20-220-161-190.cprapid.com Open in urlscan Pro
20.220.161.190 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://20-220-161-190.cprapid.com/local431/in.html
Submission Tags: falconsandbox
Submission: On February 13 via api (February 13th 2023, 12:31:04 pm UTC) from US — Scanned from CA

Summary HTTP 123 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 46 domains to perform 123 HTTP transactions. The main IP is 20.220.161.190, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 20-220-161-190.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 5th 2023. Valid for: 3 months.

This is the only time 20-220-161-190.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
16	20.220.161.190 20.220.161.190	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:4b::24 2620:1ec:4b::24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.177.241.160 52.177.241.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.164.124.79 18.164.124.79	16509 (AMAZON-02) (AMAZON-02)
5	18.217.164.44 18.217.164.44	16509 (AMAZON-02) (AMAZON-02)
2	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.128.124 108.138.128.124	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
6 7	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 11	35.169.226.14 35.169.226.14	14618 (AMAZON-AES) (AMAZON-AES)
9 9	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
4 9	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.225.223.110 13.225.223.110	16509 (AMAZON-02) (AMAZON-02)
8	23.3.116.47 23.3.116.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	108.139.29.7 108.139.29.7	16509 (AMAZON-02) (AMAZON-02)
2	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
5	13.58.67.229 13.58.67.229	16509 (AMAZON-02) (AMAZON-02)
6 12	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 3	23.92.190.68 23.92.190.68	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	23.3.112.166 23.3.112.166	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	44.205.52.119 44.205.52.119	14618 (AMAZON-AES) (AMAZON-AES)
5 6	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	107.178.246.49 107.178.246.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.243.199.220 54.243.199.220	14618 (AMAZON-AES) (AMAZON-AES)
2	34.199.82.71 34.199.82.71	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1	108.139.29.127 108.139.29.127	16509 (AMAZON-02) (AMAZON-02)
2 3	52.87.130.203 52.87.130.203	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550a:603b:acd7:290f:c7dd	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.251.114.136 63.251.114.136	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 5	34.205.158.255 34.205.158.255	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1	15.235.42.104 15.235.42.104	16276 (OVH) (OVH)
2 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	3.224.184.225 3.224.184.225	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.16.111.154 104.16.111.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.215.132.94 18.215.132.94	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	207.198.113.203 207.198.113.203	13768 (COGECO-PEER1) (COGECO-PEER1)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	13.225.214.50 13.225.214.50	16509 (AMAZON-02) (AMAZON-02)
123	44

16 20.220.161.190 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

20-220-161-190.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4b::24 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.241.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ups.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.164.124.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-79.jfk50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.217.164.44 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-164-44.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb26 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.94.170.64 (France) 8 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.0.156.250 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.169.226.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-226-14.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.71.131.137 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:db6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.16.157 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 173.223.57.84 (Secaucus, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.223.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-110.jfk51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.3.116.47 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-116-47.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-7.jfk50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.58.67.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-67-229.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.230.62.22 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.92.190.68 (Waxhaw, United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.112.166 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-112-166.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.22 (Palos Park, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.205.52.119 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-52-119.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.75 (Brooklyn, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.178.246.49 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.199.220 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-199-220.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.82.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-82-71.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.26 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-127.jfk50.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.87.130.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-130-203.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:603b:acd7:290f:c7dd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.205.158.255 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-158-255.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.104 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.224.184.225 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-184-225.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.111.154 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.132.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-132-94.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.203 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	crwdcntrl.net 3 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1876 sync.crwdcntrl.net — Cisco Umbrella Rank: 1177 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1373	38 KB
18	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 18378 t.sharethis.com — Cisco Umbrella Rank: 8464 sync.sharethis.com — Cisco Umbrella Rank: 4032	33 KB
16	cprapid.com 20-220-161-190.cprapid.com	1 MB
12	eyeota.net 6 redirects ps.eyeota.net — Cisco Umbrella Rank: 1512	7 KB
9	bluekai.com 4 redirects tags.bluekai.com — Cisco Umbrella Rank: 837 stags.bluekai.com — Cisco Umbrella Rank: 808	3 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 426	5 KB
8	adnxs.com 7 redirects secure.adnxs.com — Cisco Umbrella Rank: 673 ib.adnxs.com — Cisco Umbrella Rank: 303	9 KB
8	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 308	2 KB
8	onaudience.com 8 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3221	3 KB
7	tapad.com 6 redirects pixel.tapad.com — Cisco Umbrella Rank: 679	1 KB
7	exelator.com 6 redirects loada.exelator.com — Cisco Umbrella Rank: 32804 loadus.exelator.com — Cisco Umbrella Rank: 1895	6 KB
7	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4778 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5800 data-beacons.s-onetag.com — Cisco Umbrella Rank: 11602	25 KB
6	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9959	9 KB
5	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 848 ce.lijit.com — Cisco Umbrella Rank: 1441 vpod1q.qa.lijit.com Failed	6 KB
5	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14375 ic.tynt.com — Cisco Umbrella Rank: 6879 de.tynt.com — Cisco Umbrella Rank: 2495	17 KB
4	demdex.net 4 redirects dpm.demdex.net — Cisco Umbrella Rank: 274	4 KB
4	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 902 i6.liadm.com — Cisco Umbrella Rank: 2658	2 KB
4	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 14714 cdn-tc.33across.com — Cisco Umbrella Rank: 31909 dp1.33across.com — Cisco Umbrella Rank: 12534	2 KB
4	zeotap.com 2 redirects spl.zeotap.com — Cisco Umbrella Rank: 3918 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	1 KB
3	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 2167 beacon.krxd.net — Cisco Umbrella Rank: 813	836 B
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 12149	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 550	893 B
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 2902	610 B
3	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 16433	1 KB
3	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 11326	341 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 987	639 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 954	966 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1001	551 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 765	857 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1655 ups.analytics.yahoo.com — Cisco Umbrella Rank: 393	1 KB
2	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 11061	913 B
2	amung.us whos.amung.us — Cisco Umbrella Rank: 9984	281 B
2	waust.at waust.at — Cisco Umbrella Rank: 29266	14 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 774	721 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 803	676 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 721	661 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1035	616 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 10869	543 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 3645	549 B
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 3113	350 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1799	438 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1185	605 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 2610
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5328	16 KB
1	inq.com ups.inq.com — Cisco Umbrella Rank: 26582	584 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
123	46

	Domain	Requested by
16	20-220-161-190.cprapid.com	20-220-161-190.cprapid.com
12	ps.eyeota.net	6 redirects 20-220-161-190.cprapid.com data-beacons.s-onetag.com
11	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
9	match.adsrvr.org	9 redirects
8	t.sharethis.com	pd.sharethis.com t.sharethis.com 20-220-161-190.cprapid.com
8	tags.bluekai.com	3 redirects 20-220-161-190.cprapid.com de.tynt.com tags.bkrtx.com bcp.crwdcntrl.net
8	cm.g.doubleclick.net	6 redirects bcp.crwdcntrl.net
8	pixel.onaudience.com	8 redirects
7	pixel.tapad.com	6 redirects 20-220-161-190.cprapid.com
6	secure.adnxs.com	5 redirects 20-220-161-190.cprapid.com
6	t.dtscout.com	waust.at t.dtscout.com
5	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
5	sync.sharethis.com	20-220-161-190.cprapid.com bcp.crwdcntrl.net
5	pd.sharethis.com	t.dtscout.com 20-220-161-190.cprapid.com t.sharethis.com
4	dpm.demdex.net	4 redirects
4	loada.exelator.com	4 redirects
4	tags.crwdcntrl.net	t.dtscout.com cdn-tc.33across.com tags.crwdcntrl.net
4	get.s-onetag.com	t.dtscout.com get.s-onetag.com
3	i.liadm.com	2 redirects 20-220-161-190.cprapid.com
3	map.go.affec.tv	2 redirects 20-220-161-190.cprapid.com
3	ap.lijit.com	1 redirects 20-220-161-190.cprapid.com data-beacons.s-onetag.com
3	idsync.rlcdn.com	2 redirects 20-220-161-190.cprapid.com
3	ml314.com	1 redirects 20-220-161-190.cprapid.com bcp.crwdcntrl.net
3	loadus.exelator.com	2 redirects bcp.crwdcntrl.net
3	a.dtssrv.com	t.dtscout.com
3	media-us1.digital.nuance.com	20-220-161-190.cprapid.com
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	ce.lijit.com	20-220-161-190.cprapid.com
2	px.ads.linkedin.com	1 redirects 20-220-161-190.cprapid.com
2	ib.adnxs.com	2 redirects
2	beacon.krxd.net	20-220-161-190.cprapid.com bcp.crwdcntrl.net
2	dp2.33across.com	2 redirects
2	de.tynt.com	cdn.tynt.com
2	onetag-geo.s-onetag.com	get.s-onetag.com
2	mwzeom.zeotap.com	20-220-161-190.cprapid.com
2	spl.zeotap.com	2 redirects
2	t.dtscdn.com	t.dtscout.com
2	cdn.tynt.com	waust.at
2	whos.amung.us	waust.at
2	waust.at	20-220-161-190.cprapid.com
1	aa.agkn.com	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	d.turn.com	1 redirects
1	stags.bluekai.com	1 redirects
1	um.simpli.fi	1 redirects
1	i6.liadm.com	20-220-161-190.cprapid.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	dp1.33across.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	tags.bkrtx.com	pd.sharethis.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	ic.tynt.com	20-220-161-190.cprapid.com
1	ups.analytics.yahoo.com	1 redirects bcp.crwdcntrl.net
1	cms.analytics.yahoo.com	1 redirects
1	ups.inq.com	20-220-161-190.cprapid.com
0	global.ib-ibi.com Failed	bcp.crwdcntrl.net
0	vpod1q.qa.lijit.com Failed	ap.lijit.com
123	65

This site contains links to these domains. Also see Links.

