdn.doubleverify.com/ Frame 71C7 428 KB
102 KB 619ms
182ms Script
application/javascript 2600:1408:c400:29::17da:da4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbm.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 21ea3aef6e4552ea99ff95029cfa438b1eb76206988e6c199891f842d2505c40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 23:55:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 12:34:45 GMT
Server: UploadServer
ETag: "5303e2aa5f1e5fc8813f1bcd0d4e5696"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103876
Expires: Thu, 30 Nov 2023 00:10:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 71C7 31 KB
12 KB 130ms
129ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHLn-TicSx-bVOv0FcwnjeKPHzLaoL7YPcrevTEbdxJGns6TNAup-s-IsMiWOlGUxwqX8W_aBXYuIMSWnH7HtewMdrSpPSaYoW1zuU1iRIYCSqMmVJnFPhc5ogyeCKf4YMiRfMwT6Rg0VqknP0kCfooM8Be2P_gPq62I4VKbMNYIIqveg&dbm_d=AKAmf-B2hyocCpjLpA0G0XBgvTuMDwuoLxLAlOdk24ii3M8suN7sjMKoFk9G_5lSUytyo7_Qv5eF2Vu0_17jAtWMkg6Z71w9or5K8jZOjNt37xnG2MllXEPBEUroPzgWRqrDz9kqbqxmGtCiEIOzGI3tZ5qAxMguGceTHQc7LyOUMgnvyVk1uk73XCIxfd8FZ6YWqgdF2c6fdY6En-gyUtbr7SZLiGm_qoThsNGJwKbRGg-00DoIaQegyoLYCeet3PywLMV01krRX9-dKKp0LQZBMiOiyt4OPIxMoASaJSDZBToeWOyIDQOri9LKB41HgwZcE_NWGMGjQkCv-D-OaTcq9PzGkx2QvNK7rjigDD1l9Uo7aOWur6J_vFHyNy7yuoUQnz2FSxRWOMEKsPMeMJAYOnmrB4iPj6AJVyeN3pBWCoRK6PaM1YJzoCMXzjHCPwYi8zSj-_8JTHYr-CERi9c9rx1zsMWtM0t9oBxEAjsFvsEc7NIbRBNLVCJPsWV5WOd7_TIAqElWa0RpdQ_MkkRhC6lX5KTlSNzYt8Q5p2lNK-_1TpPpinbdFTU78lwhNA6yxzTPvqrprqtACMFcelDh--XDmvKymW_JZpw8pzCWaTQookkCx21oYHeSgidRZx1RtShJhnH8nNHf6oOslzzzVlKYHoptDCRFdRKKTdBgP3QffJelsToz1iKo8XC8uVONcVWZJgpXZbknpKCFzmetJCVOPChKxGGF6JnEXW2alyTl-56dTOLiS76K_r1FcNR9TL4eMEjTCXUK1TA1bAuBtuq4wwas1uDTIGjBDGLsL9FCQZFex4n8Lemo0MOZBbrzlfGfxFpTy_t_dBQdTg_DnBG2tpiw0cDGZBPRPveUePUummEN_5u6oMS4TUmfpXE4p3-vh2AL_DN4lFin3xFfHP434VVFGLvk15NriHUbIX40tRgdNqMHGcWfYkPByK8CNqIOrqUqm8cQF_2oLwL6Pb1nOUBlbCL3uEe8ULvVohBZs0XNyuPV4J7iibrjTgbQz9wBJk9p8oSZFxcYaYs9IC-ZzL7nnA1PnmqmmPim51vgg5vYUxJsL6O24qLjPt2oWlI5z68hZvd-BkiKcSRiYSvAnC47DkuS3pB7wbQ5udqkMaDE--DriWZNza2XmFAF-9DC0gMWpUtSVnHaIhEdQu5z2A6PBDU0Aul9SLWygZK_3IWI8mYsB7qOMHH5mw9sXuUaz4DyHRrT082pBw4lB8bV9Q7Fpm4t7Kf9a8fyJid2t3_CnD2orMRLa3XEqYCIctPyErGtFCcmreRg9y1gBQBGHBFjwZH4jjVghqaM4lzBRRGBe6TwDAiXZ5QIrwD4GQFeORbsC5Qrf_YFpY1ZUnWrG7R1ZEKVt2wPJYHidSeT72Xq0lwQipFPI72X4gmu2F1m0xnEXkSJW98G-4CbJfhtnnxVnHDQ5TzUOxckZq8Qj5Pup-2KhlCGkcSOu0WTeodeIsaCUesJF1dXE_tmJr7W1SqqzY6BPYqSoXKt0aeZXmmjSZk1sFsS_Yy1Iut0T5iYDkXeGSlwE-cVFoTDGVOxUPw0qBSrgwMctgy-gst97sB_KCjoe33WN_MkLmdI6gC5GGH0JZj6Ao98G4WVflgv8ykcs2f_jTkFOfK_ZrTlAqkaNq6sWKBjeOMaeY0Z6XLFWEsWRwkCTv_KsKFYLjRseUWY3rt5rI2doRCRwIelwyxcegloalGNhK8N_hCihaDy5ZVNeXWjlu3IkVp3PJAGtlzwRFp-fxpSLm4IOvR_U6MaSQ6EykzixjLg1IXMt9N1umlupho9tkjILyVPy3NE_cfyqKnQbd3mIjp9vwETXNzETniuaxJsGz1eiW9Q_29OIHiKvb65CvTwMHUoD4AFhbGiGJVlL_QKP_UF5IO4jEmdj0dWHdmXonD2s1NxpDFmsjD5E3sIlVKVBLGG-lNRBMHXjAZYHgXb9UMW_G65dUoUVRKAe5poGw3sV8V5duyPmRIqX6jVQplkmFdbSs98GbV-aQD8eszqN7hQuMoop-daqfZGlWOMAKQV2fse-0h__Zetd3JGxY5l5mDXzBo-g_T2xLyHPBs2q22HdA-9CKm6dI2UYm1cP5UBeVjtqiKIDO3ijNq-iHGQq7dHTfqLwLosMH9QJRPg8cBLHApzRpAzm7-OpblJ8D0Ba7b-kRz-ecBQR_yXLi60bogH-qXf0mw1odsyWyKtyv-_AxYY-U_kfccq5GGAdHMKBhstnr-u4SBeBClsdRLFHJdSK2T9Za_5yDUqvjZ60CZuV2LcYtGe6dQCVr8dOVCwrp1h5-HOFXSbY1gtgzLGAmItUF1iyh7XfuxHxfBg1jKln16-SFtko-YzyWRC-hs50xCRhN5OZczyyoVEuMSQnnfxa2k991iMAF-4BN5yMv1IPm5t0qz3FSPtxu1jcs9_zd0iqxs_cPdYlqxCyUSdRfGWyTTgngiUq0X0ba3pAXOG9jyZJOk57cD24EF7ShsVp05g4v1FBXRKkUb6wvE7wVmy2X7rjOx6TEG2czzVKHerg2tI5-nuHvVAAVxZTFwTf2A7mNgkhajTzjKxotK1QkRrxEQXLfBVWrR4oyjHsxac7c1SlluE-LNj8x6q9Dv1h5tDQ1XVwAp29QqGVy3B7rnfcG2VxPMRDTGEzobywbst5pIKJK_FqfgCnQxSGzAbFeeC8r5hifqjoLBukHb397p0kee4ADp8o5aOzV7pPf1PVIYA2lkQcPqOTwo1seHQB1M-8CCpV8DFSnibVMfdnrYeiW4bnstSg5_AdO36QQMROQvS27QCod-lI1RG46dgRW5oS_QgD_S7mWGoteIGNyuGxeWOHo3D1WTxv6-xnJz6sWeDLVl-WESUXtPQ8EEOb2TLM292iG17DQKfGgbNMBW6u0RmbArIqhWusp9LKR5HbznLWVcDesFs8V8pSOT4VQzSmPTNEmqZI-WQd0yshu8OJNdrNiIJ085f7kzJ8YJJ2H6U819lyML5MTJXgK2i3sV0xpwFhc9h7D8rMZEmtP6R03hsgQDzVQlHvPZq0q6ScpIdsey-0pR08wo87A3gOy_97PAKL2he3ZkNJ9cViyyNUVh4C7IWyZps5sDFlulhTIbEWKidhCgAiWihRayqCcxAx0dCQ6xC4KjJE4a_aictXl9D4XGL8reEo8O2_axNOPIXekswCms_9sX8pa17RnGqqQhAEsYtGJhHGAsK-J1jFtwJpBukJ7YMWjC6_p-ZKArgVj9Kxlo_XirUyu4nDAeLeiR1EX3iPArR781xB42YHHI64LTAa9r0eqf0haBmbRAMYzq3sveLnBXSUcb35YwkqlnUOvzevC4_KEDCFibzpUMEf5iVkM4rkHn_RjUJVZW3AqqpDDTWV7kMOyuJzrcyWjfDO3XAoAp4nOcLREoA29kdYnimZAru3zpofNKPVuC73qGTCvqk83nNWcD_jCgYBkOELuxXTGT6RFEqJXGjLTsVcKMg7MFUHjfrc0K7578eM-Hgqx3T5178DEOMLnicju7pzMJFHIyBqTHz5akGK96FLWtpj4la78NwVXvxVcGRJbZeixnBCxiepMoUoKpcXl3dTGaVVESG_KUTi4WtWlmBV0GPrj3PSMvZk2A3PEbpi_P8b98&pr=8%3A2F0DDC41D5BED776&cid=CAQSMgDICaaNGnwGdoMpcn_jPh7OsAaWrk3MDKHF4hxyOMJ9JXIC--lIEGnyTsZYp2hQQApGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftl.net%2F&ds=l&xdt=0&iif=1&cor=3796461804459295000&adk=2056123629&idt=695&cac=0&dtd=69

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 08:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:08:18 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71C7 202 KB
64 KB 120ms
119ms Script
text/javascript 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 23:55:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame 71C7 11 KB
4 KB 135ms
134ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 13:25:54 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 71C7 0
0 508ms
174ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf5G4hAXUlngtVJTwYJkiAGmgDhn28U3embA3UAyqgZLZbR2EAmTl1iwIWALhUN_EtW_tNcWDkwYfQfzjiunNZ6PBFzrkGhjmXIIOnir5Z5rQxGNjcr4aLlTd1mpZtRBAno3l15UekX-38cukhQpZY3jGGp-AtfzyKHv8o-2xDIM-eARfxeuAqlHFtHVyjZhS0M4RGa8L34X3d21u5PHdHZHEOufM7En8p-QlfwymrpAA4NGcL3Cm7EUimfnKtpvApo6srThggs92_Yw89lLPFLLHFUMU84JCLd3SH2cxCYs-J-eBuIfwVPu3gndntxGfVVhV0XnYZXFUUvi5vQM-bVtg_Zou9uqyLvDVXEzBt6aIRByNXoG9YrRJuaiKrl47qjzqH6WLgGgX2CjnR9Ei57X18x_JXuwvbwcTl5WaHM9pXXV49i1vYV8KpchyTzxa_kFyNE436E6hBw5ThoMrwK0wydT_TwyDHhoCZWfXJeOgFmtuYKt2Uj-MLOUt8E0qfgDM2zGP0akNJQmUehwM42NuGLS54AeBu2E0yPjukkBD9YmhA8J7l4iHBjLaEfzwg95v3YmGRqp1c4Dv5wF2qMujXN8nRV2zl7oVDL9KpxGe1Of2gzX3J-Zj0ZuJ35gq9KkkOT-_WD0MYCRw03acKnfSjIW1Om9zjCF2LmNz082jd0SYNV9P7KC27vSODW6IBSW00iGvDYjZaFPHm7L3lY1I4ic3VkoKREAG85V4pOcGSPDg9k6WuYxiHqulBran43XOxl4ipNGzRLIGNwqAhBNnDGg1H-8DA5yirTmSLGJiC7cfCs9QLfr1CsAoyN9zO-N4gbFr8XZQykDqUBek-QKEywIT1MkA_vKpDksUv9UoOBMv18wwznLB3LXfQcHIVKuWtMyyH_REPa65UlqSVrsGuno0McFdc5CdKpF131W8ToIxsWFDz2Ejb2VB10LTSKR954hDRmhcHPmlcpuDPPFevaXIx4zxycqPqUED6QwEiLTxIek8f6B1UaYYf1j70yRTFOiCeCLYe5HrLx1JMBnf36GEoFZXBNP6OxkicYx4pZLy1J5mFX_K0oHztGwn200Qq2hct-giOS6lWiQ48rD-hvb795we2_XW2LFB0kd_1Ojq6dKt1-dr4maxNRpYH2ce4GWpwVYugS_4TS4tXghD9BhE8ugFxykyqIzjiVaajXj7y_IkRpLRULsO8TIo_530SYpdBWlliNQJcOnJZaaPm5lo-O1_tCwx2-H0xSIWwq9DH3UjY7JsvF8J02xYEACplvw&sai=AMfl-YQb-ZQbo8l1HR1Wrm5vjds2QXVjo7lg5x2BClQX19nUcBb0xleU_XZLKeNUAtcMKQ0F2ifn9XZhVC6AmnoP3lXqz1yzqh87dGB56oQbWLCyVAVz00aRQGdYdshlYGcGzkYYqV_6_vfSnrNDxwVgTUgCyEWZNpTH23LVL0YYwX_1QFQuCxbKBq1mPYBwWWOkpM8MVAoZCSCzxWIwhjd6NTi5LFh__RGinMetcK9YB_b5Alx5kyA4VxxO1F2rNTYXpMpRf_xqJcBIazdc1EngOQ&sig=Cg0ArKJSzMmVHEPAQqEkEAE&uach_m=%5BUACH%5D&pr=8:2F0DDC41D5BED776&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231128.78204&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 71C7 41 KB
14 KB 131ms
130ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 409894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 06:04:23 GMT

GET
H3 200 17328391646874308298
s0.2mdn.net/simgad/ Frame 71C7 94 KB
94 KB 100ms
99ms Image
image/jpeg 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17328391646874308298

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

adc82bae921ecc688a4a6155c1b137da750aa9df886ff9641567e3c83198a9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:10:18 GMT
x-content-type-options: nosniff
age: 99938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96071
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 15:11:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 20:10:18 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9D24 281 B
555 B 496ms
178ms Document
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Requested by: Host: tl.net
URL: https://tl.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 23:55:57 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89&google_hm=OTI1MmRkYTMtMDk1NC00ZDRkLWJiNjctMDExNmYzNzYzZDg5
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJ8LgSQM5omi55kMwOSlPVM&google_cver=1&ssp=sonobi&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&us_privacy=

49 B
769 B

106ms
106ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 29 Nov 2023 23:55:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=ca5fafd3-8428-480e-9171-2acf619595cd&pubid=91e92b73fd

49 B
845 B

133ms
132ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=ca5fafd3-8428-480e-9171-2acf619595cd&pubid=91e92b73fd

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=ca5fafd3-8428-480e-9171-2acf619595cd&pubid=91e92b73fd
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 227

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336246572764449

49 B
826 B

96ms
96ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336246572764449

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=997336246572764449
Date: Wed, 29 Nov 2023 23:55:57 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://creativecdn.com/cm-notify?pi=sonobi
https://creativecdn.com/cm-notify?pi=sonobi&tc=1
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Q5WRN7WprJ699KewQqsm2gIvK0gC7SYJWIPqmRZlRGk&pi=sonobi&tc=1

49 B
776 B

98ms
98ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Q5WRN7WprJ699KewQqsm2gIvK0gC7SYJWIPqmRZlRGk&pi=sonobi&tc=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Q5WRN7WprJ699KewQqsm2gIvK0gC7SYJWIPqmRZlRGk&pi=sonobi&tc=1
pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT, Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ERMWsRJhXKxxAxmZYZY3DEYZ_7o

49 B
760 B

99ms
96ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=ERMWsRJhXKxxAxmZYZY3DEYZ_7o

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Date: Wed, 29 Nov 2023 23:55:57 GMT
Connection: keep-alive
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=274961a8-104a-419b-8634-81c53fd8d4d7&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=M1R0ZW92YV9Vd3YtRXV5X25tTTJWQQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEC7SWZxjw8n7n1n-FcV8YkE&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8CcfhtpftGWC

49 B
744 B

97ms
97ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8CcfhtpftGWC

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8CcfhtpftGWC
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-vfd6t
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 135A
Redirect Chain

https://id5-sync.com/s/434/9.gif?puid=274961a8-104a-419b-8634-81c53fd8d4d7&gdpr=0&gdpr_consent=
https://id5-sync.com/c/434/434/9/1.gif?puid=274961a8-104a-419b-8634-81c53fd8d4d7&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/434/2/8/2.gif?puid=4511551991250421269&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/434/112/7/3.gif?puid=3D6EDEE8B43D2E62&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/434/429/6/4.gif?puid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/434/441/5/5.gif?puid=u_fb7b974d-37b2-44ca-bd1f-7d95b89bfc9b&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/434/108/4/6.gif?puid=190f0788-7373-4d78-b3a4-58866c604c40&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=ca5fafd3-8428-480e-9171-2acf619595cd&ttl=%%TTL%%
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F136%2F2%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZWfPkAACn76OgQAa
https://id5-sync.com/c/434/136/2/8.gif?puid=ZWfPkAACn76OgQAa&gdpr=0&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...