Domain
www.ups.com
wwwapps.ups.com
www.pressroom.ups.com
www.investors.ups.com
www.jobs-ups.com
sustainability.ups.com
www.theupsstore.ca
upscapital.com
www.instagram.com
twitter.com
whos.amung.us

Subject Issuer	Validity	Valid
20-220-161-190.cprapid.com cPanel, Inc. Certification Authority	`2023-02-05` - `2023-05-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.dtscout.com GTS CA 1P5	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.s-onetag.com Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-09` - `2023-07-20`	5 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.dtscdn.com GTS CA 1P5	`2023-01-24` - `2023-04-24`	3 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rqtrk.eu RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-11-04` - `2023-05-04`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://20-220-161-190.cprapid.com/local431/in.html
Frame ID: CBD4D04A46445F7EC50AF9F94915539F
Requests: 53 HTTP requests in this frame

Frame: https://20-220-161-190.cprapid.com/local431/iframe.php
Frame ID: EA90BC00D194D6D35696855C8831413D
Requests: 19 HTTP requests in this frame

Frame: https://20-220-161-190.cprapid.com/local431/index_1.html
Frame ID: 3BEA6741BBFCDFCF560A7D4922E73948
Requests: 1 HTTP requests in this frame

Frame: https://20-220-161-190.cprapid.com/local431/index_2.html
Frame ID: 98F29AE8BBA30F53EC545853A13975ED
Requests: 1 HTTP requests in this frame

Frame: https://20-220-161-190.cprapid.com/local431/index_4.html
Frame ID: CF5EE53714AB1876427921A709934C1C
Requests: 1 HTTP requests in this frame

Frame: https://20-220-161-190.cprapid.com/local431/index_3.html
Frame ID: 1E6BCF288C76A38379E637364EB55404
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104016762914584897FBF53C90F2A0AA
Frame ID: F729D349AF50ED5973A3F694718E4D38
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104016762914581028B472D083C04521
Frame ID: F6A05C1558D431F166AEFF61F7D7063D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
Frame ID: 8445979793D2D237BC4673630F141151
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
Frame ID: BF15EF88E25EFBC3B285614867F71F9B
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1116.23353/a/CA/t_.js?cid=c010&cls=C
Frame ID: 53324F18AFEF1E1BE723FD0F9B280DE4
Requests: 7 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1116.23353/a/CA/t_.js?cid=c010&cls=C
Frame ID: 000ED124281667C8217E5FE68AF65F14
Requests: 2 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 483C43D07CBA11541D7DA3DCC94A8659
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212100977960040&ret=html&random=1676291459
Frame ID: CA027930612AE5C226E579A5DBF4115B
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: F1ED03A96176E66B91376CDA562F242A
Requests: 3 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=753
Frame ID: 0BAA42DC380BDC2BB3850F0204F1ECCF
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 467C817DB52EFD0706D16A27C4D61C54
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
Frame ID: 30F03D303015799D1C491F8607AEEA7F
Requests: 1 HTTP requests in this frame

Frame: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: 5C1F7A6AD7E3061ACA98E231CBE84F46
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: D6DBAC94EFFB81D3359539B1F8F80EF1
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Frame ID: C5DE37661D3B7AA477E82F43EA678892
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tracking | UPS

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

123
Requests

70 %
HTTPS

17 %
IPv6

46
Domains

65
Subdomains

44
IPs

4
Countries

1680 kB
Transfer

1531 kB
Size

85
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ups.com/ca/en/service-alerts.page?id=alert1
Title: ... More

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page

Search URL Search Domain Scan URL

URL: https://www.ups.com/doapp/SignUp?loc=en_CA&ClientId=18&returnto=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_CA%26Requester%3Dlasso
Title: Sign up / Log in

Search URL Search Domain Scan URL

URL: https://www.ups.com/
Title: Alerts (1)

Search URL Search Domain Scan URL

URL: https://www.ups.com/dropoff?loc=en_CA
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/Home.page?loc=en_CA
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/fr/Home.page?loc=fr_CA
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/global.page
Title: Select Another Country or Territory

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship?loc=en_CA
Title: Ship

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ctc/request?loc=en_CA
Title: Quote

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/w1-location-finder-page.page?quickStart=true&widget=locationFinder
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/billing-payment.page
Title: View & Pay Bill

Search URL Search Domain Scan URL

URL: https://www.ups.com/track?loc=en_CA
Title: Track & Track History

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/tracking/quantum-view.page
Title: Manage Inbound/Outbound Deliveries:Quantum View - for Large Enterprise Businesses

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking.page
Title: Explore All Tracking

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/mychoice.page
Title: Explore Managing Home Deliveries

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/tracking/my-choice-for-business.page
Title: Explore Managing Business Deliveries

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/pickup/schedule?loc=en_CA
Title: Schedule a Pickup

Search URL Search Domain Scan URL

URL: https://www.ups.com/marketplaceshipping/order?loc=en_CA
Title: Manage Online Orders: Marketplace Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAReturn___StartSession&loc=en_CA
Title: Create a Return

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping.page
Title: Explore All Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ship/history?loc=en_CA
Title: View Shipping History

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=BatchImportPage___StartSession&loc=en_CA&WT.svl=SubNav
Title: Batch File Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAnImport___StartSession&loc=en_CA
Title: Create Import:UPS Import Control

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/tradeability?loc=en_CA
Title: International Toolset:UPS TradeAbility

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/shipping/international/services.page
Title: Service Guide

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/packaging-and-supplies.page
Title: Order Supplies

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services.page
Title: Discover UPS Services

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/shipping.page
Title: Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/billing.page
Title: Billing

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/international-shipping.page
Title: International Shipping

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/contract-logistics.page
Title: Contract Logistics

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/technology-integration.page
Title: Integrating UPS Technology

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/individual-shipper.page
Title: Individual Shipper

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/services/small-business.page
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-support-center.page
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/get-started-with-ups.page
Title: Get Started with UPS

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/sri/tracking/change-delivery.page
Title: Change Delivery

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/claims-support.page
Title: Claims Support

Search URL Search Domain Scan URL

URL: https://wwwapps.ups.com/ppc/ppc.html?loc=en_CA#/profilePage
Title: My Profile

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/about.page
Title: About UPS

Search URL Search Domain Scan URL

URL: https://www.pressroom.ups.com/
Title: Media RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: http://www.investors.ups.com/
Title: Investor RelationsOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.jobs-ups.com/location
Title: CareersOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://sustainability.ups.com/
Title: Sustainability & Community InvolvementOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.theupsstore.ca/
Title: The UPS StoreOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://upscapital.com/ca-en/
Title: UPS CapitalOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://www.instagram.com/UPS_Canada
Title: InstagramOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://twitter.com/UPS_Canada
Title: Twitter Open the link in a new window

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/fight-fraud.page
Title: Protect Against Fraud

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/service.page
Title: Service Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/website.page
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.ups.com/ca/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy NoticeOpen the link in a new window

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/yhyr653i60/
Title: 6

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://pixel.onaudience.com/?partner=137085098&mapped=104016762914581028B472D083C04521 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=575c4df3012ad983bf2a3546f0a9301b&gdpr=0 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-JuOZFxVE2pRut2BctM2SxtXESF8hk.SsNA--~A&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d2b24af6edd26dac/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=7f5bce9f-b401-412f-a916-278be716e4c0&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=d2b24af6edd26dac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10f91148d25&zcluid=d2b24af6edd26dac&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEIqN9qR2QEniOqBKMsE83hI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10f91148d25&zcluid=d2b24af6edd26dac&zdid=1332

Request Chain 41

https://pixel.onaudience.com/?partner=137085098&mapped=104016762914581028B472D083C04521 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=575c4df3012ad983bf2a3546f0a9301b&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=13337d35965f37d0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=cHhRWFdDd005OTlaSnJvTQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEO7IJHT1sr7ANlfHcFFrxSc&google_cver=1

Request Chain 59

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

Request Chain 60

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=4cd49c0a71bcfef500c9c606c47258d9

Request Chain 61

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2nQjLFduoWi__cjUftYfqzW-qmm6yVwVJOioXszcfUhI&gdpr=0&gdpr_consent=

Request Chain 62

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHcABWPqLYIAAAAIHE7UAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3633575902701420562 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMzU3NTkwMjcwMTQyMDU2MhAAGg0Ig9uonwYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=10091bbab560d77c060f59f1d970a2958c809f6d9bcddf0fbcf794bb6d6542b6f4cb09cee1a4f8eb&person_id=3633575902701420562&eid=50082

Request Chain 63

https://tags.bluekai.com/site/59574?id=ZHcABWPqLYIAAAAIHE7UAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 65

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 67

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1676291459260.4&r=true HTTP 302
https://tags.bluekai.com/site/27519?id=212100977960040&ret=html&random=1676291459

Request Chain 69

https://map.go.affec.tv/map/3a/?pid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&ts=1676291459260.1 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63ea2d836692bd000155157e%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D63ea2d836692bd000155157e%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/8835541971384855379?ch=63ea2d836692bd000155157e&chc=tt&gdpr=&gdpr_consent=&redirect_url= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63ea2d836692bd000155157e&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url= HTTP 302
https://map.go.affec.tv/map/ttd/7f5bce9f-b401-412f-a916-278be716e4c0?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 70

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09c0104f-19f8-4346-8281-502e33c68133%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7f5bce9f-b401-412f-a916-278be716e4c0&ttd_puid=09c0104f-19f8-4346-8281-502e33c68133%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 71

https://dp2.33across.com/ps/?pid=1205&rand=1676291459260.3&r=true HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212100973495573

Request Chain 72

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.5&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.5&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOaPEWIdePk5bJHBiYGhgco&google_cver=1

Request Chain 73

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%21applenew441&zpbcat=Health&zcluid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&ziid=1676291459260.6 HTTP 302
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-e617de5f8c5c&us_privacy=&zcluid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&zdid=239&ziid=1676291459260.6&zpb=w%21applenew441&zpbcat=Health HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8835541971384855379&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-e617de5f8c5c&us_privacy=&zcluid=CoIKS2PqLYMLXuWnDCRgAg==&zdid=239&ziid=1676291459260.6&zpb=w!applenew441&zpbcat=Health

Request Chain 74

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.8&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&r=true HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212100978459346&seg_code=33x&random=1676291459 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212100978459346%26seg_code%3D33x%26random%3D1676291459

Request Chain 75

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.9&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.9&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFTpjSOvE7pq56Hd1O0N7Fk&google_cver=1

Request Chain 77

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N&rnd=97283 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N&rnd=97283&_li_chk=true&previous_uuid=3a92fa7a730d4ee8bd743848a7097262 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=97283&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N

Request Chain 78

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu= HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu=&expected_cookie=a8d580a6-cc96-4b6f-a577-fd4c06e1e3e2

Request Chain 79

https://um.simpli.fi/lj_match?r=42938 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=2FD146284BBF439093CD97D975DD9EA3

Request Chain 82

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHcABWPqLYIAAAAIHE7UAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1116.23353%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1116.23353%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=23014130 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

Request Chain 85

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GJlOaSZHjnM3SjmeQZqw6P8N/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GJlOaSZHjnM3SjmeQZqw6P8N/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=a12a43ff39447dcd07fbfd0c344f7ea8

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=7f5bce9f-b401-412f-a916-278be716e4c0&bid=1e2n4ou

Request Chain 90

https://tags.bluekai.com/site/39798?limit=1&id=2kR24IgjUQS6ZaSoCV0xUNYAOw5brZbRnBlI1rvPMNog HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

Request Chain 91

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2W-jLqDPQBW9FyJR5wRJ_purtEudomW2GCNgdyHa5__M HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09c0104f-19f8-4346-8281-502e33c68133%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8835541971384855379&pt=09c0104f-19f8-4346-8281-502e33c68133%2C%2C

Request Chain 92

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3253601410842671705&newuser=1&referrer_pid=51md42u

Request Chain 93

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=7709128359634053758&bid=2cr76e1&referrer_pid=51md42u

Request Chain 101

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D17EACA-46AC-42FD-8AA6-8AF2F606B2B9&gdpr=0

Request Chain 102

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7f5bce9f-b401-412f-a916-278be716e4c0/gdpr=0/gdpr_consent=

Request Chain 103

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=09c0104f-19f8-4346-8281-502e33c68133&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D09c0104f-19f8-4346-8281-502e33c68133%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D09c0104f-19f8-4346-8281-502e33c68133%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=09c0104f-19f8-4346-8281-502e33c68133&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D09c0104f-19f8-4346-8281-502e33c68133%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D09c0104f-19f8-4346-8281-502e33c68133%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73647848446338178770650009302646027669&pt=09c0104f-19f8-4346-8281-502e33c68133%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D09c0104f-19f8-4346-8281-502e33c68133%2C HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=09c0104f-19f8-4346-8281-502e33c68133

Request Chain 104

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=510fadee6cc2b928d90859a7216ec834

Request Chain 106

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32568155777616625031879839985693896151/gdpr=0

Request Chain 112

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d2e62207-39e3-4fbe-47e2-1c11cbf1fa74$ip$149.56.153.179&gdpr=0&gdpr_consent=

Request Chain 113

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0

Request Chain 114

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60f463ea-2d84-4800-8d78-33b899d0a988&src=lot&gdpr=0

Request Chain 115

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=957d99a4-c7ad-489f-b79c-02781e9c3e59-63ea2d84-4341/gdpr=0

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Y_othAAAATZDDQAF HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y_othAAAATZDDQAF/gdpr=0&_test=Y_othAAAATZDDQAF

Request Chain 122

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=644012992 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7709128359634053758/gdpr=0/rand=644012992

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request in.html Show response
20-220-161-190.cprapid.com/local431/ 64 KB
65 KB 159ms
19ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 20e2c88fe78444f76748fe59887e843224ba1064afad5a9aa1f881fbae4b0f28

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 65853
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:58 GMT
Expires: 0
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 25 Jan 2023 12:15:16 GMT
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK ups.vendor.54f3c2d83b58.css
20-220-161-190.cprapid.com/local431/ 130 KB
130 KB 44ms
19ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/ups.vendor.54f3c2d83b58.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 133043
Expires: 0

GET
H/1.1 200
OK ups.styles.bf03bcac6bc2.css
20-220-161-190.cprapid.com/local431/ 89 KB
89 KB 58ms
18ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/ups.styles.bf03bcac6bc2.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ae367b01f6899231a82020e3ed74a9345832f163fc754c2bfee56842af2087d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 90912
Expires: 0

GET
H/1.1 200
OK ups.modules.0cca12c805a5.css
20-220-161-190.cprapid.com/local431/ 697 KB
697 KB 59ms
20ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/ups.modules.0cca12c805a5.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ec42e263cd11890be5f6aad789249f1d74c91f3be4f0f072848cab423d22e44f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 713824
Expires: 0

GET
H/1.1 200
OK ups.widgets.6611168e8d14.css
20-220-161-190.cprapid.com/local431/ 69 KB
69 KB 58ms
18ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/ups.widgets.6611168e8d14.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 70569
Expires: 0

GET
H/1.1 200
OK ups.apps-utrk.5ebbdd.css
20-220-161-190.cprapid.com/local431/ 74 KB
74 KB 59ms
19ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/ups.apps-utrk.5ebbdd.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 75579
Expires: 0

GET
H/1.1 200
OK UPS_logo.svg
20-220-161-190.cprapid.com/local431/ 2 KB
2 KB 90ms
20ms Image
image/svg+xml 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://20-220-161-190.cprapid.com/local431/UPS_logo.svg
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2160
Expires: 0

GET
H/1.1 200
OK iframe.php Show response
20-220-161-190.cprapid.com/local431/ Frame EA90 283 B
491 B 150ms
138ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/iframe.php
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: fa734329b0d86f7c676d4bb77eee036d4de71471836ff309716f6b656a951b54

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/in.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Feb 2023 12:30:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK index_1.html Show response
20-220-161-190.cprapid.com/local431/ Frame 3BEA 167 B
490 B 51ms
19ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/index_1.html
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/in.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:58 GMT
Expires: 0
Keep-Alive: timeout=5, max=98
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK icp.gif
20-220-161-190.cprapid.com/local431/ 43 B
365 B 23ms
21ms Image
image/gif 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://20-220-161-190.cprapid.com/local431/icp.gif
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK styles.7d4255341a2c49ba8357.bundle.css
20-220-161-190.cprapid.com/local431/ 259 B
581 B 39ms
18ms Stylesheet
text/css 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/styles.7d4255341a2c49ba8357.bundle.css
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 259
Expires: 0

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 89ms
31ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3354
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJisex6oZd51ezBo1NpFZ4HdzI2gDc2tlIpb2xr8ArJqqNKzIwbi3NGNePgJJLPUXQYaesASVFMcvtvOII1bbexZYPBxR4hBi2fHB%2F6cuelV6o3zkdwHPOUlgtHDQQIXFYTJSQx3"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 798d940f8fdea205-YYZ
expires: Tue, 14 Feb 2023 11:35:04 GMT

GET
H2 200 InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ 0
223 KB 265ms
97ms Other
application/javascript 2620:1ec:4b::24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/ci/InqFramework.js?codeVersion=1607582044799

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4b::24 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 12:30:58 GMT
x-azure-ref-originshield: 0NiTqYwAAAACu1GPpP+IASosXzSTZVV5dTU5aMjIxMDYwNjExMDIzAGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Jan 2023 22:30:00 GMT
server: Nuance Server
etag: W/"1239982-1674685800000"
vary: accept-encoding
x-azure-ref: 0gi3qYwAAAAAvn9QnWmfYQ4B9Rp9aC/9tWU1RMDFFREdFMDkxOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 pre-acif.js
ups.inq.com/tagserver/acif/ 0
584 B 155ms
37ms Other
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 03:58:02 GMT
server: Nuance Server
etag: W/"195-1675223882000"
p3p: policyref="http://ups.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 195
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-us1.digital.nuance.com/media/launch/acif/ 0
112 KB 194ms
27ms Other
application/javascript 2620:1ec:4b::24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/acif/acif.js

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4b::24 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 12:30:58 GMT
x-azure-ref-originshield: 0qh/qYwAAAADM1FvBj8HSRqimsApHy3QXTU5aMjIxMDYwNjExMDIxAGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Jan 2023 22:25:44 GMT
server: Nuance Server
etag: W/"383831-1674685544000"
vary: accept-encoding
x-azure-ref: 0gi3qYwAAAABmz6N19y4IRo91oPsOLhovWU1RMDFFREdFMDkxOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 acif-configs.js
media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/ 0
6 KB 290ms
123ms Other
application/javascript 2620:1ec:4b::24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/sites/10005649/assets/automatons/acif-configs.js

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4b::24 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Nuance Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 12:30:58 GMT
x-azure-ref-originshield: 0SCbqYwAAAAA0Ux7DSPH+T7HVxHVpf1rnTU5aMjIxMDYwNjEyMDQ1AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Feb 2021 16:01:12 GMT
server: Nuance Server
etag: W/"35395-1612454472208"
vary: accept-encoding
x-azure-ref: 0gi3qYwAAAADWwOSjCqYdTqYWJWj9wxjvWU1RMDFFREdFMDkxOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 d.js Show response
waust.at/ Frame EA90 14 KB
7 KB 25ms
25ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/iframe.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3354
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90Y8Aj2OOlcDVld9wr2iSBChCxj1EPA2tRNVf3eoWyox7qLq%2BDe%2Flx42fl748L%2FGyKdc8z34XsZmbPNebnQPRE9GTReMuRPnKzV02OAvPiG1JOwTzhiVOkXHOd%2BkKWY7aJ96YN8h"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 798d941038f7a205-YYZ
expires: Tue, 14 Feb 2023 11:35:04 GMT

GET
H/1.1 200
OK 055096b75efc91eabeb7fa0fb14e24cd44ba71f4
20-220-161-190.cprapid.com/local431/ 34 KB
34 KB 20ms
20ms Font
application/octet-stream 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/055096b75efc91eabeb7fa0fb14e24cd44ba71f4
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/ups.styles.bf03bcac6bc2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/ups.styles.bf03bcac6bc2.css
Origin: https://20-220-161-190.cprapid.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34708
Expires: 0

GET
H/1.1 200
OK index_2.html Show response
20-220-161-190.cprapid.com/local431/ Frame 98F2 701 B
1 KB 19ms
18ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/index_2.html
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/in.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 701
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:58 GMT
Expires: 0
Keep-Alive: timeout=5, max=98
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK social.jpg
20-220-161-190.cprapid.com/local431/ 882 B
1 KB 20ms
19ms Image
image/jpeg 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://20-220-161-190.cprapid.com/local431/social.jpg
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/ups.modules.0cca12c805a5.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/ups.modules.0cca12c805a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 882
Expires: 0

GET
H2 200 / Show response
t.dtscout.com/i/ 8 KB
3 KB 103ms
44ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 307b5b7a5b1759b5ba2ec7b97d8614385ddde2e0370e6997aa3a904f608e0ee8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
x-t: 0.736
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh2cyT9VfmXxK74TUtySh5XHAPiK47yMbTYKNUX4v2in%2F6cOHLokOpTNI18JdW4zpXNs2sc4JoSGGMaDPt2xtTdrgsA%2FzZmAwYzFUYZCdUCYpu6EYjjstA8TBzYs50Lmiyx7UmGUxKyE7zo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 798d94115be578d0-EWR
expires: Mon, 13 Feb 2023 12:30:57 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
182 B 106ms
46ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=yhyr653i60&t=Tracking%20%7C%20UPS&c=d&x=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&y=&a=0&v=27&r=4668
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1fd67505079dfa852099a19853f739f9f9b2d265abc25bbe847f6852ca9bde3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 798d94115a71a244-YYZ
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
t.dtscout.com/i/ Frame EA90 8 KB
4 KB 86ms
42ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec466d521e05563dea9cd61c498739b7014607afe7bc64a4aac43864ec75d8d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
x-t: 0.847
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7NwmQiLTwWUnIS9RLg%2FqK4qRza7oiSWF2JRLgqFDVL8AOUWwmJZajv0geu%2Bl36KHzGgwtl%2FlFZuIKuAw9WMZttLdxmLEzdrA5wfCtKKVXLDwQLIHqkHUtCHdOmZM7H%2FFevE9i5Rez46T2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 798d94115be678d0-EWR
expires: Mon, 13 Feb 2023 12:30:57 GMT

GET
H/1.1 200
OK index_4.html Show response
20-220-161-190.cprapid.com/local431/ Frame CF5E 241 B
564 B 21ms
20ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/index_4.html
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 241
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:58 GMT
Expires: 0
Keep-Alive: timeout=5, max=98
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK index_3.html Show response
20-220-161-190.cprapid.com/local431/ Frame 1E6B 327 B
650 B 19ms
18ms Document
text/html 20.220.161.190
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://20-220-161-190.cprapid.com/local431/index_3.html
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.220.161.190 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/index_2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Length: 327
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:58 GMT
Expires: 0
Keep-Alive: timeout=5, max=97
Last-Modified: Thu, 10 Dec 2020 06:29:52 GMT
Pragma: no-cache
Server: Apache

GET
H2 200 / Show response
whos.amung.us/pingjs/ Frame EA90 29 B
99 B 99ms
59ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=applenew441&t=Ip%3A%20149.56.153.179%20-%20149.56.153.179%20%5BU%20P%20S%20GB-1%5D&c=d&x=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&y=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&a=0&v=27&r=5632
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b646ef60183a5fa06713dcf5f7966b889d2309d4bbd8b1f6ff583746a17269fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 798d94115a77a244-YYZ
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame F729 1 KB
755 B 43ms
42ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=104016762914584897FBF53C90F2A0AA
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9163b7d6fa52131da92585a39ae33ba9b440c1d2f86fbe1be6c44ae5d9fc4d

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 798d9411bc6078d0-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 12:30:58 GMT
expires: Mon, 13 Feb 2023 12:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC%2B6tOFbTChR%2BYNCBPi2N4c0wT%2FTTne2ONqiRq9wSOFhNWxAv3fQsOIPEZYKA2jEwuOr8hzzXWSwGpLAsfx7ZAPhhhVgXTbEl9yAX7RbwfBuuxFEecIWXUsAXxEg2C50U5zvcG7C1LqbKIg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame EA90 30 KB
10 KB 74ms
20ms Script
text/javascript 18.164.124.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-79.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding: gzip
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
date: Mon, 13 Feb 2023 10:59:49 GMT
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 5470
x-amz-server-side-encryption: AES256
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: wZw5Y2Pj3mvL-Pq9wuc_LcFq1iLK3O0ylP93_X7t-aHhVbwMHnWVBA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame EA90 2 KB
3 KB 159ms
36ms Script
application/javascript 18.217.164.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.164.44 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-164-44.us-east-2.compute.amazonaws.com