0
0

GET
H/1.1 200
OK 7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ Frame 135A 0
0 560ms
198ms Image
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 135A 43 B
479 B 102ms
102ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=274961a8-104a-419b-8634-81c53fd8d4d7

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0RRQ4V1X49QRWCHJ0MD4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 404 ID1=274961a8-104a-419b-8634-81c53fd8d4d7
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame 135A 0
0 713ms
230ms Image
text/html 2620:112:f002:bbbb::23
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=274961a8-104a-419b-8634-81c53fd8d4d7
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

usg.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mjc0OTYxYTgtMTA0YS00MTliLTg2MzQtODFjNTNmZDhkNGQ3
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEERI_DNyVzIbVM9Rewh4_9g&google_cver=1

49 B
763 B

97ms
96ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEERI_DNyVzIbVM9Rewh4_9g&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEERI_DNyVzIbVM9Rewh4_9g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 135A 0
704 B 480ms
167ms Image
text/plain 108.138.64.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=274961a8-104a-419b-8634-81c53fd8d4d7
Requested by: Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-70.iad12.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
via: 1.1 fcb94596db202c75ac0e559b3183be72.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD12-P1
vary: Origin
access-control-allow-methods: POST, GET
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://sync.go.sonobi.com/
x-cache: Miss from cloudfront
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
content-length: 0
x-amz-cf-id: CAsp63kdU_on30q8wCXoyr2DoT3r_v3gDUV0d4nK-_jgOOij8FbDZQ==
alt-svc: h3=":443"; ma=86400

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame 135A
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4511551991250421269

49 B
751 B

136ms
136ms

Image
image/gif

69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4511551991250421269

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
an-x-request-uuid: 1501ba82-2dcf-4d2e-8c8f-ccbe32075865
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4511551991250421269
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 135A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=274961a8-104a-419b-8634-81c53fd8d4d7
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=274961a8-104a-419b-8634-81c53fd8d4d7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

95 B
443 B

112ms
112ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 359

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 135A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7

42 B
717 B

140ms
139ms

Image
image/gif

34.235.18.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd

Protocol

Server

34.235.18.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-18-139.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync.go.sonobi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0df904793.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: oKQHJwuISHs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-06c215987.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: /tWL3cu7QhU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=274961a8-104a-419b-8634-81c53fd8d4d7
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E5DA 111 KB
39 KB 533ms
116ms Script
text/javascript 2607:f8b0:4004:c06::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Origin: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 06:39:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame E5DA 11 KB
4 KB 120ms
119ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV-O3epCEAhYy_nsRaUlA2yFjXXur4LEKmK4zBAgR2hxq77EAjlgFSC-bXk9E71SrwiT3Xq8OIzpgMA60nzhBe6aaVHGZfH9XTm77LIi2nJyr4MwfYXv5LZ2X59RhQAjQTFbzVSpe2r6JzOuOJ4fxFve2EQjSVCeuXoM2E9YCjaKDXNiQ&dbm_d=AKAmf-Ao7RPPy6UnEIpAviX9Gukqz7v7kQ3XiF6ozK_6A93DwcDZMwkph7K_IIFa-ewm_foVOwbrf5sjO2xO7dndI1mTZVJoeHTw3guZAmyOVI-mZFSRvDf3iEdi3CKnWF65aqlCXh5aNlBH4H1CDZONJtmpXBWUIp-5o6HTWD8lJGiLV9VqzvltKwdPP1SLi_g5eZrL2nfCVJpFD8WDYTsIVRf477oHlI2aSWydQfOUhBOVVj6eSSDuXIdpvWNsUc2kHhXRkl3EQUTihFykfjqkDlwSgh35MatDOG5U2ubVD2R6lezqwfBd_p7O0RJOfEZziWEORwvS-Dgjf_iSl8wgaoFXZqgdUo09kVDVvUg_QutdgVlgQscfZakzBGefmJbktjcX_0D4OJQ_NyQcrz8klYhNSl0FsKdUvaaL1h4f5p_61fyBpnit3MYZtDrJnVd7XflHCMe1KZCjo07KA7s5P2mHXidPP2aoDL6Xs0eHeuYUrRAbUp0MRHfGjs_qCVHDRgTJ9kYnjXTJS-FUGR9hLY9546ejxe_9IXxZwcIpR-EWcpcL2pPObU4m0GfLxxMplERuYdx6zEytok8H9YElJZo4XFE_rIUbwn_YJ4F4e_OU_rlS5VHAMombceWEhE78Dab3ssIAuAM2Bl7qW1LoD4GHBSkh1ie3E2KxpLy2P4Iic47ozoA4spcsHjuMgTG3ebbS-jCr57RjrXg8xLPruv9GUl1K_Ndzn48urH-LbnxBJI_93sgtbWt9E4MItRqQYQURceHA8xdkW5os9uJWGzrfCpHV-msORJXSSaM2facE5Qb-YKaX8jQQNYNpZsG7xTBhfKh5E6eKzvLJBTAVf9pna4ma0NwoRSZheUcXmZMuTOGf7LDP0RGOnQbi-Isd_qbxNHzbwXIPtBzPbID0nsA89faMymC-TVWkUXfuLKUymDxpUK6kxWwwTKVPua97jdAktT87ufm-G_Hl3jTTcsCvzCQ1ahax0dzVUPZLEE6Uy9HlbNsArF3rpBeqLvyoITFtOQOKSNB34ACmiGRCBg4Z76ERspOAdce0y8FhRfuZWgoDwH1AaHuWNdjkv8qwyBAtQ0YhfAI5QQfxW2GdmSf34yjYaAlVPcameYVOz4huswxOKFx8ASHn5MAaNhCv-sgFNbCDSvCLpzg9DWuLIWIWJpIOC4JaCCu82qDlDow7lLSH9ZY5BPqwbKJPPobwaadQVo4h8DTIH0v1mlw3kPmO29ex5lta7B6fCMmJZKzAJl_K9sMzHmf3n_V568vH9-zTFaHXjZIWjZstcrHmg55zwq1fqLQGJVksUHvybsZxvH4MmSm-qM4zEgIDM84f7nIH5PXB4flowX73hh33tREC86udQ6jYvs-eu1SGPw6-fRf0i_hL8ytJOlqAKr28h-nopcpKf0rNzEoNjGGH0mq6jdpcvJ6TRZNWW6vJkYe9D1o5nwYT_UW8uNZf1hdiwVgI2_dQA6mXSmU9A_3ANgM_LQSV87x5DPvFL52zi6_PdUe2jP-Mo16gmUzt3iLk-WB9SZogbUaLxdg9vTVJXbEyFt22B1ub5yKcx23v19LU4BAme_6I0Kk1DiQv0e9i06AvTpKmS9Tea3iUc32FCvjsRtBJwuVNIA8bF_gC4OuRh08ufNrp7tiafGs1zw_uDxbjZjUiU9XJ1VVrtSHoP6th5kn1DSz02V3bQlkZSto2ekW4QIC4UDBJtmEKeucMZdF90kwGFooeGJZ7IQcpdGmGVuoISKsaEa6rAy2ISJ3NeDmExkC24PgJbTgzZlTxUFjpNNmuKci3yOGR40j55kFPWudZpCd-6lkR0hVs1kbksq5eMt0aG5xE604EJkIUFim2X98R0cgsynTkA3TOn6zJ_rDsFamGECsdnw_2gC0ZYk7FGaKeofbLlzBhAY29JLl7hjzHRipp-uBeOLY0UK4-yb9mlLSV6kf0PFF8N5FUaKYSv01DnOs9Wxdmg8qGhzBwvMA_byZ-C2pFg-wEMpx1K8Z0qtzOCSoUsZG1Dzf-T2f_lW_6yObeHohk8l7O8F5SHkpTku6zhLghDZ0geViDn6RIuSBKL-xiw4mANb4_i4LpkVNhmg30Kg28m13qNjUegfaAfghlhVfxIm99hV9XzYupY4GJvKI3oehx4_9EDfABF36UfBTlsImRvUhmLDHnFsIWjLRzIOA9tjAc9jpczGXvAiPCAH9c3jzaQ4K1ObbCsfOl2kHuRS19VLfVSN9rOuYOIBchPmesfUzgNSO9RU88yHsSWnDBm_9PYrX0pTF64BtxXrj1m6puPXStXSI8D-qtjWWfL1mQwyfSzFkgyLhVRBXcA6Oi3QtoBr5OZlwaYwrLvLRAUYF_TR2XCSvuOhbjyxPgRznIjghSv2Z2BQRsSO1Tim3vRrFuMBl5AsrmBwJxRecrjBFyqwJUs0eu9TeYcWvpjMewhYb8T91zq34EmiHRiopfyzROwZUUbHqnDuLekizRsz3o24VS8X1Qwc99Eoqeb8QP5XtR92gN4ayypbgUtEQ0NVsuN8Tpz4djUs5Iqh-EvS2WWOsg1HPwdT8ai2hWmj-JedzGj09RMVdJSedf5Ye26Gh7evopQfMo3DqPWCSagvr3DRv7JkwhhXQnenz5T0Xs5lmNhzLRS2RLqlWLezz7F9yAbkqVCS5xcfRkE8g8utwNiWnjEl1td8xfxlZFtVvzutsEsp7T-xan7paZbNOG7X9sqwv1KtpF5VBaVc5rBWQi7UXtctNFxzGg5zQYP5L_0paZkYtB1rGI8QJj2W3T33TNmHWUVzbceLbDgWjtVPK4jDsfZ7EkcH6ZC8Xk8DLVdAlrXXnDUzv-RObnqJlVNNDrXxn0eDSVsyF51NSeTShtZOYFgMgvn00jzRHNbBPkQ3JzuTSMOVh54LtQIWgwuT56PbnlM9D2iirQ2Uc6sn9aOgH7M5OH8UC87BafMakNShLCeqBiah5KGF704TwYRoHpxjGZw6HdJ7oWlx9j4CWtAJW1vDyW8z0fVZ3adzdbN-XoU9RtEmKoKeXK4sl81cBrmyrlnRbi-cU8J8Unp3VyNlqN7GHWxW8Oo5EeVg3jAx_56r6WFnMqz9jasyOhqo9leGa6U9pBUeUOmU5JuDdknARjYg1qEjbkTkdr1OkIl6hlIUa8A2Ph81ZeVyitlhek5eB6DNtMGDX3rXrNqMrbo36FFC7162PZ7G8JaVlT_rDEVMpZCxT8-vr89jkl0RVn0ImwsU5ZFK-nd0ERNIFjaPOeix2qvnQEHI_Yj_xtnNXG4jUut8Q-x0KG_H85CW3QsJsfc9TGrpCirXdwP_ke9h77qApp_fDUUIg-g3fPtJ28qz48W0GLolC6lqZfcaYHM-WbUdaK-0sjTBhBoO8OnJX5jaXYDjWAcnYjbhFBXEStiC5mNwNRh676bzuAcXAf9joYABZ6sWYM2Y08jWki-6V0z1x0NWBVtsZ37hoHZObSkrtkDy_mqzSJHXwGPnjfqF1B8x2XAs-7SFKxzNLD-5o729yv4tkwZyAo6tjPJSlZfUXdHT_oSDBCmHTSZ8R46XdO2bwa5YnJ8llmdndKzJq81Hyh-khyQIQlBbt7TzZMBElzca6uc4va5yOFTckQfAgs2496z0SelfhK33oDwFDfdhyS4lfE&cid=CAQSTwDICaaNuc0nnwarQ7NX482tgdnnU1YhN8X5xCwyGWbR7MCmdWRl8UaIWFG3jZkkB3wA3NjZHgHJwIyjpEhNYzBGsjNVxU2Aamupgaqf10YYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftl.net%2F&ds=l&xdt=1&iif=1&cor=9506844345274601000&adk=1964084972&idt=311&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 13:25:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame E5DA 31 KB
12 KB 124ms
124ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 08:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:08:18 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E5DA 41 KB
14 KB 118ms
117ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 409893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 06:04:23 GMT

GET
DATA 200
OK truncated
/ Frame E5DA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e73e744bfa4eca8115a334ac64145eda1059f9922d2e7d75e0baaaf22d8347

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F42F 13 KB
5 KB 119ms
117ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 23106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 17:30:50 GMT
expires: Thu, 28 Nov 2024 17:30:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E85 829 B
1000 B 132ms
131ms Document
text/html 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6af78b35b780897ec5922afb7046e78240bb4846b7ab6c46158dabc18f691d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--bv_Ud68ODFWmtoxKScBLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--bv_Ud68ODFWmtoxKScBLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:56 GMT
expires: Wed, 29 Nov 2023 23:55:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 42F0 38 KB
13 KB 144ms
143ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 438532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 22:07:04 GMT
expires: Sat, 23 Nov 2024 22:07:04 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame B925 43 B
479 B 127ms
103ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e0a6fcde-9ff1-4bfe-82cb-658842689081

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 80KSDTWFA79JGV8X6DRM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B925
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=

68 B
280 B

100ms
98ms

Image
image/png

3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B925
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZTBhNmZjZGUtOWZmMS00YmZlLTgyY2ItNjU4ODQyNjg5MDgx
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=

68 B
280 B

95ms
95ms

Image
image/png

3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:56 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B925
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-111316b1-1261-5cac-7103-19996196370c$ip$70.25.255.186&gdpr=0&gdpr_consent=

68 B
280 B

102ms
102ms

Image
image/png

3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-111316b1-1261-5cac-7103-19996196370c$ip$70.25.255.186&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-111316b1-1261-5cac-7103-19996196370c$ip$70.25.255.186&gdpr=0&gdpr_consent=
Date: Wed, 29 Nov 2023 23:55:57 GMT
Connection: keep-alive
Content-Length: 200
Content-Type: text/html; charset=utf-8

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B925
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0

68 B
280 B

140ms
140ms

Image
image/png

3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
Expires: 0

POST
H3 204 018c1d82-b452-7000-b43a-3bd54f786dc6
tracker.nitropay.com/viewability/ 0
181 B 138ms
138ms Ping
text/html 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/viewability/018c1d82-b452-7000-b43a-3bd54f786dc6?viewable=true&timeInView=1000

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html
x-cloud-trace-context: e53aca959557849c03612e5224758f77
cf-ray: 82dec8d38b623773-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 i
tracker3.nitropay.com/s/464/ 2 B
183 B 143ms
143ms Ping
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 1a1fac9b0152f59d67fb230c959f0a41
cache-control: no-cache
cf-ray: 82dec8d38b7d3773-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E732 2 KB
2 KB 422ms
111ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86640530&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6a9fd5d000be61813ee3b5fe4d2bb61bf71cc3f133daf666a8983013ec8615d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 29 Nov 2023 23:55:56 GMT
content-length: 1766
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame CD24 43 B
479 B 269ms
99ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=4d7ddd0a-080e-8a5d-a1f1-b629e4f87db9

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1H8BJNKV28SP7FH40P3Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 816cc733-8408-a3ee-5028-224b739c7b10
pr-bh.ybp.yahoo.com/sync/openx/ Frame CD24 43 B
604 B 667ms
201ms Image
image/gif 2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/816cc733-8408-a3ee-5028-224b739c7b10?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame CD24 43 B
855 B 273ms
98ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=4d7ddd0a-080e-8a5d-a1f1-b629e4f87db9

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4EZSHRPCZXCTFX9DYNAJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame CD24
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0&gdpr_consent=

43 B
62 B

135ms
134ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=15aba177-14a4-31a7-61ff-34be8ccbb659&gdpr=0&gdpr_consent=
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CD24 170 B
233 B 129ms
128ms Image
image/png 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzljNDcyYmQtZGRkMy02ZjAzLTc0MWYtNmUwNzQ2Mjk3ODM5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CD24
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEAafpbx9qShgFo3ADuoRcI&google_cver=1