Software

Resource Hash

bb278815a0ae1eae0ac1b3b790d371581cd921eb099093f6e55d59d60a08b282

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame EA90 51 B
343 B 46ms
46ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=20-220-161-190.cprapid.com&_ss=47i0kkky2m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=7bzq&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50a2127eb1085389a78fa75b032d805e0424d810aa268ff07f6f96b494f7950

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
x-t: 0.184
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5Eco8GRa8CKoWY8TxiCVylxlyssyaEKKTZ0Us05qGA8qTTaU5lXcnOBXzcMW1sxpMyQpNEh3l6on0%2F7z5dOmw7soqoEFYTIUI9j1M3F%2BCBuDwzhjbVze1BdCHkrO3kVQV2hHob%2FgvSI%2FWY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 798d9411bc6278d0-EWR
expires: Mon, 13 Feb 2023 12:30:57 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame F6A0 1 KB
726 B 49ms
45ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=104016762914581028B472D083C04521
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e73e41a2b89c9b224bd11acab7d5580e9bc7690c4a8434f59946680f6e9105

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 798d9411cc7a78d0-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 12:30:58 GMT
expires: Mon, 13 Feb 2023 12:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEL9Mb%2BTzHex4AczslFJCcu9QD88UqNhIhRD5JEccxtKBdeYbO3%2FrjjfUUbCfEhtJrXiYMdJw55%2Bg8eNTtraY3YGiQmvFCcQrFJYzdLiZk9ZxxEmBtawHR4QnZDyDLTV6UEakdkyqS68OhA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 70ms
23ms Script
text/javascript 18.164.124.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-79.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding: gzip
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
date: Mon, 13 Feb 2023 10:59:49 GMT
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 5470
x-amz-server-side-encryption: AES256
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: JXnhE5JwBzfQLEwz7LEGjm6DPxoh9AStIMuaK_nE0hlbEpm5nDLx-g==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 153ms
36ms Script
application/javascript 18.217.164.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.164.44 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-164-44.us-east-2.compute.amazonaws.com

Software

Resource Hash

e6100cd45091bbebb7ce5695522abfced42e53c61e985106f50dccfdd42383bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
336 B 50ms
46ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=20-220-161-190.cprapid.com&_ss=47i0kkky2m&_pv=2&_ls=0&_cc=ca&_pl=d&_cbid=7afk&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a04d12f88eecbb325c0923ad9b263b17e9ddd6ece79ea2ba661a31e305fc2e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
x-t: 0.152
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4I1LRs5D30GexH1uk5dRqQ0%2BEcLbTumc0M63srTH6oCODaANBC5lkK%2Bm8WNXzbVEgzpuC8Sf81L2vV4RI3r34s54vJ%2F8764nEYre%2BEDNzHxUu4Q8rShiHR2AP3imrDXttD0BhHDWKccNws%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 798d9411cc7c78d0-EWR
expires: Mon, 13 Feb 2023 12:30:57 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 109ms
31ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
server: cloudflare
age: 57084
etag: W/"63bdcce4-4571"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 798d94124acfa1da-YYZ
expires: Thu, 16 Feb 2023 12:30:58 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EA90 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame EA90 17 KB
7 KB 101ms
29ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
server: cloudflare
age: 57084
etag: W/"63bdcce4-4571"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 798d94124ad2a1da-YYZ
expires: Thu, 16 Feb 2023 12:30:58 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame EA90 52 KB
16 KB 104ms
26ms Script
text/javascript 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:45:18 GMT
content-encoding: gzip
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 6341
x-amz-server-side-encryption: AES256
etag: W/"d92273856cbc8d3aad0c2259f9be9a68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: IHk2h-nqt5H3Fb1KWLckb0YtLtdbDhN06ebnfIixSoVcn4s6bCin3A==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame EA90 0
311 B 181ms
123ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=104016762914581028B472D083C04521&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&r=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
x-t: 46.39
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p51gS%2BbiyAlE6rKKG22aCg%2BviLGH0MUkbgU17lbGxstZMOqn4zbh9M%2F6eaFdxAanoRRNEzV5tx0qGsMrwA8cLzlM4O%2FMATUeFbelrRZTFgF55lFxPKHzcbsoShAkvsjGloUd%2Beq8GLc2IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 798d94127c06a1fe-YYZ
expires: Mon, 13 Feb 2023 12:39:55 GMT

GET
H2 200 e Show response
a.dtssrv.com/ Frame EA90 21 B
605 B 99ms
41ms XHR
application/json 2606:4700:e6::ac40:cb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=104016762914581028B472D083C04521
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09bab703b4e9ed5e7925279cfaecbb8432ae0dba25385d7d39aa9f8f2d3df7f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: cache
date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loxBmM2z3pyY9CUzlwLsZp%2BLV9DO%2FTNbEyxvo9dJZsHGclJgjlcX1EJbLAhqLI8I7GxiDb1YP0Agbfer2xolf8xmpB%2BRoArPNMa7widRDe4iA0oVOMSRo6KgYDFeGAzAmo9By9Fwv%2BN0NYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://20-220-161-190.cprapid.com
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 798d94127ae5c360-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 13 Feb 2023 14:30:58 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame EA90
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=104016762914581028B472D083C04521
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=575c4df3012ad983bf2a3546f0a9301b&gdpr=0
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-JuOZFxVE2pRut2BctM2SxtXESF8hk.SsNA--~A&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d2b24af6edd26dac/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=7f5bce9f-b401-412f-a916-278be716e4c0&icm&gdpr=0&gdpr_consent=&cver
https://spl.zeotap.com/?zdid=1332&zcluid=d2b24af6edd26dac
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10f91148d25&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEIqN9qR2QEniOqBKMsE83hI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10...

95 B
152 B

116ms
116ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEIqN9qR2QEniOqBKMsE83hI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10f91148d25&zcluid=d2b24af6edd26dac&zdid=1332
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/iframe.php
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:31:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://20-220-161-190.cprapid.com
access-control-allow-credentials: true
cf-ray: 798d941a2e6aa1e4-YYZ
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEIqN9qR2QEniOqBKMsE83hI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=6636a7cf-9653-4e35-668c-f10f91148d25&zcluid=d2b24af6edd26dac&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=104016762914581028B472D083C04521
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=575c4df3012ad983bf2a3546f0a9301b&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=13337d35965f37d0
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=cHhRWFdDd005OTlaSnJvTQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEO7IJHT1sr7ANlfHcFFrxSc&google_cver=1

62 B
315 B

85ms
83ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEO7IJHT1sr7ANlfHcFFrxSc&google_cver=1
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 13 Feb 2023 12:30:59 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEO7IJHT1sr7ANlfHcFFrxSc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
602 B 135ms
103ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=104016762914581028B472D083C04521&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
x-t: 51.49
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F%2BOcfDo%2BMfErCMzWBGykIZ0Xa7s110rs3WtyPnbkSHoV5xyOCfL8oCoPrrctcIE9KlckseZU%2BpWsKkH8YBDPPkJoM8Y9u2QJ%2BeeB2LqSCJnOBuKQb7RYE%2Foxb4UOuFgJFBnuRnU7S7ZUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 798d94127c08a1fe-YYZ
expires: Mon, 13 Feb 2023 12:39:54 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
317 B 74ms
43ms XHR
application/json 2606:4700:e6::ac40:cb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=104016762914581028B472D083C04521
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35730e86d2c16d35badbd1807bc8bbc1ffc21f0706eab5d24dde72309d2288d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: cache
date: Mon, 13 Feb 2023 12:30:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPyfIZQ9OGa%2BYEoZWm6W3mPgdAz8mrtX1RTHX9GxcNDYhPRT811I9G%2BOK2mvHm1dyi0Uf0a75XQWzpUMjnQMGRv7W3y6QUvX1gGP8wbfM7%2F6MkVwohYsLlDQto7NCXIpUuRClDvYmNrN%2Feo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://20-220-161-190.cprapid.com
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 798d94127ae7c360-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 13 Feb 2023 14:30:58 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame EA90 535 B
949 B 79ms
28ms Fetch
application/json 13.225.223.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-110.jfk51.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:34:27 GMT
via: 1.1 bd5ab138e49a090fd3089313c9c8105c.cloudfront.net (CloudFront), 1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK51-C1
age: 75391
x-amzn-requestid: 72e33c44-7531-4ef8-848c-a2bf3369c7b4
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: AO4InFM0iYcF3hQ=
content-length: 535
x-amz-cf-id: R3G8XCOxP-Dw8x30CtxthxD9KDXvN0E2hQBKKT16d_mCM3ieMGolkw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
949 B 78ms
29ms Fetch
application/json 13.225.223.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-110.jfk51.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:34:27 GMT
via: 1.1 bd5ab138e49a090fd3089313c9c8105c.cloudfront.net (CloudFront), 1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK51-C1
age: 75391
x-amzn-requestid: 72e33c44-7531-4ef8-848c-a2bf3369c7b4
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: AO4InFM0iYcF3hQ=
content-length: 535
x-amz-cf-id: 53E3EO21lN3dNC7HbKQJIDxXEr5GtAjZb6AMPNEd5MLLWSpqDarHIQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame EA90 2 KB
2 KB 105ms
21ms Script
application/javascript 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9758251858452314&stid=ZHIABmPqLYIAAAAJCKXCAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

adfa1e50980a8f6a6603cf55a6ca4ac94d9fce67a743d8c16dec09925bd9449f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1361
Expires: Mon, 13 Feb 2023 13:30:59 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame EA90 42 B
265 B 36ms
36ms Image
image/gif 18.217.164.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&event_source=dtscout&rnd=0.9758251858452314&exptid=ZHIABmPqLYIAAAAJCKXCAw%3D%3D&fcmp=false

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/iframe.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.164.44 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-164-44.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 102ms
22ms Script
application/javascript 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.24746891189102826&stid=ZHcABWPqLYIAAAAIHE7UAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

adfa1e50980a8f6a6603cf55a6ca4ac94d9fce67a743d8c16dec09925bd9449f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1361
Expires: Mon, 13 Feb 2023 13:30:59 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 37ms
35ms Image
image/gif 18.217.164.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&event_source=dtscout&rnd=0.24746891189102826&exptid=ZHcABWPqLYIAAAAIHE7UAw%3D%3D&fcmp=false

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.164.44 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-164-44.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 98ms
29ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!applenew441&lm=5&ts=1676291459000&dn=TC&iso=0&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&t=Tracking%20%7C%20UPS
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 8445 2 KB
1 KB 20ms
19ms Document
text/html 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.24746891189102826&stid=ZHcABWPqLYIAAAAIHE7UAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:59 GMT
Expires: Mon, 20 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame BF15 2 KB
1 KB 20ms
19ms Document
text/html 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9758251858452314&stid=ZHIABmPqLYIAAAAJCKXCAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Mon, 13 Feb 2023 12:30:59 GMT
Expires: Mon, 20 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 97ms
19ms Script
text/javascript 108.139.29.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-7.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding: gzip
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
date: Mon, 13 Feb 2023 11:46:41 GMT
last-modified: Mon, 30 Jan 2023 17:09:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2659
etag: W/"b33b67ced6b706568683ecea83e198c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 4v58r8-uxXpb5YspZNl_x6U5AJUTyPaoCAC_WYf6JxkodPaMbCQn3A==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1116.23353/a/CA/ Frame 5332 20 KB
9 KB 21ms
21ms Script
text/javascript 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1116.23353/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Mon, 20 Feb 2023 12:30:59 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1116.23353/a/CA/ Frame 000E 20 KB
9 KB 21ms
21ms Script
text/javascript 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1116.23353/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Mon, 20 Feb 2023 12:30:59 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 2 KB
3 KB 93ms
29ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!applenew441&dn=TC&cc=1&r=&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 92a931d5d8ead8bf4cc943464b4ddee6a105d9fa24a01be037c338bd383b4200