43 B
181 B

116ms
114ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEAafpbx9qShgFo3ADuoRcI&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEAafpbx9qShgFo3ADuoRcI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame F446 43 B
479 B 356ms
97ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=HvWbiBZHsFTXPz5HTfiE_kzO&ex=sovrn.com&gdpr=0&gdpr_consent=

Requested by

Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8R2T4TSGAY4CATWC1J11
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 sovrn
tr.blismedia.com/v1/api/sync/ Frame F446 0
174 B 415ms
149ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F446
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?3pid=AABB107Kz58AABOVKFHtnA&pid=85&gdpr=0

43 B
865 B

109ms
109ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?3pid=AABB107Kz58AABOVKFHtnA&pid=85&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?3pid=AABB107Kz58AABOVKFHtnA&pid=85&gdpr=0
Date: Wed, 29 Nov 2023 23:55:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F446
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0

43 B
1 KB

112ms
112ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

GET
H2

400

qg9md9mk
rtb.gumgum.com/getuid/ Frame F446
Redirect Chain

https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]

168 B
168 B

503ms
172ms

Image
text/plain

3.215.193.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol: H2
Server: 3.215.193.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-193-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 19c0a69dec77a552b2a5e14f8b292e486a0eb54a2b224756723bbc8478c7e7b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
content-length: 168
server: nginx

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F446
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=5SrfJo5xkd6M&ev=1&pid=558511&gdpr_consent=&gdpr=0

43 B
1 KB

113ms
112ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=5SrfJo5xkd6M&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:57 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://ce.lijit.com/merge?pid=49&3pid=5SrfJo5xkd6M&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-vxmgl
expires: -1

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BA66 38 KB
13 KB 146ms
145ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 438532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 22:07:04 GMT
expires: Sat, 23 Nov 2024 22:07:04 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 0
20 B 158ms
158ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=Bmo55jM9nZda4H8-noPwPxrOM0A8AAAAAOAHgBAI

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame F42F 39 KB
15 KB 118ms
118ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:52:23 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 42F0 39 KB
15 KB 132ms
132ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:52:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 71C7 0
0 197ms
174ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf5G4hAXUlngtVJTwYJkiAGmgDhn28U3embA3UAyqgZLZbR2EAmTl1iwIWALhUN_EtW_tNcWDkwYfQfzjiunNZ6PBFzrkGhjmXIIOnir5Z5rQxGNjcr4aLlTd1mpZtRBAno3l15UekX-38cukhQpZY3jGGp-AtfzyKHv8o-2xDIM-eARfxeuAqlHFtHVyjZhS0M4RGa8L34X3d21u5PHdHZHEOufM7En8p-QlfwymrpAA4NGcL3Cm7EUimfnKtpvApo6srThggs92_Yw89lLPFLLHFUMU84JCLd3SH2cxCYs-J-eBuIfwVPu3gndntxGfVVhV0XnYZXFUUvi5vQM-bVtg_Zou9uqyLvDVXEzBt6aIRByNXoG9YrRJuaiKrl47qjzqH6WLgGgX2CjnR9Ei57X18x_JXuwvbwcTl5WaHM9pXXV49i1vYV8KpchyTzxa_kFyNE436E6hBw5ThoMrwK0wydT_TwyDHhoCZWfXJeOgFmtuYKt2Uj-MLOUt8E0qfgDM2zGP0akNJQmUehwM42NuGLS54AeBu2E0yPjukkBD9YmhA8J7l4iHBjLaEfzwg95v3YmGRqp1c4Dv5wF2qMujXN8nRV2zl7oVDL9KpxGe1Of2gzX3J-Zj0ZuJ35gq9KkkOT-_WD0MYCRw03acKnfSjIW1Om9zjCF2LmNz082jd0SYNV9P7KC27vSODW6IBSW00iGvDYjZaFPHm7L3lY1I4ic3VkoKREAG85V4pOcGSPDg9k6WuYxiHqulBran43XOxl4ipNGzRLIGNwqAhBNnDGg1H-8DA5yirTmSLGJiC7cfCs9QLfr1CsAoyN9zO-N4gbFr8XZQykDqUBek-QKEywIT1MkA_vKpDksUv9UoOBMv18wwznLB3LXfQcHIVKuWtMyyH_REPa65UlqSVrsGuno0McFdc5CdKpF131W8ToIxsWFDz2Ejb2VB10LTSKR954hDRmhcHPmlcpuDPPFevaXIx4zxycqPqUED6QwEiLTxIek8f6B1UaYYf1j70yRTFOiCeCLYe5HrLx1JMBnf36GEoFZXBNP6OxkicYx4pZLy1J5mFX_K0oHztGwn200Qq2hct-giOS6lWiQ48rD-hvb795we2_XW2LFB0kd_1Ojq6dKt1-dr4maxNRpYH2ce4GWpwVYugS_4TS4tXghD9BhE8ugFxykyqIzjiVaajXj7y_IkRpLRULsO8TIo_530SYpdBWlliNQJcOnJZaaPm5lo-O1_tCwx2-H0xSIWwq9DH3UjY7JsvF8J02xYEACplvw&sai=AMfl-YQb-ZQbo8l1HR1Wrm5vjds2QXVjo7lg5x2BClQX19nUcBb0xleU_XZLKeNUAtcMKQ0F2ifn9XZhVC6AmnoP3lXqz1yzqh87dGB56oQbWLCyVAVz00aRQGdYdshlYGcGzkYYqV_6_vfSnrNDxwVgTUgCyEWZNpTH23LVL0YYwX_1QFQuCxbKBq1mPYBwWWOkpM8MVAoZCSCzxWIwhjd6NTi5LFh__RGinMetcK9YB_b5Alx5kyA4VxxO1F2rNTYXpMpRf_xqJcBIazdc1EngOQ&sig=Cg0ArKJSzMmVHEPAQqEkEAE&uach_m=%5BUACH%5D&pr=8:2F0DDC41D5BED776&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=310&dett=2&cstd=0&cisv=r20231128.78204&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E85 0
0 142ms
141ms Image
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=637932292937505&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame BA66 39 KB
15 KB 117ms
117ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:52:23 GMT

POST
H3 204 018c1d82-b483-7000-a698-0d6fc2fafac4
tracker.nitropay.com/viewability/ 0
181 B 135ms
135ms Ping
text/html 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/viewability/018c1d82-b483-7000-a698-0d6fc2fafac4?viewable=true&timeInView=1001

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html
x-cloud-trace-context: b166740ac9ef90ae33bf157376b5dd6c
cf-ray: 82dec8d3abe73773-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 i
tracker3.nitropay.com/s/464/ 2 B
183 B 135ms
135ms Ping
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: b7bf0243d477d5b82f92579a61d18d9f
cache-control: no-cache
cf-ray: 82dec8d3fc8e3773-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F42F 0
10 B 119ms
119ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AD9Qpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9D24 46 KB
13 KB 109ms
108ms Script
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 121e70847dcbb91b0eccfc83d6cb5107ac3607a187c1195cb0e046b04a868985

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 23:55:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 03:47:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13803
Connection: keep-alive
Content-Length: 13234
Expires: Thu, 30 Nov 2023 03:46:00 GMT

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame 8614 43 B
855 B 102ms
102ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DPD2M7T7CSNA8B9FY188

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 7623 43 B
479 B 103ms
101ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9DB21E03-9E94-4F68-9882-0144D5EF8BF9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Nov 2023 23:55:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 924M2M9MEYTAW6NYMPMZ

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E732
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nbIeA56UT2iYggFE1e-L-Q%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

99ms
99ms

Image
text/html

23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=93163
accept-ranges: bytes
content-length: 5622
expires: Fri, 01 Dec 2023 01:48:40 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame E732
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9DB21E03-9E94-4F68-9882-0144D5EF8BF9
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

95 B
124 B

117ms
117ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ca5fafd3-8428-480e-9171-2acf619595cd&ttd_puid=190f0788-7373-4d78-b3a4-58866c604c40%2C%2C
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 359

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame E732 0
0 463ms
168ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%209DB21E03-9E94-4F68-9882-0144D5EF8BF9&rnd=RND
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 xuid
eb2.3lift.com/ Frame E732 37 B
355 B 101ms
93ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7976&xuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E732
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OURCMjFFMDMtOUU5NC00RjY4LTk4ODItMDE0NEQ1RUY4QkY5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
96 B

595ms
209ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:55:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E732
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHw2hWoXjp95lFABbIeHXuU&google_cver=1

42 B
346 B

594ms
208ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHw2hWoXjp95lFABbIeHXuU&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 20:17:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHw2hWoXjp95lFABbIeHXuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E732
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FCB205F58A246F382079BC68FDD55DF

42 B
554 B

594ms
208ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FCB205F58A246F382079BC68FDD55DF
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FCB205F58A246F382079BC68FDD55DF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Nov 2023 23:55:57 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E732
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=

42 B
543 B

589ms
208ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:55:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=
date: Wed, 29 Nov 2023 23:55:57 GMT
server: Kestrel
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E732
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_SlolUpE2uWkkOLUaXaR1CePzrMj5js-~A&gdpr=0

0
261 B

510ms
185ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_SlolUpE2uWkkOLUaXaR1CePzrMj5js-~A&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_n-Beeswax_ox-db5_cnv_n-sharethrough_pm-db5_n-simpli.fi_n-baidu_r1u_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_SlolUpE2uWkkOLUaXaR1CePzrMj5js-~A&gdpr=0
date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 9D24 7 B
788 B 533ms
108ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: b08c627b67f10e75995ce6908d3f9f7b
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42F0 0
20 B 144ms
144ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdNczi89nZciOKf_6xtYPhru8oAQAAAAAOAHgBAI&bg=!8fKl8r3NAAaGYW-ApmE7ADQBe5WfOPmodimR0helTPFfmW6_Zt_Eq7kdi7GpFJoNWmtVDsRph15S_nkx8z2U2c7b-QAXAgAAAK9SAAAAAmgBB5kC7CZ1OWeXE6yHJ-j2FjKEWW-XCEopIYc01j9LHBTylrTIodZjiZnnKrzV0QbYI6P715_esvLIQFI1ngOsVbafKuogd4nILTizzH1Xb53kwttWY8nT_M-1ydYr0lBtDZOzT-srSl4sBpl68nBMHkeB9xVwuxjZfiUSFHTs39yDREjOGQgeiE_8fTV05Ni1Kh6MI5YKJ6zvBPcGB50mQSK58UwzcQBBxKhcTJ9MCRashx8jvdnaOpmOYV5905D_86b5ewaR76cS8primZQZPklzwbdHgha8hxswheRdicuxeoJurqNiW3-xrT4m3mKl_u3n5yrbyHcQaEQaBs97woGwoMxYsm2sKmfIo6AqkK7n_yV4UAeOkil5YafnrH2hgGvdiqGSv1Pi0HPL4v629YrYBUd-i-bDeilddnb6C2v-bKHbe-rq8BmpbSctcASFibrd1NotF5roiP0o3PRxTVujvAqGnW5KJJvAbVkSHVzRxjsU1xqWB4ApDqc8rCi0xD_QLoEc2y4VUG2HHVDSNDjL6Q88s09w72iUQX6d0JyC6if_Okhh9AWYN6vywDRAGAr84-XFn1OjylblTiXrkhqmybmsOeDSMN8j_WjNKzw6IXcj-UW9a7MnXJfmVxXvg9oJ6iVbfjaYq3_iHnmZp4aYZSBorvKbKoOPR5Ex3kgGlpDsqI1ZW2XvNG3pm8LD_KDDVe2fWLsT5Oug81JfBHW994FbkPiVx0HJe0b29dGjC1Cp0cJZE4Vn4ccU5iKYBxtI_fKuu36aVOQVUzS_UP8bqnkziMbpY2XNC_A23D_U8uaBLtKmpTD989Hv0mtrmK1i-Qje_qrPFiThpCt12DaeeHwH-UE0NXAdka5SELILybrjWVndLVJSQ_GwD3iLc_XKvUzbF1FbkqgMZA1d2-L2vKgZLMtgfYKxljHIexTioBrJ5AyRUDUGvbKmEEpxASGkP9OdYKS-fD2jYm3NAR3Y_q0bpTeVKdWhgQBdkYI

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8737 38 KB
13 KB 120ms
119ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 438533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 22:07:04 GMT
expires: Sat, 23 Nov 2024 22:07:04 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPXfk7a06oIDFSzoKAUdjEoBSw;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 Show response
6811282.fls.doubleclick.net/ Frame E5DA
Redirect Chain

https://6811282.fls.doubleclick.net/activityi;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://6811282.fls.doubleclick.net/activityi;dc_pre=CPXfk7a06oIDFSzoKAUdjEoBSw;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=...

0
0

139ms
138ms

Script
text/html

142.251.167.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6811282.fls.doubleclick.net/activityi;dc_pre=CPXfk7a06oIDFSzoKAUdjEoBSw;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
Requested by: Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f149.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 29 Nov 2023 23:55:57 GMT
strict-transport-security: max-age=21600
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://6811282.fls.doubleclick.net/activityi;dc_pre=CPXfk7a06oIDFSzoKAUdjEoBSw;src=6811282;type=imptag0;cat=media0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/16418231679751309448/ Frame 0905 7 KB
2 KB 99ms
98ms Document
text/html 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

88ff1aa43b0f49923f463ed35aea507a37811f6cbe2fa9a915433a31266bf092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2479
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 23:55:57 GMT
expires: Thu, 28 Nov 2024 23:55:57 GMT
last-modified: Tue, 31 Oct 2023 11:21:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E5DA 0
0 141ms
140ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwMRzu3ugKG34blVTuKvDoMnmo8ronB3enxL8q4y9vciAMkRqTeL3sjVelIC2ta6QPqJEkBdSgNIdRlcTWkUFWQ-KxZAoQQ8LA5cCb-2UspmnJnS2fWD-vqQA_yOu-I8CqL30YFrsjWMw9QQJHHxYsoqA9zXTfJLVDu7H7rdedXogaZiSfPU7_uAza7Ldj6exJCyR0HVcukFfqWoe98NrcpBL8QE7awfj_n0GFfI_krzOijBWCAyfceUXG_Bo0FUPU5nV1_5ICqEEmHxhCaQAK4TQ7VnyGqlk4X4DsCI-pQnPvRMFz3Zt5yOULsJyJDgHaWJvn9KpI9BqVSdRr828E-ugtLj_0GeJIfo34QviJxRgvrGyvwy5ze916GkxhQlnTGiNnhd0KKT9i-h4Tr7eC9IeI3Ko7zO_UnYs_X6YhPbwRsgn6ZtBMz2jwkd2XLwldSzvl43fx43cvpPXC1kdm_FwaRcaRm6DdSnDXS0YMOjE7UDe_AJ0gHQTJWUkIzR2x8T2_TNBX744OCfyORNnMRclSF8TxVv9KXFM0YTt4d7EAJvvPHlgSWaZgq4r2JD23ZrFCb6vNc1GIM8ZRtXzIAYJD1_Gk4JPvg2vBHXOVk4OE5f1lss1hrotzNefh72YbLBw8fga_0FqPUf-qYbXCgHyuynJTu21DBkbg04vhrFghb6yW1z7IaZBx18F6k3OxLKBF3XcajfK3CuhGbA89yLvBPNE9P9mDMbwjQYNJlo5YrVs_a-VCMj3Ztrk2TlbIk3h0K9ArRyQKqWqjXycfG1n9mR8MiKjKGZoGzwcvirWVjYUcTUChx6lTqLwUU7TMyDWBv7ejeKyXgZcyE6s6OyFVvis_-BdKZLVGnri0hDwt7EVTvkoJ8gIJORBiaSjqw_s6hhhaJONTgx5Jh0Lk319DgbCIKIeFtIL1Ne5QcqW7bEAfDsL1UUNncDf6ohu1LW6t9Ayhr695QCrZsfpk2mIOHPlYUu7Iyb3OuBBjcgcVau0WdwS_6rJedmNhGaMsIPzZPAQD9NS5JqxalCpVYRNxy9gfamTRpjhm0x4ppLceJruuSyvuug6r-FbsZgeYCfTHEFDoAwv6TM2_zYZBwqjDnLI1_EsRkT8DD7lxQlA-eW_jeDrmMNOMwxNuiVN3B-EW7jDoApFahqOfeKAJxhj0t_FZ8TWj0NJIZGxYAyEosTkDuwMDdj1HzftJsDC2DNal4LRyGm2ubiqDB4GuKQ9XL4xk7svUCaCL6ki20JFqpWWJWb71ate2ct2g_rhxhQP1E41IAJA5BD4QL8wLcVpXQ_snT8ybLbp5YBoxlARGvSMGUkQ8n4KVEQUUA9yTHm5-Bw5y6a7vYPL-fqRxw4_wCbiXKZchAOCe5UEqduyhgOlr4ojrQ42xD7b3vj-QWHttdgBk72dguRles_QyRQwhqEgKqfvlpdQiX7BP&sai=AMfl-YQmWd4p3rNEKZ20WY2cN1RMVHLaXLewecc1fb-MBr4pjBnWG06ImJBGyJTI-WMx0PPJ_s3-KDYPl2XlcqYfu4GrkPomudipV5uVjv4AAbBuTWmyF8GeUbXJFJWDlo8Z-zwwK-izkdgAMLl1n2JRho0OdSGHP2mjCYghVE8lGpKxt7OeGIJzPoF2DOWVAfO-gFvphrA01ZbAfGXLYkOu1XM1nDbDaEHGx2woeWpG5YP6YHKoLXCPhxOOJujPTtpow65BjzsQto2GK5zB2uSRRb7-q4QwhK7M7CRTU9sHlvX7sDuheLQFPVQTZwlsN7s_yTWG&sig=Cg0ArKJSzETQWrNrbQ50EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=646&cbvp=1&cstd=643&cisv=r20231128.31475&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET img;adv=11147208041415;ec=11147225831950;adv.a=6975797;c.a=30901040;s.a=8680852;p.a=379817261;a.a=570712928;cache=3382769018;
ad.atdmt.com/i/ Frame E5DA 0
0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 71C7 699 B
732 B 670ms
122ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=21&ttfrms=24&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=2&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTauE%3D%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE%3D%5D%3F6ETar9EEADTbpTauTauE%3D%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1029&ddur=721&uid=1701302157440733&jsCallback=dvCallback_1701302157440807&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5001&tgjsver=5001&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ftl.net%2F&fwc=0&fcl=429&flt=0&fec=1415&fcifrms=8&brh=2&dvp_epl=109&noc=4&nav_pltfrm=Win32&ctx=18876361&cmp=31029503&sid=8484086&plc=381881686&crt=205790742&adsrv=1&advid=12650497&unit=300x250&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1346160047387.0017&ee_dp_sukv=1346160047387.0017&dvp_tukv=1235420430.6404114&ee_dp_tukv=1235420430.6404114&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_tuid=1184678757994&jurtd=827220476
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: a60d10c5d0e591e1a7b2904961c4b5964c091dee1726ffc5461b933649aefe28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:58 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/28/2023 23:55:58