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 13 Feb 2023 12:30:58 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 1682
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
308 B 90ms
28ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!yhyr653i60&dn=TC&cc=2&r=&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 13 Feb 2023 12:30:58 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 483C 438 B
675 B 35ms
35ms Script
application/javascript 18.217.164.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.217.164.44 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-217-164-44.us-east-2.compute.amazonaws.com

Software

Resource Hash

d2e58073cc47171740508e47b92fde9cd84b2a8477926212d882f46a0a559dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 5332
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

42 B
297 B

155ms
37ms

Image
image/gif

13.58.67.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-67-229.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHcABWPqLYIAAAAIHE7UAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 5332
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=4cd49c0a71bcfef500c9c606c47258d9

42 B
297 B

145ms
37ms

Image
image/gif

13.58.67.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=4cd49c0a71bcfef500c9c606c47258d9

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-67-229.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHcABWPqLYIAAAAIHE7UAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Mon, 13 Feb 2023 12:30:59 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=4cd49c0a71bcfef500c9c606c47258d9
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 5332
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2nQjLFduoWi__cjUftYfqzW-qmm6yVwVJOioXszcfUhI&gdpr=0&gdpr_consent=

42 B
297 B

134ms
35ms

Image
image/gif

13.58.67.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2nQjLFduoWi__cjUftYfqzW-qmm6yVwVJOioXszcfUhI&gdpr=0&gdpr_consent=

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-67-229.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHcABWPqLYIAAAAIHE7UAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2nQjLFduoWi__cjUftYfqzW-qmm6yVwVJOioXszcfUhI&gdpr=0&gdpr_consent=
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 5332
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHcABWPqLYIAAAAIHE7UAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3633575902701420562
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMzU3NTkwMjcwMTQyMDU2MhAAGg0Ig9uonwYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=10091bbab560d77c060f59f1d970a2958c809f6d9bcddf0fbcf794bb6d6542b6f4cb09cee1a4f8eb&person_id=3633575902701420562&eid=50082

43 B
139 B

102ms
101ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=10091bbab560d77c060f59f1d970a2958c809f6d9bcddf0fbcf794bb6d6542b6f4cb09cee1a4f8eb&person_id=3633575902701420562&eid=50082
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Tue, 14 Feb 2023 07:30:59 GMT

Redirect headers

date: Mon, 13 Feb 2023 12:30:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=10091bbab560d77c060f59f1d970a2958c809f6d9bcddf0fbcf794bb6d6542b6f4cb09cee1a4f8eb&person_id=3633575902701420562&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 5332
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHcABWPqLYIAAAAIHE7UAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

142ms
38ms

Image
image/gif

13.58.67.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-67-229.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHcABWPqLYIAAAAIHE7UAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Mon, 13 Feb 2023 12:30:59 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 000E 0
289 B 21ms
21ms Image
text/plain 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHIABmPqLYIAAAAJCKXCAw%253D%253D&tt=t.dhj&dhjLcy=1676291459100&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1116.23353&ell=d&cck=__stid&dmn=20-220-161-190.cprapid.com&pn=%2Flocal431%2Fin.html&qs=na&cc=CA&cont=NA&evid=RicwKZYAhn8ZXfUwqLz3&urls=&rnd=1676291459220&cid=c010&version=1.1116.23353&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=37

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/iframe.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 13 Feb 2023 12:30:59 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
474 B

24ms
23ms

Fetch
application/json

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 23.92.190.68 Waxhaw, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 69e7dff8d115036c2eb487e3c28f0af15c888ac57a4c2bb66c2238d8608d43c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://20-220-161-190.cprapid.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://20-220-161-190.cprapid.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 483C 51 KB
16 KB 82ms
19ms Script
application/javascript 23.3.112.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.3.112.166 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-112-166.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 13 Feb 2023 12:30:59 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Mon, 20 Feb 2023 12:30:59 GMT

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame CA02
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1676291459260.4&r=true
https://tags.bluekai.com/site/27519?id=212100977960040&ret=html&random=1676291459

71 B
550 B

99ms
98ms

Document
text/html

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212100977960040&ret=html&random=1676291459
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!applenew441&dn=TC&cc=1&r=&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/in.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

bk-server: 3c93
cache-control: max-age=0, no-cache, no-store
content-length: 71
content-type: text/html
date: Mon, 13 Feb 2023 12:30:59 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Mon, 13 Feb 2023 12:30:58 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212100977960040&ret=html&random=1676291459
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP014
x-33x-status: 400000000040080C

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame F1ED 343 B
460 B 97ms
29ms Document
text/html 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!applenew441&dn=TC&cc=1&r=&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://20-220-161-190.cprapid.com/local431/in.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 164402
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 798d941518c43ffd-YYZ
content-encoding: gzip
content-type: text/html
date: Mon, 13 Feb 2023 12:30:59 GMT
etag: W/"63bdccf6-157"
expires: Thu, 16 Feb 2023 12:30:59 GMT
last-modified: Tue, 10 Jan 2023 20:39:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

7f5bce9f-b401-412f-a916-278be716e4c0
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&ts=1676291459260.1
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63ea2d836692bd000155157e%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D63ea2d836692bd000155157e%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%25...
https://map.go.affec.tv/map/an/8835541971384855379?ch=63ea2d836692bd000155157e&chc=tt&gdpr=&gdpr_consent=&redirect_url=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63ea2d836692bd000155157e&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url=
https://map.go.affec.tv/map/ttd/7f5bce9f-b401-412f-a916-278be716e4c0?ttd_puid=&gdpr=0&gdpr_consent=

0
563 B

25ms
24ms

Image
text/plain

44.205.52.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/7f5bce9f-b401-412f-a916-278be716e4c0?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 44.205.52.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-52-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://map.go.affec.tv/map/ttd/7f5bce9f-b401-412f-a916-278be716e4c0?ttd_puid=&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09c0104f-19f8-4346-8281-502e33c68133%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7f5bce9f-b401-412f-a916-278be716e4c0&ttd_puid=09c0104f-19f8-4346-8281-502e33c68133%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

95ms
24ms

Image
text/plain

34.199.82.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 34.199.82.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-82-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by: beacon-n036-ash-prod.krxd.net
date: Mon, 13 Feb 2023 12:30:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1676291459
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Mon, 13 Feb 2023 12:30:59 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a016-ash-prod.krxd.net

GET
H3

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1676291459260.3&r=true
https://idsync.rlcdn.com/405716.gif?partner_uid=212100973495573

42 B
60 B

43ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212100973495573
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
referrer-policy: unsafe-url
server: 33XP012
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212100973495573
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.5&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.5&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOaPEWIdePk5bJHBiYGhgco&google_cver=1

70 B
440 B

27ms
26ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOaPEWIdePk5bJHBiYGhgco&google_cver=1
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOaPEWIdePk5bJHBiYGhgco&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=w%21applenew441&zpbcat=Health&zcluid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&ziid=1676291459260.6
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-...
https://mwzeom.zeotap.com/mw?adnxs_uid=8835541971384855379&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-e617de5f8c5c&...

95 B
169 B

136ms
124ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8835541971384855379&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-e617de5f8c5c&us_privacy=&zcluid=CoIKS2PqLYMLXuWnDCRgAg==&zdid=239&ziid=1676291459260.6&zpb=w!applenew441&zpbcat=Health
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://20-220-161-190.cprapid.com
access-control-allow-credentials: true
cf-ray: 798d9416b8c6a1e4-YYZ
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: de377763-9267-4f62-8974-9348a949472f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8835541971384855379&zpartnerid=2&ctry=CA&env=mWeb&eventType=pageview&id_mid_4=0009adf4-4580-4031-45b3-1f14e895a355&reqId=62f2fa55-c1a9-4004-4946-e617de5f8c5c&us_privacy=&zcluid=CoIKS2PqLYMLXuWnDCRgAg==&zdid=239&ziid=1676291459260.6&zpb=w!applenew441&zpbcat=Health
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&random=1676291459260.8&pu=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html&r=true
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212100978459346&seg_code=33x&random=1676291459
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212100978459346%26seg_code%3D33x%26random%3D1676291459

43 B
1 KB

44ms
43ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212100978459346%26seg_code%3D33x%26random%3D1676291459

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:59 GMT
AN-X-Request-Uuid: 9f27a647-2bbf-4848-8a39-58f5869c74a6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:59 GMT
AN-X-Request-Uuid: b1981f4e-ea33-4574-bcd5-738538384afe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212100978459346%26seg_code%3D33x%26random%3D1676291459
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.9&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2PqLYMLXuWnDCRgAg%3D%3D&us_privacy=&33random=1676291459260.9&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkV1Y3UyaWlNSzdLMmtWVG16SjA0VFFCcVRiM2x2bFRzNmNSOTJiWHpZZEE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFTpjSOvE7pq56Hd1O0N7Fk&google_cver=1

70 B
440 B

27ms
26ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFTpjSOvE7pq56Hd1O0N7Fk&google_cver=1
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/local431/in.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEFTpjSOvE7pq56Hd1O0N7Fk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 0BAA 0
0 96ms
27ms Document
text/plain 108.139.29.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=753
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-127.jfk50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Mon, 13 Feb 2023 12:30:59 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 3a80316ee74668c7049eb31054a07168.cloudfront.net (CloudFront)
x-amz-cf-id: YJxoa1mZEo5hoVdJapmhHAkI693GEPiCiL8MZVpAXGYTrxjJfahPPg==
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N&rnd=97283
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N&rnd=97283&_li_chk=true&previous_uuid=3a92fa7a730d4ee8bd743848a7097262
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=97283&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N

43 B
436 B

85ms
25ms

Image
image/gif

2600:1f18:ed:550a:603b:acd7:290f:c7dd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=97283&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:603b:acd7:290f:c7dd Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=97283&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N
Date: Mon, 13 Feb 2023 12:30:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 8

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu=
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu=&expected_cookie=a8d580a6-cc96-4b6f-a577-fd4c06e1e3e2

0
142 B

86ms
85ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu=&expected_cookie=a8d580a6-cc96-4b6f-a577-fd4c06e1e3e2
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7540652C5E464FCCBE88079319224DC1 Ref B: YTO01EDGE0521 Ref C: 2023-02-13T12:30:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0lAT74Q09lvG73By5Tw==

Redirect headers

date: Mon, 13 Feb 2023 12:30:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8F570116FAF540D79BAA435D8EF5AFEF Ref B: YTO01EDGE0521 Ref C: 2023-02-13T12:30:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=15697&puuid=GJlOaSZHjnM3SjmeQZqw6P8N&rand=63853&pu=&expected_cookie=a8d580a6-cc96-4b6f-a577-fd4c06e1e3e2
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0lAT6jkFDuVwmpzSLlw==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=42938
https://ce.lijit.com/merge?pid=2&3pid=2FD146284BBF439093CD97D975DD9EA3

43 B
679 B

78ms
26ms

Image
image/gif

63.251.114.136
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=2FD146284BBF439093CD97D975DD9EA3
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:59 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 13 Feb 2023 12:30:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=2FD146284BBF439093CD97D975DD9EA3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 12 Feb 2023 12:30:59 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ 43 B
436 B 26ms
26ms Image
image/gif 52.87.130.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GJlOaSZHjnM3SjmeQZqw6P8N&rnd=61666

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.130.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-130-203.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 467C 85 B
482 B 19ms
19ms Document
text/html 18.164.124.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-79.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 105705
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Sun, 12 Feb 2023 07:09:15 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
x-amz-cf-id: Db9Nol3zCoR4XHG1-m02wkwV1NhqTtlixaqNWqPhzH4m6K0Z1OUMIA==
x-amz-cf-pop: JFK50-P7
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame 30F0
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHcABWPqLYIAAAAIHE7UAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1116.23353%26cid%3Dc010%26...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

62 B
315 B

100ms
99ms

Document
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Mon, 13 Feb 2023 12:30:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 221
content-type: text/html
date: Mon, 13 Feb 2023 12:30:59 GMT
location: https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 467C 766 B
1 KB 19ms
18ms Script
text/javascript 18.164.124.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-79.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 11 Feb 2023 23:15:50 GMT
via: 1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 134110
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: luNA6JY5z5-u64wITnjLQ5KIFFDkdNh4gZSiCcdg3jWzuzURMk9JWA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame F1ED 32 KB
10 KB 21ms
21ms Script
text/javascript 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:45:19 GMT
content-encoding: gzip
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:01:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 6341
x-amz-server-side-encryption: AES256
etag: W/"17cbf13b92a75decc910b84476c56675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: rOLgO2FFOwVEIKsqZ-DcjrhatgeAToQ4b4vTnYohYFghD1Z2oGymxA==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GJlOaSZHjnM3SjmeQZqw6P8N/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GJlOaSZHjnM3SjmeQZqw6P8N/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=a12a43ff39447dcd07fbfd0c344f7ea8

43 B
682 B

74ms
25ms

Image
image/gif

63.251.114.136
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=a12a43ff39447dcd07fbfd0c344f7ea8
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:30:59 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=a12a43ff39447dcd07fbfd0c344f7ea8
cache-control: no-cache
x-server: 10.40.39.4
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 717 B
1 KB 25ms
25ms Script
application/javascript 3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: 86c259ce84fd41779fbe1e6b2550e8f66b72daff53e55b32ed2bd2a8e1739778

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 717
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 12 KB
4 KB 25ms
24ms Script
text/javascript 23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.68 Waxhaw, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx /
Resource Hash: f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Mar 2020 17:51:39 GMT
Server: nginx
ETag: W/"5e628dab-2e98"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 20 Feb 2023 12:30:59 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F1ED 156 B
615 B 115ms
40ms XHR
application/json 34.205.158.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.158.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-158-255.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 61229a29c563cbafa6132a2d4b3561f712b08c70fa6ddf81d130d3de06bb6433

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.14.214
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=7f5bce9f-b401-412f-a916-278be716e4c0&bid=1e2n4ou

70 B
440 B

24ms
24ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=7f5bce9f-b401-412f-a916-278be716e4c0&bid=1e2n4ou
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=7f5bce9f-b401-412f-a916-278be716e4c0&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H2

200

5386
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/39798?limit=1&id=2kR24IgjUQS6ZaSoCV0xUNYAOw5brZbRnBlI1rvPMNog
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=

62 B
315 B

88ms
88ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 13 Feb 2023 12:30:59 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://tags.bluekai.com/site/5386?id=7f5bce9f-b401-412f-a916-278be716e4c0&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 221

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2W-jLqDPQBW9FyJR5wRJ_purtEudomW2GCNgdyHa5__M
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09c0104f-19f8-4346-8281-502e33c68133%252C%252C
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8835541971384855379&pt=09c0104f-19f8-4346-8281-502e33c68133%2C%2C

95 B
123 B

39ms
39ms

Image
image/png

107.178.246.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8835541971384855379&pt=09c0104f-19f8-4346-8281-502e33c68133%2C%2C

Requested by

Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html

Protocol

Server

107.178.246.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:30:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bb363eae-60bf-48db-bf16-c8c74ff8f6d5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8835541971384855379&pt=09c0104f-19f8-4346-8281-502e33c68133%2C%2C
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3253601410842671705&newuser=1&referrer_pid=51md42u

70 B
440 B

29ms
29ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3253601410842671705&newuser=1&referrer_pid=51md42u
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3253601410842671705&newuser=1&referrer_pid=51md42u
pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=7709128359634053758&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

30ms
29ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=7709128359634053758&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: 20-220-161-190.cprapid.com
URL: https://20-220-161-190.cprapid.com/local431/in.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 12:30:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2bc5ef45-502d-4d1d-aada-349f190dfd48
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ps.eyeota.net/match?uid=7709128359634053758&bid=2cr76e1&referrer_pid=51md42u
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame EA90 4 KB
1 KB 63ms
20ms XHR
application/json 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://20-220-161-190.cprapid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 12 Feb 2023 15:47:06 GMT
content-encoding: gzip
via: 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 74635
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-id: ehqXygVCk2agAJC6OPIli5OmQwHKgXbjNYZ_UnxG3ptJhanWDqE2MA==

GET beacon
vpod1q.qa.lijit.com/ Frame 5C1F 0
0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame EA90 315 B
1 KB 195ms
195ms XHR
application/json 34.205.158.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.158.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-158-255.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 30252824d35ed4620081c80045344d7a37c9a0bfda88a6a6841a37424c70597d

Request headers

Referer: https://20-220-161-190.cprapid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://20-220-161-190.cprapid.com
cache-control: no-cache
x-server: 10.40.10.165
access-control-allow-credentials: true
content-length: 315
expires: 0

POST
H3 200 a
a.dtssrv.com/ Frame EA90 0
469 B 56ms
35ms Ping
text/html 2606:4700:e6::ac40:cb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=104016762914581028B472D083C04521&k=lotpano&v=f84789f7b1482159b0bf0f0184aba9fb927a3cc31c5445a19a1c542f99b781d8
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fiframe.php&j=https%3A%2F%2F20-220-161-190.cprapid.com%2Flocal431%2Fin.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://20-220-161-190.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:31:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5%2B1UwuoKEEYEvE%2BHmEfyY5HnTjIgYVyHFUOAnco4ylXRnxMx03TvpSh7NQ2bg3GRI4XvhywTsLlBk0jg2ILZx1N1K2kaqBMNYBkGrsRlPNbJaFYEdMD2UaPI9SlRLLPvTBwEbd3WOEv5m4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 798d941ccc66183d-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame D6DB 2 KB
1 KB 19ms
19ms Document
text/html 108.138.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-124.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://20-220-161-190.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6343
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Mon, 13 Feb 2023 10:45:18 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-id: _79gMLZl2lCH9qiNaI0lsfUdCqdu6qx3Ezya0QQrsq3myQBzz44KQQ==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame C5DE 4 KB
4 KB 24ms
23ms Document
text/html 34.205.158.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.158.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-158-255.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 84634bc93f56dafb787db8bdbbe47c69b42632f14dbdfa0b0485a6c21af78c04

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3991
content-type: text/html
date: Mon, 13 Feb 2023 12:31:00 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.9.111

GET
H2 200 /
wt.rqtrk.eu/ Frame C5DE 43 B
350 B 50ms
11ms Image
image/gif 15.235.42.104
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=148894014&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=a12a43ff39447dcd07fbfd0c344f7ea8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.235.42.104 Victoria, Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-003.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Mon, 13 Feb 2023 12:30:59 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C5DE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D17EACA-46AC-42FD-8AA6-8AF2F606B2B9&gdpr=0

49 B
264 B

53ms
52ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D17EACA-46AC-42FD-8AA6-8AF2F606B2B9&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.35.42
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0D17EACA-46AC-42FD-8AA6-8AF2F606B2B9&gdpr=0
date: Mon, 13 Feb 2023 12:31:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7f5bce9f-b401-412f-a916-278be716e4c0/gdpr=0/ Frame C5DE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7f5bce9f-b401-412f-a916-278be716e4c0/gdpr=0/gdpr_consent=

49 B
264 B

37ms
34ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7f5bce9f-b401-412f-a916-278be716e4c0/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.41.93
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=7f5bce9f-b401-412f-a916-278be716e4c0/gdpr=0/gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 249

GET
H2

200

tpid=09c0104f-19f8-4346-8281-502e33c68133
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame C5DE
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=09c0104f-19f8-4346-8281-502e33c68133&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=09c0104f-19f8-4346-8281-502e33c68133&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=73647848446338178770650009302646027669&pt=09c0104f-19f8-4346-8281-502e33c68133%2Chttps%253A%252F%252Fsync.crwdcntrl.net%25...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=09c0104f-19f8-4346-8281-502e33c68133

49 B
264 B

30ms
30ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=09c0104f-19f8-4346-8281-502e33c68133
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.12.14
content-length: 49
expires: 0

Redirect headers

date: Mon, 13 Feb 2023 12:31:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=09c0104f-19f8-4346-8281-502e33c68133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=510fadee6cc2b928d90859a7216ec834
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame C5DE
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=510fadee6cc2b928d90859a7216ec834

49 B
264 B

33ms
32ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=510fadee6cc2b928d90859a7216ec834
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.50
content-length: 49
expires: 0

Redirect headers

date: Mon, 13 Feb 2023 12:31:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s2a-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=510fadee6cc2b928d90859a7216ec834
access-control-allow-origin: *
cache-control: no-store
cf-ray: 798d941d7e7f53f5-YYZ
expires: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame C5DE 0
616 B 24ms
24ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=a12a43ff39447dcd07fbfd0c344f7ea8&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:31:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32568155777616625031879839985693896151/ Frame C5DE
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32568155777616625031879839985693896151/gdpr=0

49 B
264 B

106ms
106ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32568155777616625031879839985693896151/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.9.75
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-va6-1-v045-0a0c60b82.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nZ++UNZtTTo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=32568155777616625031879839985693896151/gdpr=0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame C5DE 0
543 B 152ms
31ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:a12a43ff39447dcd07fbfd0c344f7ea8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:30:59 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame C5DE 42 B
297 B 35ms
35ms Image
image/gif 13.58.67.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.67.229 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-67-229.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 12:31:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHcABWPqLYIAAAAIHE7UAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C5DE 0
337 B 23ms
23ms Image
text/plain 34.199.82.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=a12a43ff39447dcd07fbfd0c344f7ea8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.82.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-82-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by: beacon-n024-ash-prod.krxd.net
date: Mon, 13 Feb 2023 12:31:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1676291460
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET image.sbxx
global.ib-ibi.com/ Frame C5DE 0
0

GET
H3 200 utsync.ashx
ml314.com/ Frame C5DE 43 B
63 B 55ms
55ms Image
image/gif 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:30:59 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 14 Feb 2023 07:31:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C5DE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d2e62207-39e3-4fbe-47e2-1c11cbf1fa74$ip$149.56.153.179&gdpr=0&gdpr_consent=

49 B
265 B

31ms
31ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d2e62207-39e3-4fbe-47e2-1c11cbf1fa74$ip$149.56.153.179&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.13.237
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d2e62207-39e3-4fbe-47e2-1c11cbf1fa74$ip$149.56.153.179&gdpr=0&gdpr_consent=
Date: Mon, 13 Feb 2023 12:31:00 GMT
Connection: keep-alive
Content-Length: 168
Content-Type: text/html; charset=utf-8