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA66 0
20 B 146ms
146ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bmo55jM9nZda4H8-noPwPxrOM0A8AAAAAOAHgBAI&bg=!AgGlAU7NAAaGYW-ApmE7ADQBe5WfONd64aI3oZvLcedRXI_6x6sTBXYrycsF3eFIn0UR_NEEaK7vRuP6nojA7AIDoYKbAgAAAH5SAAAAA2gBBwoAIIAd0pLxpCRfRCcQ4Cptx6Gd_JMDsrWM8Ob3fWWxh1XcmQL1S7jtMskrGHNKr7Kmz1B6yYD6FFovLPnWg39XYbwGE2LGlrRwXWRilGmynnIxm4wdk9eJIvf7dDyqlhFLAEg4KcYZSBjkH-Oynob7fsBwtbAG5cutGUupqtjog5g1OL99tfu1dxVA8t6paxB0uRRedF2RiFcOl0Wq0-mMFAh6fkKSLH_bxEjg2chpUe67opN6RFfBMUM-Tadjqp6B7oyVGUlukcSYTfiDnZiM9ALVbgJWI8HIl_VX96k9lnVHAp7whIAO9csCjRYj-zTer2sfyH0qSqNjka8uIubfPxcGtCYuFi6kpfwFBLl6UTQsVdsgpclBt2Mw7u8eDRG3ZLglWN0aVTeDITviqM1ivMd7nZkEYjfxqwXzz2pZ48gyZoNilsaz43JGdQ9beBa0rleI4ppIwLpE1cOa8Y7iC7dPxyR9It1rSwOdTCqUMLWF5L-Keu3oM6S7oi8-krTQgzhuof_FrN-CQIxGU0ZVmILu41UO2PeBektd_m6CESwq9gFsaLNPCHGXmHdJdrqaveAZ_BhgndWHGPhD4PxqCqFycBMhFqwkf_v4kbk4s4yB1LR74ssTPDVsbOwp1b3SoL0ftpZ5h7Z7onvjLHGwZ1_e7YYwqOf1yh7qihn4E7Tx_tU3X_SKT--Efzyw46cp5ja82fZRiMe6N4IK1Gwcmzm7T1xx9H_78w8jHNY9rc19Uis7r0GptXDWrwHwZ1ILcqwCs0ZpAA2zGy2iIGgkWDGkKiWnPzUrUgDnqJ0ZpbbBLKtO5Y22PpCf1Mp-TnCiee0wsDLaylOauDQfVBlAyKh175NQ2WBHXexja5NqxjxbhX4TUYn91jkrsTDLeLpJYe6sR5zVc6nE0RJLll2T4M7A8XhwlPTSTLGwb3tUDBG8eZYo8HMd8Qy1A1juL2i_MlxeiLgcyXvFYdvUDeBjeBue9RFMf1m-meRSdDK1TCIu3C2_dAcU-jshZ5kkeXoh1Rrwj7_gbBSHHDtaSfd4Z4_4rnqH3oc9Mg

Requested by

Host: aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
URL: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0905 236 KB
63 KB 100ms
99ms Script
text/javascript 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 23:55:57 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/16418231679751309448/ Frame 0905 127 KB
20 KB 129ms
128ms Script
application/x-javascript 172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

sffe /

Resource Hash

0cb9b43c3099667a70e044b24506655279c33819d89dd94d225682b9a3aebcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16418231679751309448/728x90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 11:21:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Nov 2024 23:55:57 GMT

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8737 39 KB
15 KB 121ms
120ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:52:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DDC 42 B
175 B 146ms
145ms Fetch
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLyerLfxo_NZLM75Dy_e5HEeSHkz7-oxSzlyYS8IW4N2VhwIq6rUSaGp1SReKk3koGU7pxRwHYp-qOpL9dYvFo_MuMJHaTEAq2R-HFrFyViihFlHasrCHfiHgMimFFERxFzlqUfkRpWA&sai=AMfl-YTCRAhYwNQvs_SbiOXshn2Q_6e6XlB9xrkIq6uyg2ewJtwnVusnMJ-YMTzkYKD5FubDIdvP9KiKX7KW7cfn9gSetZ6mlZ0dbEGEI8mu4frJ7BXGXeooPjZavXFw1gJCviAlsWx82g7h1zWy4oyzkyjAF4ZYkhFb93se&sig=Cg0ArKJSzJfo7Znd4rgdEAE&cid=CAQSTwDICaaNNDkgB-PAQLJeIuNZgzL0WwdxBUtVknp59V0cCUqDjiHVDGpYM6o1pfzxImTpU9WC70IzyVzQr1waytrJDsARqKYPXxKGpypD83AYAQ&id=lidar2&mcvt=1000&p=288,1188,538,1488&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3666590714&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701302156052&rpt=608&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E5DA 0
0 122ms
121ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwMRzu3ugKG34blVTuKvDoMnmo8ronB3enxL8q4y9vciAMkRqTeL3sjVelIC2ta6QPqJEkBdSgNIdRlcTWkUFWQ-KxZAoQQ8LA5cCb-2UspmnJnS2fWD-vqQA_yOu-I8CqL30YFrsjWMw9QQJHHxYsoqA9zXTfJLVDu7H7rdedXogaZiSfPU7_uAza7Ldj6exJCyR0HVcukFfqWoe98NrcpBL8QE7awfj_n0GFfI_krzOijBWCAyfceUXG_Bo0FUPU5nV1_5ICqEEmHxhCaQAK4TQ7VnyGqlk4X4DsCI-pQnPvRMFz3Zt5yOULsJyJDgHaWJvn9KpI9BqVSdRr828E-ugtLj_0GeJIfo34QviJxRgvrGyvwy5ze916GkxhQlnTGiNnhd0KKT9i-h4Tr7eC9IeI3Ko7zO_UnYs_X6YhPbwRsgn6ZtBMz2jwkd2XLwldSzvl43fx43cvpPXC1kdm_FwaRcaRm6DdSnDXS0YMOjE7UDe_AJ0gHQTJWUkIzR2x8T2_TNBX744OCfyORNnMRclSF8TxVv9KXFM0YTt4d7EAJvvPHlgSWaZgq4r2JD23ZrFCb6vNc1GIM8ZRtXzIAYJD1_Gk4JPvg2vBHXOVk4OE5f1lss1hrotzNefh72YbLBw8fga_0FqPUf-qYbXCgHyuynJTu21DBkbg04vhrFghb6yW1z7IaZBx18F6k3OxLKBF3XcajfK3CuhGbA89yLvBPNE9P9mDMbwjQYNJlo5YrVs_a-VCMj3Ztrk2TlbIk3h0K9ArRyQKqWqjXycfG1n9mR8MiKjKGZoGzwcvirWVjYUcTUChx6lTqLwUU7TMyDWBv7ejeKyXgZcyE6s6OyFVvis_-BdKZLVGnri0hDwt7EVTvkoJ8gIJORBiaSjqw_s6hhhaJONTgx5Jh0Lk319DgbCIKIeFtIL1Ne5QcqW7bEAfDsL1UUNncDf6ohu1LW6t9Ayhr695QCrZsfpk2mIOHPlYUu7Iyb3OuBBjcgcVau0WdwS_6rJedmNhGaMsIPzZPAQD9NS5JqxalCpVYRNxy9gfamTRpjhm0x4ppLceJruuSyvuug6r-FbsZgeYCfTHEFDoAwv6TM2_zYZBwqjDnLI1_EsRkT8DD7lxQlA-eW_jeDrmMNOMwxNuiVN3B-EW7jDoApFahqOfeKAJxhj0t_FZ8TWj0NJIZGxYAyEosTkDuwMDdj1HzftJsDC2DNal4LRyGm2ubiqDB4GuKQ9XL4xk7svUCaCL6ki20JFqpWWJWb71ate2ct2g_rhxhQP1E41IAJA5BD4QL8wLcVpXQ_snT8ybLbp5YBoxlARGvSMGUkQ8n4KVEQUUA9yTHm5-Bw5y6a7vYPL-fqRxw4_wCbiXKZchAOCe5UEqduyhgOlr4ojrQ42xD7b3vj-QWHttdgBk72dguRles_QyRQwhqEgKqfvlpdQiX7BP&sai=AMfl-YQmWd4p3rNEKZ20WY2cN1RMVHLaXLewecc1fb-MBr4pjBnWG06ImJBGyJTI-WMx0PPJ_s3-KDYPl2XlcqYfu4GrkPomudipV5uVjv4AAbBuTWmyF8GeUbXJFJWDlo8Z-zwwK-izkdgAMLl1n2JRho0OdSGHP2mjCYghVE8lGpKxt7OeGIJzPoF2DOWVAfO-gFvphrA01ZbAfGXLYkOu1XM1nDbDaEHGx2woeWpG5YP6YHKoLXCPhxOOJujPTtpow65BjzsQto2GK5zB2uSRRb7-q4QwhK7M7CRTU9sHlvX7sDuheLQFPVQTZwlsN7s_yTWG&sig=Cg0ArKJSzETQWrNrbQ50EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1010&vt=11&dtpt=364&dett=3&cstd=643&cisv=r20231128.31475&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5DA 42 B
109 B 180ms
180ms Fetch
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufFu7klmSd70pR6VeuFgGzD3eMFH6Nk9GvL6iUcz2t7frKSERm8cwqAJSbX2SybS0-DOyPXFifucnWFBvIkpjepIbmLwxEKun1Y2WRVWSfb1H50omDloe5xpnSHGbbDTrLjPj9F839oA&sai=AMfl-YRSUZ3-4_6yhO9AXdM3Lwvddiu49uGbWaro4zWc-SIv_ovfnrsEFTLUNcVXpULTGHltgRBgZH1Fkaor1rRHVhGk3oQxBfiN6rdrHpBnFyDADAaDJYzrSvzRxhyKJUgFqVQ9o71wsK3mhHkBX6UpYG-SW8_DtD50APy1&sig=Cg0ArKJSzIXA3XEX03dZEAE&cid=CAQSTwDICaaNuc0nnwarQ7NX482tgdnnU1YhN8X5xCwyGWbR7MCmdWRl8UaIWFG3jZkkB3wA3NjZHgHJwIyjpEhNYzBGsjNVxU2Aamupgaqf10YYAQ&id=lidar2&mcvt=1015&p=190,436,280,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2408282231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701302155821&rpt=945&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
144ms Image
text/html 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=637932292937505&bg=!SUqlSgXNAAaGYW-ApmE7ADQBe5WfOLO7q_xg9QI5jUxFdHXaOK61I1sixRklOydzFxqzDX4NzZ-Z_qOlB0XPcZHmCOkNAgAAAJFSAAAAAmgBB5kCo9M9BjMzwzNX7oUak3rha-Avcx4IYGLNi-A7eYY1zkp3WRkrStzmyzFPgRGqS_8qrMc2rxWFxpMLb-x7GOhxyzO_3DGT_Ga1ZjuzPphiiNT8YUGbq1Jih5Cbo6JVZ-3HoDETQOjMy-CW-axLlQO3cvWdLkJ2GKEprk5ZB_XK3fjliAomIXYogn034zIlai6TcbqlvQ7bvN1wvb7nkW1hZtiCuAHo0A4EZy9DDIdBfgUmT4Vi4GUQM5s8P0_v93snPYYYohlXbavUyOoPC9OaoWdA5R6EFizf9m49DSn1d0OX4QzQbh0qS4FvNSwfYpt7KKfebYacW9EBnx0_MVmiioVJqfUT28By33LGJmkjEV8dyijNLWiiyBVkllfpk0HuqtAVdVfv2SskOKDfh_YfWMFtvb0H9W7RozXsnDcZQ_M6BKbklTWkgTj75OtBcfpwfRsT40_Te_ppAfaCiWwA0gLR5Ze13fygaypNVc9xGQJOeDkNs0VeLW6ml4C8hlkycuc4WK6m7YKA_df5E8kT5sFPmt4l021OWpww6jcgM_1TwoLDvv99tAj0R5o6BQHDSRtFrB1tR4EvJ7EavDpm6Fc5JCvK4BZ2aSW93DUteeV4qspSOPm4eOiPanCA2bv3tYwobtNTh9AYvKUIfX4-jKeHN1QdzM-sJBxoaF7m8QLAsoFDAFkJvnaXaLDODkQXZQxgj7dI1oI1OkeHy_X4hJaOq62snZhmJH6q1Z1Af8dt0kiybQ3LfzVzdo-05au6J2dzqeUfH5RPewaTuyHS4l6k2N1e3xiAq3d0348HhNgBumCtQJM_z9Vtf9CpaEJJsS1vIWg3mGHqiD0XEnMEcp0VBeZFB_gRENqoI_G5DU2Q9xA-bsgxg8atcfAEQF5RuYZepw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8737 0
20 B 156ms
155ms Image
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BspyQjM9nZa2rHvGuoPMPgMW0oAIAAAAAOAHgBAI&bg=!1tWl1ZrNAAaGYW-ApmE7ADQBe5WfOP7rLvq1HoitoAK1GDnnvpfxcNpiDLhYE4djN4TrLP0pmN5WIRORtV47_F6wEVGgAgAAAGZSAAAAAmgBB5kCyGmDAVtDo2-hxtHigqBHwMDYmWnsQbR1Q7NWNWUI326psv8arijAEczjn9FNQRq91eaQG3VsD-LGdjKiyf_atBB2vIMhe62CSkZ3c8iykjB5PN85VZ_jJsYS_G7udnUN3u8POcDQHkluzfOIw6s07EdEldFrXMzLD0Ir3PuC3-Hluvg-qitKhxj_e1p2mrFFCPTtaC5KsSzECtQEKpv1LQwUgDjJqm-FHzKa9qOOvGI5F0X8lh9YGKsRhj-ILq8BBjkqiFTilng83tw9-gkiOmf8s8u-HHxrXFVKbHpmdl6NwsQ-Gum1q4O5NCekRznqX9gRGEXgV7kamq3IUGmmDZdkAlY0VtNy_Rol-HzpSMFP_GOucQhmwNTky6hYUnQZnOgQcaI6e2A6R4MMZLfs0HwRDY5e2iL3Z-qmsiyWqP-vn5CbRsMGnxlUrQE1Gt2uGhwwnA8Yptoiz9WcE2IwTihGAYE638_5pzZp4PuTp5lgxeoElpCjilnrwbb3v_H4U57DkZWBQhZSGgdUIXE7BAnXR9GTKAq5XK_sY-cxh-2xlhcR0tzhnC9j0n3Qjcne4_sOg6yrTNcWos-vyhtXLjkj8fn23MXYkp7wR4FE1kiP3Wgar2ZI2_4gEmiDIj8qlIrAMQ6_bjRvAshb7UBwTUGMAHG0mdfUtUlidPuHzJNv7kjuA9S2rHE6cVSJeHEMgkG_vQg0OhNFQdz5qnsA_RV2Nok-W2xO82rra5CBH7p4bwWTUVwpRd1KwkrSovXFkZ9ArO-bjMyxBE-e7YHhBXGKoDYoSKHS2EiyA1p5TmWXerrBiQ2gFBYnHA7-07JmbmzezHNn43OnWHBM5IXnvPh8tGiKNowHU6PGKuejf9tdHtqo1ZcuoA96Xy_IgUrai2hacNy4rcB_4uPRkw_5qFShtqpNz5MuxsgEhTp7aEUpQ3iY4leOFws