GET

cms
ups.analytics.yahoo.com/ups/58736/ Frame C5DE
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0

0
0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C5DE
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60f463ea-2d84-4800-8d78-33b899d0a988&src=lot&gdpr=0

49 B
265 B

29ms
28ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60f463ea-2d84-4800-8d78-33b899d0a988&src=lot&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.36.131
content-length: 49
expires: 0

Redirect headers

Date: Mon, 13 Feb 2023 12:31:00 GMT
Server: MT3 457 2362390 master ord-pixel-x17 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=60f463ea-2d84-4800-8d78-33b899d0a988&src=lot&gdpr=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 13 Feb 2023 12:30:59 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=957d99a4-c7ad-489f-b79c-02781e9c3e59-63ea2d84-4341/ Frame C5DE
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=957d99a4-c7ad-489f-b79c-02781e9c3e59-63ea2d84-4341/gdpr=0

49 B
264 B

29ms
28ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=957d99a4-c7ad-489f-b79c-02781e9c3e59-63ea2d84-4341/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.165
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=957d99a4-c7ad-489f-b79c-02781e9c3e59-63ea2d84-4341/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C5DE 0
676 B 108ms
26ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=a12a43ff39447dcd07fbfd0c344f7ea8&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0&_test=Y_othAAAATZDDQAF
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y_othAAAATZDDQAF/ Frame C5DE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=Y_othAAAATZDDQAF
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y_othAAAATZDDQAF/gdpr=0&_test=Y_othAAAATZDDQAF

49 B
265 B

28ms
27ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y_othAAAATZDDQAF/gdpr=0&_test=Y_othAAAATZDDQAF
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.214
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-yul12834-YUL
pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676291461.770572,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=Y_othAAAATZDDQAF/gdpr=0&_test=Y_othAAAATZDDQAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame C5DE 170 B
188 B 36ms
36ms Image
image/png 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTEyYTQzZmYzOTQ0N2RjZDA3ZmJmZDBjMzQ0ZjdlYTg&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame C5DE 62 B
315 B 103ms
103ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=9024e326783bfbf4687df26271383ddc
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 13 Feb 2023 12:31:00 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame C5DE 103 B
721 B 106ms
27ms Script
application/json 13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 103
x-amz-cf-id: jID_XgRANLb03lH7YNpZnaKWJLxFpOZ1uSsWzP1yzRnFcA0kCtlgGw==
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame C5DE 170 B
188 B 38ms
37ms Image
image/png 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=YTEyYTQzZmYzOTQ0N2RjZDA3ZmJmZDBjMzQ0ZjdlYTg&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rand=644012992
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7709128359634053758/gdpr=0/ Frame C5DE
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=644012992
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7709128359634053758/gdpr=0/rand=644012992

49 B
264 B

33ms
32ms

Image
image/gif

35.169.226.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7709128359634053758/gdpr=0/rand=644012992
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=150%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C80%2C78%2C61%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol: H2
Server: 35.169.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-226-14.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 12:31:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.7.220
content-length: 49
expires: 0

Redirect headers

Date: Mon, 13 Feb 2023 12:31:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f4957534-8bb2-4d4c-8670-4cef88082b17
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7709128359634053758/gdpr=0/rand=644012992
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 5332 0
289 B 21ms
20ms Image
text/plain 23.3.116.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHcABWPqLYIAAAAIHE7UAw%253D%253D&tt=t.dhj&dhjLcy=1676291459093&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1116.23353&ell=d&cck=__stid&dmn=20-220-161-190.cprapid.com&pn=%2Flocal431%2Fin.html&qs=na&rdn=20-220-161-190.cprapid.com&rpn=%2Flocal431%2Fin.html&rqs=na&cc=CA&cont=NA&evid=3hcwKZYAcIlj88lMbuTY&urls=!1!288!b-13j,!1!295!b-13h,!1!324!b-14s,!1!0!b-14t,!1!328!b-150,!1!303!b-16f&rnd=1676291462212&cid=c010&version=1.1116.23353&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=26&bcnLcy=22

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.3.116.47 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-116-47.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1116.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 12:31:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 13 Feb 2023 12:31:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vpod1q.qa.lijit.com
URL: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=a12a43ff39447dcd07fbfd0c344f7ea8

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 10:21:23	Name: _li_ss Value: CgsKCQj_____BxC3FA
.dtscout.com/	1970-01-20 09:38:16	Name: m Value: 1
.dtscout.com/	1970-01-20 09:38:15	Name: st Value: 1
.dtscout.com/	1970-01-20 09:38:25	Name: oa Value: 1
.dtscout.com/	1970-01-20 12:02:11	Name: df Value: 1676291458
.dtscout.com/	1970-01-20 11:46:21	Name: l Value: 104016762914581028B472D083C04521
.cprapid.com/	1970-01-20 11:43:28	Name: __dtsu Value: 104016762914581028B472D083C04521
.sharethis.com/	1970-01-20 18:23:47	Name: __stidv Value: 2
.sharethis.com/	1970-01-20 18:23:47	Name: __stid Value: ZHcABWPqLYIAAAAIHE7UAw==
.cprapid.com/	1970-01-20 09:38:11	Name: lotame_domain_check Value: cprapid.com
.dtscdn.com/	1970-01-20 13:55:57	Name: uid Value: 104016762914581028B472D083C04521
.tynt.com/	1970-01-20 18:23:47	Name: uid Value: CoIKS2PqLYMLXuWnDCRgAg==
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects161 Value: 1
.onaudience.com/	1970-01-20 18:23:47	Name: cookie Value: d2b24af6edd26dac
.t.sharethis.com/	1970-01-20 09:58:21	Name: pxcelPage_default_c010_C Value: 2_0_1676291459211
.tynt.com/	1970-01-20 11:47:47	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1676291459260%7D%5D
.adsrvr.org/	1970-01-20 18:23:47	Name: TDID Value: 7f5bce9f-b401-412f-a916-278be716e4c0
.lijit.com/	1970-01-20 18:23:47	Name: ljt_reader Value: GJlOaSZHjnM3SjmeQZqw6P8N
.ml314.com/	1970-01-20 18:23:47	Name: pi Value: 3633575902701420562
.exelator.com/	1970-01-20 12:30:59	Name: EE Value: "4cd49c0a71bcfef500c9c606c47258d9"
.exelator.com/	1970-01-20 12:30:59	Name: ud Value: "eJxrXxzq6XKLQcEkOcXEMtkg0dwwKTktNc3UwCDZMtnMwCzZxNzI1CLFcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6ImfHxUUpaQyLSopPBR9WTQQAt8wqBw%253D%253D"
.bluekai.com/	1970-01-20 13:58:49	Name: bku Value: +rQ99/1+bZBG9pyu
.eyeota.net/	1970-01-20 18:23:47	Name: mako_uid Value: 1864ac1c91b-2ac00000010a44b6
.eyeota.net/	1970-01-20 09:38:12	Name: SERVERID Value: 24482~DM
.tapad.com/	1970-01-20 11:04:35	Name: TapAd_TS Value: 1676291459355
.tapad.com/	1970-01-20 11:04:35	Name: TapAd_DID Value: 09c0104f-19f8-4346-8281-502e33c68133
.go.affec.tv/	1970-01-20 18:23:47	Name: ck Value: 63ea2d836692bd000155157d
.go.affec.tv/	1970-01-20 18:23:47	Name: oo Value: 1
.rlcdn.com/	1970-01-20 18:23:47	Name: rlas3 Value: 49LQ+uAc60xmao6t507+gFFMrOZeu2KeK1iFq8q0WXI=
.liadm.com/	1970-01-20 19:14:11	Name: lidid Value: 3a92fa7a-730d-4ee8-bd74-3848a7097262
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects252 Value: 1
.intentiq.com/	1970-01-20 19:14:11	Name: IQver Value: 1.9
.rlcdn.com/	1970-01-20 11:04:35	Name: pxrc Value: CIPbqJ8GEgUI6AcQABIFCNtOEAA=
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects109 Value: 1
.33across.com/	1970-01-20 18:23:47	Name: 33x_ps Value: u%3D212100977960040%3As1%3D1676291459425%3Ats%3D1676291459425
.linkedin.com/	1970-01-20 11:47:47	Name: li_sugr Value: a8d580a6-cc96-4b6f-a577-fd4c06e1e3e2
.linkedin.com/	1970-01-20 18:23:47	Name: bcookie Value: "v=2&dce6a21f-7846-49b7-8ce0-cd412f12c2fa"
.linkedin.com/	1970-01-20 09:39:37	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2580:u=1:x=1:i=1676291459:t=1676377859:v=2:sig=AQG3dqNC7zQ_jwFgAN-W8-BU2LRA1pqT"
.zeotap.com/	1970-01-20 18:23:47	Name: zc Value: 0009adf4-4580-4031-45b3-1f14e895a355
.yahoo.com/	1970-01-20 18:24:09	Name: A3 Value: d=AQABBIMt6mMCEGZK6cQ7Riv-cGZvTO6UjgYFEgEBAQF_62P0YwAAAAAA_eMAAA&S=AQAAAip54kXUwi9ujdi31PAKd0M
.adnxs.com/	1970-01-20 11:47:47	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb=rKc?R!@wnf-Te9(>wL5L!!'@z$`VO5
.doubleclick.net/	1970-01-20 19:14:11	Name: IDE Value: AHWqTUkv8xdOW_EMtpGDmCHugfz4NnNBaVFC_zcWhRqfQX6hpFjtYprL6dYBbcb0NwA
.bluekai.com/	1970-01-20 13:57:23	Name: bkdc Value: phx
.go.affec.tv/	1970-01-20 18:23:47	Name: pt Value: eyJhbiI6eyJkdCI6MTY3NjI5MTQ1OSwiaWQiOiI4ODM1NTQxOTcxMzg0ODU1Mzc5IiwibHMiOjE2NzYyOTE0NTl9LCJ0dCI6eyJkdCI6MTY3NjI5MTQ1OSwiaWQiOiJDb0lLUzJQcUxZTUxYdVduRENSZ0FnPT0iLCJscyI6MTY3NjI5MTQ1OX0sInRkIjp7ImR0IjoxNjc2MjkxNDU5LCJpZCI6IjdmNWJjZTlmLWI0MDEtNDEyZi1hOTE2LTI3OGJlNzE2ZTRjMCIsImxzIjoxNjc2MjkxNDU5fSwidiI6MH0=\|1676291459\|c26ce41ddcbafa4568bdc4a3574009d00a287e52
.crwdcntrl.net/	1970-01-20 16:06:58	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 16:06:58	Name: _cc_id Value: a12a43ff39447dcd07fbfd0c344f7ea8
.analytics.yahoo.com/	1970-01-20 18:23:47	Name: IDSYNC Value: 199z~29z0
.simpli.fi/	1970-01-20 18:25:13	Name: suid Value: 2FD146284BBF439093CD97D975DD9EA3
.adnxs.com/	1970-01-20 11:47:47	Name: uuid2 Value: 7709128359634053758
.lijit.com/	1970-01-20 18:23:47	Name: _ljtrtb_2 Value: 2FD146284BBF439093CD97D975DD9EA3
.lijit.com/	1970-01-20 18:23:47	Name: _ljtrtb_5001 Value: a12a43ff39447dcd07fbfd0c344f7ea8
.krxd.net/	1970-01-20 13:57:23	Name: _kuid_ Value: PYIjOMd6
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects104 Value: 1
.turn.com/	1970-01-20 13:57:23	Name: uid Value: 3253601410842671705
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-20 09:39:37	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 09:39:37	Name: zsc Value: %5E%2Aj%F4%00%C3%E8%C3%9F%1F%60%9A%C2%BE%2Cb%A5%EC%E9%D1%AE%B0%B4%F0%1EM%E1%C8%95%D4%D5%85%C0%10%2F%98%BC%DB%BD%00%10%1F%85%D3%F0%B5%29%7B%8B%F8%E1%06%210%401%10%1B%F5%0B9T%15%AB%7B%D7%26%D2%3F%BA%17%189%BFfP%9F%EAS4iJA
.crwdcntrl.net/	1970-01-20 16:06:59	Name: _cc_cc Value: "ACZ4XmNQSDQ0SjQxTksztjQxMU9JTjEwT0tKSzFINjYxSTNPTbRgAILkV7ot%2F4GAH8QBA%2BFTb64aMH6UZfjPyMjw5MVHXeY9WiA2RGR7PVj82eI5LEzI4gznjh5ixqbyx8YpLNjEd%2B%2B7LIBN%2FEPDfQFUkw8D7cKmcvX6p9zYxCefUMcm%2FG4JdmN6sSvvvttlgM2Yy39vszBCfM7wYVM7K4x9cCdCfH3jPgGY%2BJGNCPFLpx6xMUJDEADH2o39"
.crwdcntrl.net/	1970-01-20 16:06:59	Name: _cc_aud Value: "ABR4XmNgYGBIfqXbAqQggI2BgWsGmLmoFUQyas2GULNAFJ%2B7A5j3sB5IAgDa8QdP"
.cprapid.com/	1970-01-20 16:06:59	Name: _cc_id Value: a12a43ff39447dcd07fbfd0c344f7ea8
.cprapid.com/	1970-01-20 09:39:37	Name: panoramaId_expiry Value: 1676377860381
.cprapid.com/	1970-01-20 09:39:37	Name: panoramaId Value: f84789f7b1482159b0bf0f0184aba9fb927a3cc31c5445a19a1c542f99b781d8
.adsrvr.org/	1970-01-20 18:23:47	Name: TDCPM Value: CAESFAoFdGFwYWQSCwj8yc6chvLGOxAFEhYKB2JsdWVrYWkSCwjM5_eehvLGOxAFGAEgASgCMgsI6MSy1ZzyxjsQBTgBWgZsb3RhbWVgAg..
.rqtrk.eu/	1970-01-20 09:48:16	Name: browser_id Value: 1:cd3caaa3-f654-4bf0-b440-1fb5a5a6380c
.pubmatic.com/	1970-01-20 09:39:37	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:23:47	Name: KADUSERCOOKIE Value: 0D17EACA-46AC-42FD-8AA6-8AF2F606B2B9
.agkn.com/	1970-01-20 18:23:47	Name: ab Value: 0001%3Agzn5QJuUllFN2g8uiAlXLlmnF6a3P%2Fj4
.everesttech.net/	1970-01-20 18:23:47	Name: everest_g_v2 Value: g_surferid~Y_othAAAATZDDQAF
.truoptik.com/	1970-01-20 18:23:47	Name: to_master_s Value: 510fadee6cc2b928d90859a7216ec834
.truoptik.com/	1970-01-20 18:23:47	Name: to_version_s Value: b2
sync.srv.stackadapt.com/	1970-01-20 18:23:47	Name: sa-user-id Value: s%3A0-d2e62207-39e3-4fbe-47e2-1c11cbf1fa74.Y%2F0uTrOINQ9Ogoh0zdfioxrBIInksceAabC%2F%2F9p7akg
.srv.stackadapt.com/	1970-01-20 18:23:47	Name: sa-user-id-v2 Value: s%3A0uYiBznjT75H4hwRy_H6dJU4mbM.YR63878Paw%2FpvoqNtBtHAX6FKtjGEiB9NkZKPB90Yng
.mathtag.com/	1970-01-20 19:04:06	Name: uuid Value: 60f463ea-2d84-4800-8d78-33b899d0a988
.sitescout.com/	1970-01-20 18:23:47	Name: ssi Value: 957d99a4-c7ad-489f-b79c-02781e9c3e59#1676291460779
.rubiconproject.com/	1970-01-20 18:23:47	Name: khaos Value: LE2SNL4K-1R-FXJ9
.rubiconproject.com/	1970-01-20 18:23:47	Name: audit Value: 1\|NzYkXSEAZEbkcdv6nXECfKY3bvwLqt+7QVdekcho35EeECEUBMheil0g0KHPsGZ5+O7FIkPrvBJBK03vAHceENBQIIuieds9UwueluIBfFt3FtbVZ/roUbR+ElY4sNEs2/RcYRid5p/Djk6yZL+2Fc2O8qCVR0N4qoxmw57vRqc=
.c.cintnetworks.com/	1970-01-20 09:38:15	Name: TiPMix Value: 34.60641970711244
.c.cintnetworks.com/	1970-01-20 09:38:15	Name: x-ms-routing-name Value: self
.sitescout.com/	1970-01-20 10:21:23	Name: _ssuma Value: eyI3IjoxNjc2MjkxNDYwODA3fQ
.dpm.demdex.net/	1970-01-20 13:57:23	Name: dpm Value: 73647848446338178770650009302646027669
.demdex.net/	1970-01-20 13:57:23	Name: demdex Value: 73647848446338178770650009302646027669
.tapad.com/	1970-01-20 11:04:35	Name: TapAd_3WAY_SYNCS Value: 1!1068-2!1068-3!1068
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 24