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9D24
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=&expires=30

42 B
854 B

299ms
99ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: tl.net
URL: https://tl.net/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 44e748b6247b033344ab4f6b8c0f8cbb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ca5fafd3-8428-480e-9171-2acf619595cd&gdpr=0&gdpr_consent=&expires=30
date: Wed, 29 Nov 2023 23:55:58 GMT
server: Kestrel
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9D24
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ4ZDMzNWI1Y2IxZjM3ZGI0NGVhZTgwYzlhNjQ1OGRhYzg5ODgxNg&gdpr=0&us_privacy=1---

170 B
188 B

107ms
106ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ4ZDMzNWI1Y2IxZjM3ZGI0NGVhZTgwYzlhNjQ1OGRhYzg5ODgxNg&gdpr=0&us_privacy=1---

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ4ZDMzNWI1Y2IxZjM3ZGI0NGVhZTgwYzlhNjQ1OGRhYzg5ODgxNg&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f84b118a3f01dd6ffa744f6af941f4e8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9D24
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBLRkRLODEtSS1ETlI=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIZ3SonhU2UeoeYWcM8ZQqM&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLRkRLODEtSS1ETlI=&google_push=&gdpr=0

170 B
188 B

109ms
108ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLRkRLODEtSS1ETlI=&google_push=&gdpr=0

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBLRkRLODEtSS1ETlI=&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 9D24 43 B
855 B 808ms
351ms Image
image/gif 67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---

Requested by

Host: tl.net
URL: https://tl.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P6DG4R4KXWXGW2CG3PT5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9D24
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJ0_f-igIJAnppIhO79z8Ck&google_cver=1

42 B
854 B

207ms
105ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJ0_f-igIJAnppIhO79z8Ck&google_cver=1
Requested by: Host: tl.net
URL: https://tl.net/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJ0_f-igIJAnppIhO79z8Ck&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9D24
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/w-lkuky2cIIeMxmb7iub9Q?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Oj9FlEdE2oLJQR4Ufv4x87XfTVBArN07cAoFoA--~A

42 B
854 B

327ms
106ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Oj9FlEdE2oLJQR4Ufv4x87XfTVBArN07cAoFoA--~A
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Oj9FlEdE2oLJQR4Ufv4x87XfTVBArN07cAoFoA--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 9D24
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

0
516 B

566ms
197ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F7662FFE27D84DA3B33D534116DC5C1F Ref B: YTO01EDGE0419 Ref C: 2023-11-29T23:55:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLU0bVnjWHM7y40Yo9pw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9D24
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=F8rVdgycToesBVo4oLx6ig&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F8rVdgycToesBVo4oLx6ig&gdpr=0

43 B
479 B

105ms
104ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F8rVdgycToesBVo4oLx6ig&gdpr=0

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WVHWS4A0EGK39GMA3N4Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F8rVdgycToesBVo4oLx6ig&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9D24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/ecm3?id=LPKFDK81-I-DNR&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

43 B
479 B

106ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPKFDK81-I-DNR&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RF1V7M0ZQ0HQZJZGXA4R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPKFDK81-I-DNR&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9D24
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABB107Kz58AABOVKFHtnA&expires=30&gdpr=0

42 B
854 B

260ms
107ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABB107Kz58AABOVKFHtnA&expires=30&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f84b118a3f01dd6ffa744f6af941f4e8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABB107Kz58AABOVKFHtnA&expires=30&gdpr=0
Date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 9D24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

43 B
1 KB

106ms
105ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:58 GMT
an-x-request-uuid: 7ac93b9d-c12a-4117-b2f7-88eb92257e65
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1df09169f58a071f2a391dff1b3307b
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 9D24
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPKFDK81-I-DNR&redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPKFDK81-I-DNR&gdpr=0&redir=true&us_privacy=1---
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JSVdnUGhSRTJ1RjcwbmU3NHFvNjJCQ053Sm9aeWQyUn5B&gdpr=0&ovsid=LPKFDK81-I-DNR&us_privacy=1---&dpid=58160

53 B
647 B

588ms
195ms

Image
image/gif

23.40.207.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JSVdnUGhSRTJ1RjcwbmU3NHFvNjJCQ053Sm9aeWQyUn5B&gdpr=0&ovsid=LPKFDK81-I-DNR&us_privacy=1---&dpid=58160

Protocol

Server

23.40.207.82 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-207-82.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 29 Nov 2023 23:55:59 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:55:59 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JSVdnUGhSRTJ1RjcwbmU3NHFvNjJCQ053Sm9aeWQyUn5B&gdpr=0&ovsid=LPKFDK81-I-DNR&us_privacy=1---&dpid=58160
date: Wed, 29 Nov 2023 23:55:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 9D24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

68 B
280 B

96ms
95ms

Image
image/png

3.226.40.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Protocol: H2
Server: 3.226.40.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-40-87.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9D24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---

43 B
1 KB

110ms
109ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:55:58 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9D24
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&expires=30&gdpr=0&us_privacy=1---

42 B
854 B

102ms
102ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&expires=30&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&expires=30&gdpr=0&us_privacy=1---
Date: Wed, 29 Nov 2023 23:55:59 GMT
Connection: keep-alive
X-CI-RTID: 247f1129-a296-4479-b6a5-bafa0dbd55ac
Content-Length: 175
Content-Type: text/html; charset=utf-8

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 9D24
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPKFDK81-I-DNR&gdpr=0&us_privacy=1---
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR&ckls=true&ci=hI559494et&nc=false&trid=742022572

43 B
1 KB

504ms
180ms

Image
image/gif

52.85.132.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR&ckls=true&ci=hI559494et&nc=false&trid=742022572
Protocol: H2
Server: 52.85.132.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-68.iad50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
via: 1.1 22512dca1de1fae848b2509fed0309aa.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: D_ZrAvJxNtw2G2XoctAI8uOvXBhpDMopbspCvI7yoe8nOK_r8AIEaQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
via: 1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPKFDK81-I-DNR&ckls=true&ci=hI559494et&nc=false&trid=742022572
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 7SUujDfiuxBwoWpLuayH1p9iogHvz-Ui16maQeZblIGkdVD2g82wZg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
781 B 93ms
93ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 0ccdb07f41de1be5bff43cd8769631081ffd10afedb7aaa73516e0883c4d9ead

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 29 Nov 2023 23:55:58 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tl.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 29 Dec 2023 23:55:58 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5DA 0
20 B 146ms
146ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7389594709840&version=m202309260101&ct=76&x=1&cor=9506844345274601000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71C7 0
20 B 142ms
142ms Ping
image/gif 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9046445918608&version=m202309260101&ct=76&x=8&cor=3796461804459295000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:55:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E732 0
128 B 103ms
101ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:03:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame CAB0 3 KB
2 KB 369ms
90ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 912
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 82dec8e8e8fc5467-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 23:56:00 GMT
expires: Thu, 30 Nov 2023 03:56:00 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CE46 52 KB
17 KB 354ms
76ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 55080
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 29 Nov 2023 23:56:00 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3911, 123612
X-Served-By: cache-lga13626-LGA, cache-yyz4529-YYZ
X-Timer: S1701302161.779903,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 9AA9 37 KB
12 KB 447ms
133ms Document
text/html 23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8d35e018e2950438559f851e5ed342281e5bd1006dda1c596589a87facdb56f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 12269
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 23:56:00 GMT
expires: Fri, 01 Dec 2023 23:56:00 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FF23 1 KB
2 KB 95ms
94ms Document
text/html 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: c73af91ada8bd7d61ad26cbd92bdce5ddc1b29dbd03c023beef672b97fd90165

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1347
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:56:00 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7203 281 B
555 B 106ms
106ms Document
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 23:56:00 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3CB0 16 KB
6 KB 108ms
107ms Document
text/html 23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://tl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93160
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 29 Nov 2023 23:56:00 GMT
expires: Fri, 01 Dec 2023 01:48:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

xuid
eb2.3lift.com/ Frame FF23
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=ca5fafd3-8428-480e-9171-2acf619595cd&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

95ms
94ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=ca5fafd3-8428-480e-9171-2acf619595cd&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=ca5fafd3-8428-480e-9171-2acf619595cd&dongle=0cfd&gdpr=0&gdpr_consent=
date: Wed, 29 Nov 2023 23:56:00 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame FF23
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

101ms
100ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FF23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEeo0i1G4I_JkmCyU5zBScc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

124ms
124ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEeo0i1G4I_JkmCyU5zBScc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEeo0i1G4I_JkmCyU5zBScc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF23
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D

170 B
188 B

107ms
107ms

Image
image/png

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUxNzI4NDcxOTA4ODcxNjMwNjAwOA%3D%3D
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame FF23 0
367 B 168ms
166ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3517284719088716306008&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ABCE01AE1DDD445EB6D59DD3D63C22DC Ref B: YTO01EDGE0419 Ref C: 2023-11-29T23:56:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLU0bwykpO8bRb3j/kvA==

GET
H2

200

xuid
eb2.3lift.com/ Frame FF23
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3517284719088716306008?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-N9MjSdxE2oSiHu6fb44kio_QuqUsp6yT_kHuB_ZrRQ--~A&dongle=0883

37 B
354 B

100ms
99ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-N9MjSdxE2oSiHu6fb44kio_QuqUsp6yT_kHuB_ZrRQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 29 Nov 2023 23:56:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-N9MjSdxE2oSiHu6fb44kio_QuqUsp6yT_kHuB_ZrRQ--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame FF23
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3517284719088716306008&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=9252dda3-0954-4d4d-bb67-0116f3763d89
https://x.bidswitch.net/sync?dsp_id=340&user_id=f7d390b0-012b-410c-9606-1d45242113c6&expires=10&ssp=triplelift&bsw_param=9252dda3-0954-4d4d-bb67-0116f3763d89
https://eb2.3lift.com/xuid?mid=2409&xuid=9252dda3-0954-4d4d-bb67-0116f3763d89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

95ms
95ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=9252dda3-0954-4d4d-bb67-0116f3763d89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:56:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=9252dda3-0954-4d4d-bb67-0116f3763d89&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 29 Nov 2023 23:56:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FF23 43 B
363 B 485ms
160ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 305517
expires: Wed, 29 Nov 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FF23
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4511551991250421269&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

119ms
119ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4511551991250421269&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
an-x-request-uuid: d4e97a85-a8ad-4547-848d-321568847e7e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=4511551991250421269&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame FF23 43 B
1 KB 194ms
194ms Image
image/gif 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3517284719088716306008

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
an-x-request-uuid: 4708bb40-51d4-4364-b41e-90c431e0219b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7203 46 KB
13 KB 128ms
128ms Script
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 121e70847dcbb91b0eccfc83d6cb5107ac3607a187c1195cb0e046b04a868985

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 23:56:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 03:47:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13800
Connection: keep-alive
Content-Length: 13234
Expires: Thu, 30 Nov 2023 03:46:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3CB0 2 KB
3 KB 98ms
97ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2781309&p=156737&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fb39dd36be15929985264cf69708af2dea49648bb6f8a700847323f00ff6f166

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 23:55:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5650
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4511551991250421269&gdpr=0&gdpr_consent=

42 B
217 B

197ms
196ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4511551991250421269&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:56:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 7aca7e62-ccb2-4dad-bd0c-757aca8e77c4
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:56:00 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4511551991250421269&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 17E8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQjEwN0t6NThBQUJPVktGSHRuQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?ev=AABB107Kz58AABOVKFHtnA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABB107Kz58AABOVKFHtnA&pid=558502&do=add&gd...
https://sync.technoratimedia.com/services?uid=AABB107Kz58AABOVKFHtnA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
https://rtb-csync.smartadserver.com/redir?partneruserid=AABB107Kz58AABOVKFHtnA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=9194282301195164687&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB107Kz58AABOVKFHtnA&gdpr=0&gdpr_consent=

42 B
199 B

141ms
140ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB107Kz58AABOVKFHtnA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:56:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Nov 2023 23:56:02 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB107Kz58AABOVKFHtnA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 6274 0
339 B 505ms
179ms Document
image/gif 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Wed, 29 Nov 2023 23:56:00 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B025
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RE2yQxEevUVfQLUVEE2pQEZMtBdfTrFBEU4NgAIo

42 B
422 B

139ms
139ms

Document
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RE2yQxEevUVfQLUVEE2pQEZMtBdfTrFBEU4NgAIo
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:56:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 29 Nov 2023 23:56:01 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RE2yQxEevUVfQLUVEE2pQEZMtBdfTrFBEU4NgAIo
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 3C0B 85 B
154 B 126ms
119ms Document
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 29 Nov 2023 23:56:00 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4529-YYZ
x-timer: S1701302161.855946,VS0,VE40

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1D61
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=pDjZ7tMB3x5N0GQ2jSML0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
245 B

138ms
137ms

Document
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:56:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Nov 2023 23:56:01 GMT
Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server: nginx

GET
H2

200

insync
thrtle.com/ Frame 3CB0
Redirect Chain

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=dde9f933-57b8-4c4a-adcd-a888af4bd873

43 B
296 B

109ms
108ms

Image
image/gif

3.91.115.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=dde9f933-57b8-4c4a-adcd-a888af4bd873
Protocol: H2
Server: 3.91.115.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-115-71.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Wed, 29 Nov 2023 23:56:01 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=dde9f933-57b8-4c4a-adcd-a888af4bd873
date: Wed, 29 Nov 2023 23:56:01 GMT
content-type: text/html; charset=utf-8
content-length: 211
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame 3CB0 43 B
61 B 345ms
341ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540245193&val=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Martin
crb.kargo.com/api/v1/dsync/ Frame 3CB0 43 B
359 B 511ms
174ms Image
image/gif 35.169.162.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.162.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-162-91.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204 sync
sync.bfmio.com/ Frame 3CB0 0
425 B 502ms
93ms Image
text/plain 52.45.125.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=187&uid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.125.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-125-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 29 Nov 2023 23:56:01 GMT

GET
H2 200 9DB21E03-9E94-4F68-9882-0144D5EF8BF9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3CB0 43 B
602 B 122ms
119ms Image
image/gif 2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/9DB21E03-9E94-4F68-9882-0144D5EF8BF9?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3CB0
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7d95556f11f14b3&is_secure=true&networkId=17100&version=1&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFpaAPuiMGcAMBHSD7AAAAAAA&expiration=1701388560&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&...

42 B
374 B

138ms
138ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFpaAPuiMGcAMBHSD7AAAAAAA&expiration=1701388560&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&is_secure=true&gdpr_consent=&gdpr=0
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFpaAPuiMGcAMBHSD7AAAAAAA&expiration=1701388560&nuid=9DB21E03-9E94-4F68-9882-0144D5EF8BF9&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3CB0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&gdpr=0&gdpr_consent=

1 B
334 B

137ms
137ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&gdpr=0&gdpr_consent=
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 23:47:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=86bcfe0e-4318-489a-8dec-eee5ccfd0d91&gdpr=0&gdpr_consent=
Date: Wed, 29 Nov 2023 23:56:00 GMT
Connection: keep-alive
X-CI-RTID: d7594577-6408-4c12-8575-084c718ea43a
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3CB0 0
287 B 495ms
173ms Image
text/plain 3.81.188.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.81.188.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-81-188-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:01 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 3CB0
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10CEE6104_9F132496&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

94ms
94ms

Image
image/gif

38.68.201.140
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Protocol

HTTP/1.1

Server

38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-384306961; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=-384306961; includeSubDomains
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Wed, 29 Nov 2023 23:55:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3CB0
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7064452645915482657&gdpr=0&gdpr_consent=&us_privacy=

1 B
279 B

142ms
141ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7064452645915482657&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 20:17:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7064452645915482657&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 122ms
122ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BM5TJQWK4B&gtm=45je3b60v9134951772&_p=1701302153526&gcd=11l1l1l1l1&dma=0&cid=1050371512.1701302154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1701302154&sct=1&seg=0&dl=https%3A%2F%2Ftl.net%2F&dt=TLnet%20-%20StarCraft%20Esports%20News%20and%20Community&_s=2&tfd=8431
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BM5TJQWK4B&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tl.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CE46 0
595 B 112ms
111ms Script
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
an-x-request-uuid: abe602af-70f7-49b3-a62c-437ab481f095
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubcid.php Show response
hbx.media.net/ Frame 9AA9 57 KB
18 KB 527ms
170ms Script
text/html 23.215.40.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.215.40.23 McAllen, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-40-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1800
content-length: 18543
x-mnet-hl2: E
expires: Thu, 30 Nov 2023 00:26:01 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9AA9 61 B
301 B 604ms
208ms Script
text/javascript 2620:100:a001::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 208451
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9162
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
555 B

99ms
99ms

Document
text/html

23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 23:56:01 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 29 Nov 2023 23:56:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 064C
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Drkt%26refUrl%3D%26vid%3D130216096434430375608986210...
https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=rkt&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=997336246572764449

227 B
650 B

123ms
122ms

Document
text/html

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=rkt&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=997336246572764449

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 227
content-type: text/html;charset=UTF-8
date: Wed, 29 Nov 2023 23:56:01 GMT
expires: Wed, 29 Nov 2023 23:56:01 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Wed, 29 Nov 2023 23:56:01 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=rkt&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=997336246572764449
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7B67 16 KB
6 KB 107ms
103ms Document
text/html 23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dpba%26refUrl%3D%26vid%3D13021609643443037560898621000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93159
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 29 Nov 2023 23:56:01 GMT
expires: Fri, 01 Dec 2023 01:48:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=274961a8-104a-419b-8634-81c53fd8d4d7

53 B
464 B

144ms
144ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=274961a8-104a-419b-8634-81c53fd8d4d7

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-133
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=son&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=274961a8-104a-419b-8634-81c53fd8d4d7
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%...
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=16fa8ef5815b0fe5&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.ph...
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=con&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=AAAFpaAPuiMGeQM5x12xAAAAAAA&expiration=1701388561&is_sec...

53 B
459 B

173ms
172ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=con&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=AAAFpaAPuiMGeQM5x12xAAAAAAA&expiration=1701388561&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=con&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=AAAFpaAPuiMGeQM5x12xAAAAAAA&expiration=1701388561&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

cksync.html
contextual.media.net/ Frame 9AA9
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3443037560898621...
https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=opx&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=dd87c8e8-bfa4-0b47-02b0-4ad03e242485

227 B
227 B

143ms
143ms

Image
text/html

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=opx&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=dd87c8e8-bfa4-0b47-02b0-4ad03e242485

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: text/html;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 227
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

date: Wed, 29 Nov 2023 23:56:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://contextual.media.net/cksync.html?cs=8&vsid=3443037560898621000V10&type=opx&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=dd87c8e8-bfa4-0b47-02b0-4ad03e242485
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dr1%26refUrl%3D%26vid%3D13021609643443037560...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1442412770
https://sync.1rx.io/usersync/tradedesk/ca5fafd3-8428-480e-9171-2acf619595cd
https://sync.targeting.unrulymedia.com/csync/RX-eb13a045-38d9-4efb-844d-50508ba13c38-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Dr1%2...
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=r1&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005

53 B
470 B

195ms
195ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=r1&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

Location: https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=r1&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=RX-eb13a045-38d9-4efb-844d-50508ba13c38-005
Date: Wed, 29 Nov 2023 23:56:01 GMT
Content-Type: text/html
Connection: keep-alive
ETag: RXeb13a04538d94efb844d50508ba13c38005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 9AA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ0MzAzNzU2MDg5ODYyMTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIctc1irdXDNB-WjRUHIn6U&google_cver=1

53 B
618 B

691ms
344ms

Image
image/gif

23.215.40.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIctc1irdXDNB-WjRUHIn6U&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol: HTTP/1.1
Server: 23.215.40.23 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-40-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIctc1irdXDNB-WjRUHIn6U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13021609643443037560898...
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3443037560898621000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13021609643443037...
https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=dxu&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=9KyygcOt1R8upr5

53 B
450 B

124ms
124ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=dxu&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=9KyygcOt1R8upr5

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-084fc02e195ca3d70@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3443037560898621000V10&type=dxu&refUrl=&vid=13021609643443037560898621000V10&axid_e=&ovsid=9KyygcOt1R8upr5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0a460c31-b378-46a6-8bb8-bd768c9c0acd&gdpr=0&gdpr_consent=&us_privacy=

53 B
614 B

142ms
142ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0a460c31-b378-46a6-8bb8-bd768c9c0acd&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0a460c31-b378-46a6-8bb8-bd768c9c0acd&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1812743
content-length: 0
expires: Wed, 29 Nov 2023 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0ff3a976-0b74-433a-b61f-fb3238086833&ssp=medianet&gdpr=0
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&gdpr_pd=

53 B
465 B

187ms
186ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9252dda3-0954-4d4d-bb67-0116f3763d89&gdpr=0&gdpr_consent=&gdpr_pd=
Date: Wed, 29 Nov 2023 23:56:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=jLdf3OJA2ZPMC5zX22hf

53 B
455 B

149ms
148ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=jLdf3OJA2ZPMC5zX22hf

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Content-Type: text/html; charset=utf-8
Location: https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=jLdf3OJA2ZPMC5zX22hf
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 111
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9AA9
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3443037560898621000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3443037560898621000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=0ff3a976-0b74-433a-b61f-fb3238086833&cs=1

53 B
465 B

125ms
124ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=0ff3a976-0b74-433a-b61f-fb3238086833&cs=1

Requested by

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=0ff3a976-0b74-433a-b61f-fb3238086833&cs=1
date: Wed, 29 Nov 2023 23:56:01 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 9AA9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca5fafd3-8428-480e-9171-2acf619595cd

53 B
629 B

600ms
250ms

Image
image/gif

23.215.40.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca5fafd3-8428-480e-9171-2acf619595cd
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol: HTTP/1.1
Server: 23.215.40.23 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-40-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Wed, 29 Nov 2023 23:56:01 GMT

Redirect headers

location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=ca5fafd3-8428-480e-9171-2acf619595cd
date: Wed, 29 Nov 2023 23:56:01 GMT
server: Kestrel
content-length: 199

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 71C7 0
287 B 373ms
112ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=7f65dc3fb1064154b34ee5c9be98166a&flavor=1&gdpr=&gdpr_consent=&ee_dp_asmm=1&vdur=682&eoid=20&te_exec=0&msrjs=5001&sdf=67108868&vit=2&isvelg=1&dvp_ime=1&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=4&dvp_mpdce=script&rmi=8&tltms=721&tetms=21&msltms=0&vltms=682&sei=146&vetms=5&tuviims=45&tuviems=732&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=1&prndr=0&dvp_rfrcl=4&msrcanlm=1048970&msrcannum=4&ee_dp_tmads=2812&ismms=48&isumms=48&nvr=2&isgmmims=48&isgmv4mims=48&elmtp=3&isbxdms=2748&b0=2825&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2825&sftb=2825&msrdp=0&naral=1048578&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=48&dvp_hdnAd=0&dvp_dpr=1&vstsz=738&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3709
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://tl.net
Pragma: no-cache
Date: Wed, 29 Nov 2023 23:56:01 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-28T23:56:01

GET
H2 200 log
c21lg-d.media.net/ Frame 9AA9 35 B
164 B 341ms
329ms Image
image/gif 23.215.40.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=64da6c5e-29e1-4603-ba9e-1c9ff2182720&cs=15&vsid=3443037560898621000V10
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C522%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.40.23 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-40-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 29 Nov 2023 23:56:01 GMT
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9162 46 KB
13 KB 108ms
108ms Script
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 121e70847dcbb91b0eccfc83d6cb5107ac3607a187c1195cb0e046b04a868985

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 23:56:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 03:47:07 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13799
Connection: keep-alive
Content-Length: 13234
Expires: Thu, 30 Nov 2023 03:46:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 9162 7 B
788 B 100ms
100ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr_consent=1---&khaos=LPKFDK81-I-DNR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: b08c627b67f10e75995ce6908d3f9f7b
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CE46 0
595 B 98ms
98ms Script
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 23:56:01 GMT
an-x-request-uuid: e712eec3-187f-4330-90a4-e6518651f126
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 9162
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LPKFDK81-I-DNR
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LPKFDK81-I-DNR&gdpr_consent=1---

53 B
449 B

125ms
124ms

Image
image/gif

23.222.192.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=LPKFDK81-I-DNR&gdpr_consent=1---

Protocol

Server

23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-192-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 23:56:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 29 Nov 2023 23:56:02 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=LPKFDK81-I-DNR&gdpr_consent=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3CB0 0
128 B 124ms
123ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:56:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=339244&zone_id=1788298&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,55,1,,,&eid_pubcid.org=c0e2ab8a-4403-48af-b219-3866e343c9f2%5E1&rf=https%3A%2F%2Ftl.net%2F&tg_i.domain=tl.net&tg_i.page=https%3A%2F%2Ftl.net%2F&tg_i.name=tl.net&tg_i.cattax=7&tg_i.cat=680&tg_i.privacypolicy=1&tg_i.pbadslot=300x250_ATF&tk_flint=pbjs_lite_v8.16.0&x_source.tid=e56ea991-71ee-4208-abe6-3740d3d86130&l_pb_bid_id=335d7fca00b9f07&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=76b9b73e-0b3c-4980-ad21-3b59c53f5a09&rp_maxbids=1&p_gpid=300x250_ATF&slots=1&rand=0.24770525106334396

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11147208041415;ec=11147225831950;adv.a=6975797;c.a=30901040;s.a=8680852;p.a=379817261;a.a=570712928;cache=3382769018;