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=a12a43ff39447dcd07fbfd0c344f7ea8 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20-220-161-190.cprapid.com
a.dtssrv.com
aa.agkn.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
get.s-onetag.com
global.ib-ibi.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
image6.pubmatic.com
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
media-us1.digital.nuance.com
ml314.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
secure.adnxs.com
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
ups.inq.com
usermatch.krxd.net
vpod1q.qa.lijit.com
waust.at
whos.amung.us
wt.rqtrk.eu
global.ib-ibi.com
ups.analytics.yahoo.com
vpod1q.qa.lijit.com
104.16.111.154
104.18.35.34
104.36.115.113
107.178.246.49
108.138.128.124
108.139.29.127
108.139.29.7
13.225.214.50
13.225.223.110
13.58.67.229
141.94.170.64
142.251.16.157
15.235.42.104
151.101.66.49
172.64.151.83
173.223.57.84
18.164.124.79
18.215.132.94
18.217.164.44
20.220.161.190
207.198.113.203
216.200.232.253
23.3.112.166
23.3.116.47
23.92.190.68
2600:1f18:ed:550a:603b:acd7:290f:c7dd
2606:4700:10::ac43:88d
2606:4700:10::ac43:db6
2606:4700:20::681a:d3c
2606:4700:20::ac43:4739
2606:4700:21::8d65:780b
2606:4700:e6::ac40:cb26
2620:112:f002:bbbb::23
2620:1ec:21::14
2620:1ec:4b::24
3.224.184.225
3.230.62.22
34.111.234.236
34.150.170.96
34.199.82.71
34.205.158.255
35.169.226.14
35.190.60.146
35.71.131.137
40.71.11.141
44.205.52.119
52.0.156.250
52.177.241.160
52.45.33.138
52.87.130.203
54.243.199.220
63.251.114.136
67.202.105.22
67.202.105.31
67.202.105.34
68.67.160.26
68.67.160.75
76.13.32.147
8.43.72.98
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
076902752ae5748c9a6a128021d95a1bddf6aac70390b3d07f4ae941571350fe
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
09bab703b4e9ed5e7925279cfaecbb8432ae0dba25385d7d39aa9f8f2d3df7f8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
20e2c88fe78444f76748fe59887e843224ba1064afad5a9aa1f881fbae4b0f28
2d9668f6f97ac0527e0635f052d73111bf1119d4671b22f99076d504bd195779
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30252824d35ed4620081c80045344d7a37c9a0bfda88a6a6841a37424c70597d
307b5b7a5b1759b5ba2ec7b97d8614385ddde2e0370e6997aa3a904f608e0ee8
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
35730e86d2c16d35badbd1807bc8bbc1ffc21f0706eab5d24dde72309d2288d1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
61229a29c563cbafa6132a2d4b3561f712b08c70fa6ddf81d130d3de06bb6433
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
69e7dff8d115036c2eb487e3c28f0af15c888ac57a4c2bb66c2238d8608d43c4
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
79a04d12f88eecbb325c0923ad9b263b17e9ddd6ece79ea2ba661a31e305fc2e
7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84634bc93f56dafb787db8bdbbe47c69b42632f14dbdfa0b0485a6c21af78c04
86c259ce84fd41779fbe1e6b2550e8f66b72daff53e55b32ed2bd2a8e1739778
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
92a931d5d8ead8bf4cc943464b4ddee6a105d9fa24a01be037c338bd383b4200
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9653cc7c737d874e74d4529bf9da4f5906e068cfe7994aa2ae64e7fb537ed989
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1fd67505079dfa852099a19853f739f9f9b2d265abc25bbe847f6852ca9bde3
a2e73e41a2b89c9b224bd11acab7d5580e9bc7690c4a8434f59946680f6e9105
a95cccb9b4b1b5b2d1d5a599c70662117e629c9525f2e9d9b9f1cd6a73052e5a
ad9163b7d6fa52131da92585a39ae33ba9b440c1d2f86fbe1be6c44ae5d9fc4d
adfa1e50980a8f6a6603cf55a6ca4ac94d9fce67a743d8c16dec09925bd9449f
ae367b01f6899231a82020e3ed74a9345832f163fc754c2bfee56842af2087d5
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b646ef60183a5fa06713dcf5f7966b889d2309d4bbd8b1f6ff583746a17269fb
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
bb278815a0ae1eae0ac1b3b790d371581cd921eb099093f6e55d59d60a08b282
bec466d521e05563dea9cd61c498739b7014607afe7bc64a4aac43864ec75d8d
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c694ec1f7a48dd18d33f0750a9de65ae44859aa54a9db8e25e98d7bbb1ff14cf
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2e58073cc47171740508e47b92fde9cd84b2a8477926212d882f46a0a559dc5
dca987a6fdf97b97b04fbcc2bff586ecd7637ace53b2e4e1bc4ef737ba900670
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50a2127eb1085389a78fa75b032d805e0424d810aa268ff07f6f96b494f7950
e6100cd45091bbebb7ce5695522abfced42e53c61e985106f50dccfdd42383bc
e94f926fe32bb1db75044f07af73ade28a728efe7b16fefdd59a064514cb1316
eab4d56ac0ee5cd6a9981c73fb48e653839c1bf33169656e0137224c4c54ffaa
ec42e263cd11890be5f6aad789249f1d74c91f3be4f0f072848cab423d22e44f
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75
f94d2ab358987555c99e0be52f450293ed78850f6c78f305b22f8327c4bc617f
fa734329b0d86f7c676d4bb77eee036d4de71471836ff309716f6b656a951b54

20-220-161-190.cprapid.com Open in urlscan Pro 20.220.161.190 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

70 %HTTPS

17 %IPv6

46 Domains

65 Subdomains

44 IPs

4 Countries

1680 kBTransfer

1531 kBSize

85 Cookies

55 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

20-220-161-190.cprapid.com Open in urlscan Pro
20.220.161.190 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

70 %
HTTPS

17 %
IPv6

46
Domains

65
Subdomains

44
IPs

4
Countries

1680 kB
Transfer

1531 kB
Size

85
Cookies

123 HTTP transactions
2 data transactions