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

165 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 18:44:38	Name: sync Value: CgoIoQEQg5mL7MExCgoIkQIQg5mL7MExCgoItAIQg5mL7MExCgoI5gEQg5mL7MExCgoIhwIQg5mL7MExCgoItwIQg5mL7MExCgkIOhCDmYvswTEKCgiMAhCDmYvswTEKCQhfEIOZi-zBMQoJCB8Qg5mL7MEx
tl.net/	1969-12-31 23:59:59	Name: SID Value: oaplr1mvvibpq6dhdhn83b2he3hbcepv
.nitropay.com/	1970-01-20 16:35:03	Name: __cf_bm Value: M5MNKi6DG0SsNC6QHGgezrcnAHD25SCjz8ASlPhFNJc-1701302153-0-ATJOXGGOhgJDwGX4TW3n514jf+msdEGsqWf9KeNumx6jMvbjsxRi4RewWv0xf+u6p1EyWtcj2X3VBBsdrMSJZLc=
.tl.net/	1970-01-21 01:20:38	Name: ncmp.domain Value: tl.net
.tl.net/	1970-01-21 02:11:02	Name: _ga_98E1TX5TKZ Value: GS1.1.1701302154.1.0.1701302154.60.0.0
.tl.net/	1970-01-21 02:11:02	Name: _ga Value: GA1.2.1050371512.1701302154
.tl.net/	1970-01-20 16:36:28	Name: _gid Value: GA1.2.1522325836.1701302155
.tl.net/	1970-01-20 16:35:02	Name: _gat_gtag_UA_576564_1 Value: 1
.tl.net/	1970-01-20 16:35:02	Name: _gat_gtag_UA_576564_21 Value: 1
.lijit.com/	1970-01-21 01:20:38	Name: ljt_reader Value: HvWbiBZHsFTXPz5HTfiE_kzO
.rubiconproject.com/	1970-01-21 01:20:38	Name: khaos Value: LPKFDK81-I-DNR
.tl.net/	1970-01-21 01:56:38	Name: __gads Value: ID=b68f38a82a3d8dde:T=1701302155:RT=1701302155:S=ALNI_MbQOp_QRjGQrn1xbuTcwTZWh-Lqrw
.tl.net/	1970-01-21 01:56:38	Name: __gpi Value: UID=00000da4b1d8d19c:T=1701302155:RT=1701302155:S=ALNI_MbruvjwzR4tkHHw-KwxqWhMD7ZkMA
.tl.net/	1970-01-21 02:11:02	Name: _ga_BM5TJQWK4B Value: GS1.1.1701302154.1.0.1701302156.0.0.0
.amazon-adsystem.com/	1970-01-20 21:44:38	Name: ad-id Value: AzLP7y522k-7gW0RxDcLtbs
.amazon-adsystem.com/	1970-01-21 02:11:02	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-21 02:11:02	Name: IDE Value: AHWqTUlzqAnmn5VdlQ6NBitdHFnhVDkV5pN49V8URHZC0nTm2Oe0OYNKW4BWqpj9
.casalemedia.com/	1970-01-21 01:20:38	Name: CMID Value: ZWfPjNO2ZZo.ErrW8VsJLgAA
.casalemedia.com/	1970-01-20 18:44:38	Name: CMPS Value: 091
.casalemedia.com/	1970-01-20 18:44:38	Name: CMPRO Value: 091
.adnxs.com/	1970-01-20 18:44:38	Name: uuid2 Value: 4511551991250421269
.openx.net/	1970-01-21 01:20:38	Name: i Value: c6079e2e-bd23-0e50-3b29-fc56e8ec85a4\|1701302156
.doubleclick.net/	1970-01-20 20:54:14	Name: APC Value: AfxxVi58jiShMFGdgDu3z6dAHA01HY37JX7ttMnmTlgaav9LUAPMOA
.go.sonobi.com/	1970-01-20 16:35:09	Name: __uqc Value: 1
.go.sonobi.com/	1970-01-20 17:18:14	Name: __uis Value: 274961a8-104a-419b-8634-81c53fd8d4d7
.go.sonobi.com/	1970-01-20 16:35:05	Name: __uin_i5 Value: 1
.go.sonobi.com/	1970-01-20 16:35:03	Name: __uir_i5 Value: 28767356
.go.sonobi.com/	1970-01-20 16:36:28	Name: __uin_z1 Value: 1
.go.sonobi.com/	1970-01-20 16:35:36	Name: __uir_z1 Value: 28767356
.go.sonobi.com/	1970-01-20 16:36:28	Name: __uin_a9 Value: 1
.go.sonobi.com/	1970-01-20 16:35:36	Name: __uir_a9 Value: 28767356
.go.sonobi.com/	1970-01-20 16:36:28	Name: __uin_ex Value: 1
.go.sonobi.com/	1970-01-20 16:35:36	Name: __uir_ex Value: 28767356
.go.sonobi.com/	1970-01-20 16:35:45	Name: __uin_iq Value: 1
.go.sonobi.com/	1970-01-20 16:35:19	Name: __uir_iq Value: 28767356
.go.sonobi.com/	1970-01-20 16:35:05	Name: __uin_tp Value: 1
.go.sonobi.com/	1970-01-20 16:35:03	Name: __uir_tp Value: 28767356
.3lift.com/	1970-01-20 18:44:38	Name: tluid Value: 3517284719088716306008
.mediago.io/	1970-01-21 01:20:38	Name: __mguid_ Value: 1b7de7e8b989fdbf25u6ic00lpkfdlj1
.sharethrough.com/	1970-01-20 17:18:14	Name: stx_user_id Value: e0a6fcde-9ff1-4bfe-82cb-658842689081
.simpli.fi/	1970-01-21 01:22:04	Name: suid Value: 7FCB205F58A246F382079BC68FDD55DF
.openx.net/	1970-01-20 16:56:38	Name: pd Value: v2\|1701302156\|vMgavPkWgy
.media.net/	1970-01-21 01:20:38	Name: visitor-id Value: 3443037560898621000V10
.bidr.io/	1970-01-21 02:03:32	Name: bito Value: AABB107Kz58AABOVKFHtnA
.bidr.io/	1970-01-21 02:03:32	Name: bitoIsSecure Value: ok
.lijit.com/	1970-01-21 01:20:38	Name: ljtrtbexp Value: eJyrVrIwULIyNDcwMjU0NDc101EysUTlW5ii8g0NjFAFLE2Q%2BbUApoEQcA%3D%3D
.lijit.com/	1970-01-21 01:20:38	Name: _ljtrtb_85 Value: AABB107Kz58AABOVKFHtnA
.adsrvr.org/	1970-01-21 01:22:04	Name: TDID Value: ca5fafd3-8428-480e-9171-2acf619595cd
.rfihub.com/	1970-01-21 01:56:38	Name: eud Value: H4sIAAAAAAAA_1slymtobmBobGBkaGpuaGICAEbPcV8QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzIxMzU3MjczMTGxFOIz1DV1tLAwjfBxd68sDQAAmhJcpiQAAAA
.rfihub.com/	1970-01-21 01:56:38	Name: rud Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzIxMzU3MjczMTGxFOIz1DV1tLAwjfBxd68sDQAAmhJcpiQAAAA
.contextweb.com/	1970-01-21 01:13:26	Name: V Value: 8CcfhtpftGWC
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a6d9bc4a4cad387d
.bidswitch.net/	1970-01-21 01:20:38	Name: tuuid Value: 9252dda3-0954-4d4d-bb67-0116f3763d89
.bidswitch.net/	1970-01-21 01:20:38	Name: c Value: 1701302157
.bidswitch.net/	1970-01-21 01:20:38	Name: tuuid_lu Value: 1701302157
.pubmatic.com/	1970-01-21 01:20:38	Name: KADUSERCOOKIE Value: 9DB21E03-9E94-4F68-9882-0144D5EF8BF9
sync.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
sync.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id-v2 Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id-v2 Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
.blismedia.com/	1970-01-21 01:20:42	Name: b Value: 6567CF8D60711B12492E5606BLIS
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_zt Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_zt Value: 997336246572764449
sync.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id-v3 Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCCNn5-rBjABOgRyABfNQgRqQeHI.wy%2F3ecuuF%2F2TdtB%2F%2FY2dyKiKoG71wwoXVviencuRS8o
.srv.stackadapt.com/	1970-01-21 01:20:38	Name: sa-user-id-v3 Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCCNn5-rBjABOgRyABfNQgRqQeHI.wy%2F3ecuuF%2F2TdtB%2F%2FY2dyKiKoG71wwoXVviencuRS8o
pixel.rubiconproject.com/	1970-01-20 18:44:38	Name: receive-cookie-deprecation Value: 1
.krushmedia.com/	1970-01-20 17:18:14	Name: krm_usr Value: 449eb81c-1c7c-4504-85fd-23131ddd1592
.krushmedia.com/	1970-01-20 17:18:14	Name: krm_r Value: 572
.lijit.com/	1970-01-21 01:20:38	Name: _ljtrtb_49 Value: 5SrfJo5xkd6M
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_td Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_td Value: ca5fafd3-8428-480e-9171-2acf619595cd
.openx.net/	1970-01-20 16:56:38	Name: univ_id Value: 537072971\|ca5fafd3-8428-480e-9171-2acf619595cd\|1701302157310723
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_st Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_st Value: ERMWsRJhXKxxAxmZYZY3DEYZ_7o
pixel-us-east.rubiconproject.com/	1970-01-20 18:44:38	Name: receive-cookie-deprecation Value: 1
.creativecdn.com/	1970-01-21 01:20:38	Name: u Value: gfhkvY3jBNsA010bNZqf
.creativecdn.com/	1970-01-21 01:20:38	Name: g Value: gfhkvY3jBNsA010bNZqf_1701302157414
.creativecdn.com/	1970-01-21 01:20:38	Name: ts Value: 1701302157
.go.sonobi.com/	1970-01-20 16:35:16	Name: __uir_pp Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_pp Value: 8CcfhtpftGWC
.lijit.com/	1970-01-21 01:20:38	Name: _ljtrtb_80 Value: LPKFDK81-I-DNR
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_eb Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_eb Value: CAESEERI_DNyVzIbVM9Rewh4_9g\|\|1
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_an Value: 123554853241156732
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_an Value: 4511551991250421269
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_bw Value: 123554857536124029
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_bw Value: 9252dda3-0954-4d4d-bb67-0116f3763d89
.tapad.com/	1970-01-20 18:01:26	Name: TapAd_TS Value: 1701302157636
.tapad.com/	1970-01-20 18:01:26	Name: TapAd_DID Value: 190f0788-7373-4d78-b3a4-58866c604c40
.id5-sync.com/	1970-01-20 18:44:38	Name: id5 Value: 81d466bd-dd2b-7b66-a776-f4c6559f4c86#1701302157442#2
.intentiq.com/	1970-01-21 02:11:02	Name: intentIQCDate Value: 1701302157770
.intentiq.com/	1970-01-21 02:11:02	Name: IQver Value: 1.9
.go.sonobi.com/	1970-01-20 17:21:50	Name: __uir_rh Value: 123554857536124029
.go.sonobi.com/	1970-01-21 01:20:38	Name: __uin_rh Value: Q5WRN7WprJ699KewQqsm2gIvK0gC7SYJWIPqmRZlRGk
.yahoo.com/	1970-01-21 01:20:59	Name: A3 Value: d=AQABBI3PZ2UCELVm64wiuQS8ilBSMF22VMAFEgEBAQEhaWVxZSXcxyMA_eMAAA&S=AQAAAhKf14ccolSZ4V33mqDrKQc
.turn.com/	1970-01-20 20:54:14	Name: uid Value: 7064452645915482657
.pubmatic.com/	1970-01-20 18:44:38	Name: KRTBCOOKIE_377 Value: 6810-ca5fafd3-8428-480e-9171-2acf619595cd&KRTB&22918-ca5fafd3-8428-480e-9171-2acf619595cd&KRTB&22926-ca5fafd3-8428-480e-9171-2acf619595cd&KRTB&23031-ca5fafd3-8428-480e-9171-2acf619595cd
.pubmatic.com/	1970-01-20 17:18:14	Name: KRTBCOOKIE_148 Value: 19421-uid:7FCB205F58A246F382079BC68FDD55DF&KRTB&23486-uid:7FCB205F58A246F382079BC68FDD55DF&KRTB&23489-uid:7FCB205F58A246F382079BC68FDD55DF&KRTB&23539-uid:7FCB205F58A246F382079BC68FDD55DF
.pubmatic.com/	1970-01-20 18:44:38	Name: KRTBCOOKIE_80 Value: 22987-CAESEHw2hWoXjp95lFABbIeHXuU&KRTB&23025-CAESEHw2hWoXjp95lFABbIeHXuU&KRTB&23386-CAESEHw2hWoXjp95lFABbIeHXuU
.tapad.com/	1970-01-20 18:01:26	Name: TapAd_3WAY_SYNCS Value: 1!8015
.demdex.net/	1970-01-20 20:54:14	Name: demdex Value: 13692772368036180764480520627758671137
tl.net/	1970-01-20 18:01:26	Name: na-unifiedid Value: %7B%22TDID%22%3A%22ca5fafd3-8428-480e-9171-2acf619595cd%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-29T23%3A55%3A58%22%7D
tl.net/	1970-01-20 18:01:26	Name: na-unifiedid_cst Value: TyylLI8srA%3D%3D
.dpm.demdex.net/	1970-01-20 20:54:14	Name: dpm Value: 13692772368036180764480520627758671137
.targeting.unrulymedia.com/	1970-01-21 01:20:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eb13a045-38d9-4efb-844d-50508ba13c38-005%22%7D
.semasio.net/	1970-01-21 01:20:38	Name: SEUNCY Value: 3D6EDEE8B43D2E62
.analytics.yahoo.com/	1970-01-21 01:20:38	Name: IDSYNC Value: "18z8~2fbz:18vk~2fbz:19e0~2fbz"
.lijit.com/	1970-01-21 01:20:38	Name: ljtrtb Value: eJyrVjKxVLJSMg0uSvPKN63ITjHzVdJRsjAAivkEeLu5eFsY6nrquvgFgURNgaKOjk5Ohgbm3lWmFkCmf5i3m0dJnqNSLQCvVhLS
.linkedin.com/	1970-01-21 01:20:38	Name: bcookie Value: "v=2&dca70a38-f897-4b13-8e3d-1f9ae3069c47"
.linkedin.com/	1970-01-20 16:36:28	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3103:u=1:x=1:i=1701302158:t=1701388558:v=2:sig=AQHEl5M8y2EBwYrCWc4g5DEah-UGpItb"
.ipredictive.com/	1970-01-21 01:20:38	Name: cu Value: 86bcfe0e-4318-489a-8dec-eee5ccfd0d91\|1701302159147
.rubiconproject.com/	1970-01-21 01:20:38	Name: audit Value: 1\|mFVHqHkj5bFfo2SQNcCA0Dp6X1XS67N80UiJJiqwnvdXHG/VEqyhzRffxX9ApbuTEUSCmaTezG/gcRgjl6Eitb9n2gyWMtfqPNQ3vZcaU8BKIdXIYfRTQw==
.hb.yahoo.net/	1970-01-20 20:54:14	Name: visitor-id Value: 3443037590898653000V10
.hb.yahoo.net/	1970-01-21 01:20:38	Name: data-mag Value: LPKFDK81-I-DNR~~63
.pubmatic.com/	1970-01-20 17:18:14	Name: SPugT Value: 1701288204
.gumgum.com/	1970-01-21 01:20:38	Name: vst Value: u_fb7b974d-37b2-44ca-bd1f-7d95b89bfc9b
.primis.tech/	1970-01-20 17:11:02	Name: csuuid Value: 6567cf8f54c89
.intentiq.com/	1970-01-21 02:11:02	Name: intentIQ Value: hI559494et
.intentiq.com/	1970-01-20 17:18:14	Name: IQMID Value: 1176108986#1701302160576
.intentiq.com/	1970-01-21 02:11:02	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 02:11:02	Name: CSDT Value: UEQ6MTUxMDZfMCZUeDJ3VThl
.intentiq.com/	1970-01-21 02:11:02	Name: IQPData Value: 1176108986#1701302160566#0#1701302160566
.ads.pubmatic.com/	1970-01-20 16:36:28	Name: KCCH Value: YES
.linkedin.com/	1970-01-20 18:44:38	Name: li_sugr Value: ac698ffc-5559-4527-9cde-ab44fafbb332
.everesttech.net/	1970-01-21 01:20:38	Name: everest_g_v2 Value: g_surferid~ZWfPkAACn76OgQAa
.adnxs.com/	1970-01-20 18:44:38	Name: anj Value: dTM7k!M40cvig%ghqdmU(3#oc7#Y]#?nG#N:uKgRe4r:[f-zyRnu7%!B[1V#]^-(q.6pfDHVaeMgGIO84u!$tF6?mTD._Pl[h>nH>BVn<]B:s=2rG`T98j=4=m))SyL<8jIk2o))4L'-M5rT.q5rgIK^Z<!r4L%uG3]+.Y!+_g:>w-/6>md9n
.adnxs.com/	1970-01-20 18:44:38	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQS0ZESzgxLUktRE5SIiwiZXhwaXJlcyI6IjIwMjQtMDItMjdUMjM6NTU6NThaIn0sInRyaXBsZWxpZnRfbmF0aXZlIjp7InVpZCI6IjM1MTcyODQ3MTkwODg3MTYzMDYwMDgiLCJleHBpcmVzIjoiMjAyNC0wMi0yN1QyMzo1NjowMFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0yOVQyMzo1NTo1OFoifQ==
.pubmatic.com/	1970-01-20 18:44:38	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 16:36:28	Name: pi Value: 156737:3
.pubmatic.com/	1970-01-20 18:44:38	Name: DPSync3 Value: 1701302400%3A248%7C1702425600%3A260_259_263_201_262_261%7C1701820800%3A265
.pubmatic.com/	1970-01-20 18:44:38	Name: SyncRTB3 Value: 1701820800%3A223_15_2%7C1702080000%3A63%7C1702425600%3A220_54_250_104_178_8_21_13_71_231_48_3_166_22
.id5-sync.com/	1970-01-20 18:44:38	Name: 3pi Value: 112#1701302158905#297228998#3D6EDEE8B43D2E62\|434#1701302157785#-1662081812\|2#1701302158085#2012059726#4511551991250421269\|264#1701302160220#330355342#ca5fafd3-8428-480e-9171-2acf619595cd\|136#1701302160948#-1729052245\|441#1701302159568#-1868962912#u_fb7b974d-37b2-44ca-bd1f-7d95b89bfc9b\|108#1701302159876#1980938733\|429#1701302159256#-1181120810#9DB21E03-9E94-4F68-9882-0144D5EF8BF9
.pubmatic.com/	1970-01-20 17:18:14	Name: KRTBCOOKIE_279 Value: 22890-86bcfe0e-4318-489a-8dec-eee5ccfd0d91&KRTB&23011-86bcfe0e-4318-489a-8dec-eee5ccfd0d91&KRTB&23355-86bcfe0e-4318-489a-8dec-eee5ccfd0d91
.pubmatic.com/	1970-01-20 17:18:14	Name: KRTBCOOKIE_22 Value: 14911-7064452645915482657&KRTB&23150-7064452645915482657&KRTB&23527-7064452645915482657
.criteo.com/	1970-01-21 01:56:38	Name: uid Value: 0a460c31-b378-46a6-8bb8-bd768c9c0acd
.smadex.com/	1970-01-21 01:13:26	Name: smxtrack Value: f7d390b0-012b-410c-9606-1d45242113c6
.smadex.com/	1970-01-20 16:49:26	Name: smxbds Value: 1
.dotomi.com/	1970-01-20 16:35:02	Name: DotomiTest Value: 16fa8ef5815b0fe5
.pubmatic.com/	1970-01-20 18:44:38	Name: KRTBCOOKIE_32 Value: 11175-AAAFpaAPuiMGcAMBHSD7AAAAAAA&KRTB&22713-AAAFpaAPuiMGcAMBHSD7AAAAAAA&KRTB&22715-AAAFpaAPuiMGcAMBHSD7AAAAAAA&KRTB&23519-AAAFpaAPuiMGcAMBHSD7AAAAAAA
.media.net/	1970-01-21 01:19:11	Name: data-rk Value: 997336246572764449~~8
.contextweb.com/	1970-01-21 01:20:38	Name: pb_rtb_ev Value: 3-1o9u\|4is.0.CAESEC7SWZxjw8n7n1n-FcV8YkE\|7LJ.0.274961a8-104a-419b-8634-81c53fd8d4d7\|7dN.0.AABB107Kz58AABOVKFHtnA
.adsrvr.org/	1970-01-21 01:22:04	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIlNTQtZjQuDwQBRIXCghwdWJtYXRpYxILCIDSobeY0Lg8EAUSFAoFdGFwYWQSCwji_L-8mNC4PBAFEhYKB3J1Ymljb24SCwj2nea9mNC4PBAFEhYKB3N2eDl0NTASCwigp53WmNC4PBAFGAEgASgCMgsI3uXKiK_QuDwQBTgBWgthZGNvbmR1Y3RvcmAC
.mxptint.net/	1970-01-21 02:11:02	Name: mxpim Value: R35CAB_10CEE6104_9F132496.1.00000000000000006567CF91
.pubmatic.com/	1970-01-20 18:44:38	Name: KRTBCOOKIE_57 Value: 22776-4511551991250421269&KRTB&23339-4511551991250421269
.media.net/	1970-01-20 17:18:14	Name: data-c Value: 0a460c31-b378-46a6-8bb8-bd768c9c0acd~~1
.media.net/	1970-01-20 17:18:14	Name: data-c-ts Value: 1701302161
.adentifi.com/	1970-01-21 02:11:02	Name: adtheorent[cuid] Value: cuid_d93f1f44-8f12-11ee-9bfa-12fa6b58ae11
.deepintent.com/	1970-01-21 02:11:02	Name: CDIUSER Value: di_ee28be28a8074e02aa7cd
.deepintent.com/	1970-01-21 02:11:02	Name: CDIPARTNERS Value: %7B%221%22%3A%2220231129%22%7D
.bfmio.com/	1970-01-21 01:20:38	Name: __187_cid Value: 9DB21E03-9E94-4F68-9882-0144D5EF8BF9
.bfmio.com/	1970-01-21 01:20:38	Name: __io_cid Value: f67281b0fc4c129623edf9b5f46471d62821c833
.kargo.com/	1970-01-21 01:20:38	Name: ktcid Value: 8e11f042-cc6e-086b-5768-a042f370fa6e
.1rx.io/	1970-01-21 01:20:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eb13a045-38d9-4efb-844d-50508ba13c38-005%22%7D
.media.net/	1970-01-21 01:19:11	Name: data-o Value: dd87c8e8-bfa4-0b47-02b0-4ad03e242485~~8
.pubmatic.com/	1970-01-20 17:18:14	Name: KRTBCOOKIE_52 Value: 22772-R35CAB_10CEE6104_9F132496&KRTB&23092-R35CAB_10CEE6104_9F132496
.pubmatic.com/	1970-01-20 17:18:14	Name: PugT Value: 1701302159
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85133\|ZWfPl
.thrtle.com/	1970-01-20 21:23:02	Name: mc Value: eyJpZCI6ImRkZTlmOTMzLTU3YjgtNGM0YS1hZGNkLWE4ODhhZjRiZDg3MyIsImwiOjE3MDEzMDIxNjEzODMsInQiOjF9
.media.net/	1970-01-21 01:19:11	Name: data-co Value: AAAFpaAPuiMGeQM5x12xAAAAAAA~~8
.zemanta.com/	1970-01-21 01:20:38	Name: zuid Value: jLdf3OJA2ZPMC5zX22hf
.server.cpmstar.com/	1970-01-21 01:56:38	Name: USER_ID Value: %a48%d9%ee%d3%01%df%1eM%d0d6%8d%23%0b
.mfadsrvr.com/	1970-01-21 02:11:02	Name: c Value: 1701302161
.mfadsrvr.com/	1970-01-21 02:11:02	Name: tuuid_lu Value: 1701302161
.mfadsrvr.com/	1970-01-21 02:11:02	Name: tuuid Value: 0ff3a976-0b74-433a-b61f-fb3238086833

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tl.net/ Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	warning	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
network	error	URL: https://ad.atdmt.com/i/img;adv=11147208041415;ec=11147225831950;adv.a=6975797;c.a=30901040;s.a=8680852;p.a=379817261;a.a=570712928;cache=3382769018; Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%209DB21E03-9E94-4F68-9882-0144D5EF8BF9&rnd=RND Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA] Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=274961a8-104a-419b-8634-81c53fd8d4d7 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
security	error	URL: https://s.nitropay.com/ads-464.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'disown-opener'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9OSZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; disown-opener
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6811282.fls.doubleclick.net
a.nitropay.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
aba11891546d919f2cb224c4b04fac89.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
amazon-tam-match.dotomi.com
analytics.google.com
ap.lijit.com
api.btloader.com
api.intentiq.com
b1sync.zemanta.com
beacon-iad2.rubiconproject.com
bh.contextweb.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c21lg-d.media.net
cdn.doubleverify.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs.krushmedia.com
cs.media.net
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.youtube.com
js-sec.indexww.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.nitropay.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
thrtle.com
tl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tr.blismedia.com
trace.mediago.io
tracker.nitropay.com
tracker3.nitropay.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.google-analytics.com
www.google.com
www.google.com.ng
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.atdmt.com
cm.g.doubleclick.net
fastlane.rubiconproject.com
104.18.36.155
104.18.38.76
104.36.113.107
104.36.115.111
108.138.64.70
130.211.23.194
131.153.148.4
142.251.111.155
142.251.167.149
151.101.2.49
151.101.65.108
172.253.122.156
172.253.63.149
18.160.10.17
18.160.10.22
18.160.53.102
18.207.17.231
18.67.64.51
185.184.8.90
198.148.27.131
199.127.204.142
199.38.167.130
2001:4860:4802:34::181
23.105.12.137
23.197.184.187
23.215.40.23
23.222.192.28
23.222.193.103
23.32.172.185
23.40.207.82
2600:1408:c400:29::17da:da4e
2600:1f18:4e9:5a07:bfd6:4cc:92f1:9e85
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1
2600:9000:201e:ba00:1a:5235:f980:93a1
2600:9000:2073:1200:1b:6b7d:2300:93a1
2602:803:c002:200::62
2602:803:c002:200::64
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:4ad8
2606:4700:20::ac43:4513
2606:4700:3035::ac43:c19c
2606:4700::6812:24e
2606:4700::6812:34e
2606:ae80:1451:17::1370
2607:5300:60:cd52:2d72:9352:b1ea:2427
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c06::95
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::6a
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::65
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9d
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:1ec:21::14
3.215.193.114
3.226.40.87
3.81.188.147
3.91.115.71
34.111.113.62
34.117.228.201
34.120.63.153
34.150.170.96
34.200.65.202
34.235.18.139
34.96.105.8
35.169.162.91
35.207.24.140
35.208.249.213
35.211.178.172
35.244.159.8
35.71.131.137
35.71.139.29
38.68.201.140
38.91.45.7
40.76.134.238
44.207.61.10
52.3.113.141
52.45.125.152
52.46.143.56
52.73.176.86
52.85.132.68
52.87.28.41
54.204.12.231
63.251.86.50
64.74.236.255
67.220.226.232
68.67.179.155
69.166.1.34
69.173.151.100
74.119.119.150
8.2.110.134
8.28.7.81
8.28.7.84
8.43.72.97
00461b68887916e909c94bc425b96691a4c915e9d83e6fe4edd428c1d1fea003
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0791e81850916e1e4bb2e3f8b50bf18794fea62b2a1228efcc65447ab4172dcc
08668f41b5aaa75dad6e1dfcfb62b7e8b39b821a598606a328fda371f401273e
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b596532dda5366bd2dea4d50e4d979b4c404dfefbc6015278d313fc775705dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb9b43c3099667a70e044b24506655279c33819d89dd94d225682b9a3aebcc8
0ccdb07f41de1be5bff43cd8769631081ffd10afedb7aaa73516e0883c4d9ead
0dd3d936baff623e34a778df1078caf8c47a591359cffb7dac07a2ff74832578
1175a98fff0559b56791ee231f9bc4fc293cba9f187ec906e0ed11afae2830bc
121e70847dcbb91b0eccfc83d6cb5107ac3607a187c1195cb0e046b04a868985
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
167da377f0faa645239b5fe0666a93eb29b545de5be31ef83cabb631dadfb9bc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19c0a69dec77a552b2a5e14f8b292e486a0eb54a2b224756723bbc8478c7e7b5
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cfadb433c64ae6914ed5f4a1a102ae5a0f2170e51952b1069043b848620aad3
1fc6e67bd332f8135644503ffc397b99fe76578f0507ce4fef9a03ec0150a5f1
21ea3aef6e4552ea99ff95029cfa438b1eb76206988e6c199891f842d2505c40
2267bafa4a334218b597be80d6a66708ef0865d32e467f26173ec8babb14d128
22f686aba5bece18fcf3251dd51ff4d05117dc66af94c8a7fdcf09bfe0a4832c
245d5917ae2c372febc0f6162a6b3403db713e037e9805ec439e046596fc4cad
249f9c50881a54f14bd4b8f5578fdf9dccd28b25cbf792aeb450fdbb17f02110
254f74b5486dc7c03d239e5884450d11b2f30ba61f3ec6c1dd93822eed9c4c76
282a9c922832166e02febc289543e1e40fd951c067ffa725bcfe2179d9a075ae
2b9119b55c043871eb70fddb46104025663dcb23448fcbe6d385c74125307850
2bdd710a308f5b81dc83283d8b2b34b33d0ea87ab10985427151c23dd1d367ed
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
2dc02f249ac1c861f44a6ef05b112b74c0e9d67a4bd729bd6eea4e512f1cb616
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
35c5e5db4efb85fac319034712eb0857b8bfe8c4d46c1e71f03332e8ece96878
3678a2c7f4a05fed5888c3c84fa1c45a06197e60c988f1729e5f0a1f70192070
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b6f746aaa32766e038e0dd588e5dd54a09bcba072f2618731bfc7e518d7095f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee15a36957af60bbf010cd17a07c00ab3864ac84132c9b56e540a8b3f723e32
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
427aee860d0df2442e43bb88f4a0368aeb028c976868cc2dd69e024720d61b82
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
499dd7e5544beb4dbb6e0cad4bc4dd352785f603b7a14c6d7c17f1426c3c84d9
4aa089f79a3c9d33cc1d6606455ead445e2f85021e9479c91fcae484e09e82da
4b01334c2806f3300ce1d798a9fd1dde9a3b58c968222732c3f8ca2bc2405e08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bae400e26640be1bed27f65cd093048f20f9ad47d59111640cb0db380b59f9a
4dd0e9b747c1763daed397b5bb8dd468b216469f9e6b768427e2c9eb6eef3a1c
4dea7b5427abc06ef146133e53558233f952274174c0be95c029515a250b522a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511012062bf0002b5e7b071b06f759d5426c24bcf2477077cbb0be12e4f9311c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d22cefb27bec31512dedfe700e44c09101cabf23b2d9450f2c351caa939745c
5f4754f81d9b0ef260659caa22b216a33b35962fcc9c02ecbdf96b901d4c6abb
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
615d029cb5ee73a9ba4d587bc36e7114bf0a3a579ae9cd4ee112df9a8e6fedec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bea8b3623201b25cdc7b52c681f94ff8dd70012ca262a68e16b098a2c8b390
662356c2574b3173b3a68baf2c73f1b6da663ce0510eddce08c05a5f23a7ee21
66adb5e1d728998106082a48fea51edac5747c838120649e9f86aded738403d5
68d2c6b4f48ae2cfd8c59f877d4cb6c389a068c8fb26aabd073e4e5bcf67f891
6a9fd5d000be61813ee3b5fe4d2bb61bf71cc3f133daf666a8983013ec8615d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5fe7056421b113fb1a1423089fc0a8c8a7cc457d3f837ecd8b754c1f66da0a
6d8be152678952e3776e2c71ab6c9a5f3d45c2fb1c562f24fba8f1c8cfefe431
6e843d604cde071a013684c2c224d746a32a3f84e62cf9e6a3ddd682878641da
6f50461ebf463c7d78b533e729bb9534ed2e3a57d0abff4f9c62e93f01c45375
7224e96c182515c908f27567850de02eaecbf09b6eadaacdf46d0a68cb3202e8
7375d3d67e020606de6a3cace59cd87446076dc061d7bc950f0e0c3acd88859f
742461e7952f1bd94bd0f30ea0567ce12561d1c1d123344b6bb78c8456049f65
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aae2a136b2bc864e5262a8d1e14126bdc86baaa4719532deb68b3530832ab2b
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7feadfa8229b413934c893aa2519e750c73bb6ebb2c38e541b347f43541fb7b3
816a705e929c79cdbbc1edffa5b20d6653e43ec44572281722bea394385a8650
82ab158e2cd1de7ee858722027eb1d991d375ca629bd161887f6c2da5908dbc4
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832bcd7a931277cd747ff81560910911cb8c126aff6983ae6eaba95fe4218460
83a9a3bac46709b85eda526d6573d862c60bf17140245c3c62c56da7f1ce9a04
85c61dfa6495981356b2ddc786e4b0340a12977229d858163a71b59ac4cdc1b2
88ff1aa43b0f49923f463ed35aea507a37811f6cbe2fa9a915433a31266bf092
8a1880d558363753b030615758091940f48fce6913ae5a461ffe434038aa3c8d
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c545727d243002a6bb279245ce94f3d6201efbf2002e8524d8e79905e591193
8d35e018e2950438559f851e5ed342281e5bd1006dda1c596589a87facdb56f9
8dbd9c940a73dd5fc22eb5cf5c7d0eec33a7c016b11ad003ead4d3ec045e8c4b
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
972d116efdf996964d7d33758de8fa280e44d2000534dc6f08b6095726b4d661
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b468ff264acd6622af969a48b00c98dae7ac3c13122da4f62998426a3e24fad
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e2bbdbb6acbe39e377311df95dc713e55543bbceca26395580bdf84c9ad8655
9e8f884ae0a18e15d481747267a00f129e039c5d4a22ddc10c11d7903837ec7a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a026f7b228ec9a46b30b3f1cce01ebde3b78ba54c1888140c82f220524b04056
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c5b452610059b726054a8c5dd8d1fae7b7b8a5daf772b3d5fa51fd43a2d393
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a60d10c5d0e591e1a7b2904961c4b5964c091dee1726ffc5461b933649aefe28
a6af78b35b780897ec5922afb7046e78240bb4846b7ab6c46158dabc18f691d3
a7a0c211abaaf34994a5b18cfbc2dac388c4a46203ecb6116d0573fd7bb11d6e
a9350c374aa8e8cfafec76205d60af8f942dd89ec498057f58bb2a49ca7d7c2b
a950fa6b8ffcc5d2700e1cd4d6ac6eeb110e8a99994a84a4856368b4c01f8ce5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adc82bae921ecc688a4a6155c1b137da750aa9df886ff9641567e3c83198a9e2
ae356f2a506795c0322f9efd2ce843526a6434b5f2ef7a7a0faa609854f38258
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2746d66fec71f5b883277f2a7506afaf96bd2297c8318f13ba9a6a1ced9ff95
b436e9bfb03f24daa9427fd3fd880bd9aa095228207f79f56e1a1fec654a014a
b49ecc351539042180edab9d542900dfe0fe89a2d2571d9d52c1afc3647e270d
b56d4dceef1ecefc445190a62651f00d9594963cfcdcc1003859ea6b46027941
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6a9e215cfc7fd6b81194ca46bee681d44db106d00032d9c72416070154f670a
c73af91ada8bd7d61ad26cbd92bdce5ddc1b29dbd03c023beef672b97fd90165
c75192aab40ca4dc5814da81ec39d9099780c2379f005a1664e92ebe77546850
c76862d2362867d6e90bd0fdad57f46e500921be1fb1afba7c1cff67cb4b5e3d
c7bae86a1b07080f258052537a4e993d21e3343d587e6f6978306e8626faaa3d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb704b6b0f25e751a0ba6c31fc8e974c0909bc4d991e6c9dc69c7ad72bb4f512
cc402f410d5e2672b9a6eee90a8edb3f68da210e4fbb2545659b831561a309b7
cc62bb43a3f19e7afce8a10c6fdc58e1b9ccf7624a49f27fb52ded2dfcfea947
ccc923572207aff98fa5d9bef573a3b269bed07ce43411e4cdb326278c8198fe
cdbbff477b8a1d572a6f81ec1179fbaecede6fd88eadee8e34a09a4203fc36f8
ce0bb33deca4a006e6abf069c3ba93cc5bb356e4fd638d3137bd7ec11c66e062
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d125d94ed572e8e31628ebe8ebf7d93cbac3c395f8cd0e5223e78fcfdd290a16
d2b05dd965d18c3886aa6ba27ad83d450f3cf9a1a0ed5c5d017916fd0998ebeb
d328592255999f317efbe713ec2a66fb6d7499c292fd420124db81071b9c0595
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea9657fd248d6b1ba78402b8c43aaca3ae269092f70e87bb64764b00671d69d
e3397e5770232f1ea4cb2276fd0ab6acb7be067edeb5cbe3e821cf2693c5fca2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9596bccf2b48d42377b8e3ca52098f7d2808c07bfbd86b9a248ba3bc4a57fa9
e9e73e744bfa4eca8115a334ac64145eda1059f9922d2e7d75e0baaaf22d8347
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3f38fbc4379406a164b12ef71390cd60266256f54c063a33fb160e1c447288
f1efcfda1bbcb462f62360619059a265b2226ae6e0e3f41af38c6a2e44636c23
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fb39dd36be15929985264cf69708af2dea49648bb6f8a700847323f00ff6f166
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

tl.net Open in urlscan Pro 2607:5300:60:cd52:2d72:9352:b1ea:2427 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

345 Requests

76 %HTTPS

32 %IPv6

70 Domains

118 Subdomains

77 IPs

6 Countries

2494 kBTransfer

6448 kBSize

165 Cookies

60 Outgoing links

Page URL History

Redirected requests

345 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tl.net Open in urlscan Pro
2607:5300:60:cd52:2d72:9352:b1ea:2427 Public Scan

Screenshot
Live screenshot

Full Image

345
Requests

76 %
HTTPS

32 %
IPv6

70
Domains

118
Subdomains

77
IPs

6
Countries

2494 kB
Transfer

6448 kB
Size

165
Cookies

345 HTTP transactions
2 data transactions