shadowshopperss.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowshopperss.jigsy.com/shadow-shoppers-application
Effective URL:
https://shadowshopperss.jigsy.com/shadow-shoppers-application
Submission Tags: falconsandbox
Submission: On January 27 via api (January 27th 2022, 10:52:12 pm UTC) from US — Scanned from CA

Summary HTTP 109 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 48 domains to perform 109 HTTP transactions. The main IP is 70.33.222.6, located in Vancouver, Canada and belongs to COGECO-PEER1, CA. The main domain is shadowshopperss.jigsy.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 22nd 2021. Valid for: a year.

This is the only time shadowshopperss.jigsy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	70.33.222.6 70.33.222.6	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	65.39.176.77 65.39.176.77	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
26	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
2 9	23.200.172.248 23.200.172.248	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
4 4	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 7	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.36.113.24 104.36.113.24	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	68.67.179.90 68.67.179.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4 4	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
4 4	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
7 8	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	23.3.124.133 23.3.124.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	34.255.81.31 34.255.81.31	16509 (AMAZON-02) (AMAZON-02)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	54.161.8.43 54.161.8.43	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.200.16.87 52.200.16.87	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.251.114.136 63.251.114.136	12181 (INTERNAP-...) (INTERNAP-2BLK)
1 1	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
7 7	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1 2	13.226.31.104 13.226.31.104	16509 (AMAZON-02) (AMAZON-02)
1	23.200.172.205 23.200.172.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.40.67.149 52.40.67.149	16509 (AMAZON-02) (AMAZON-02)
2 2	23.46.249.89 23.46.249.89	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	173.231.178.81 173.231.178.81	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 3	23.57.136.222 23.57.136.222	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 1	3.227.228.140 3.227.228.140	14618 (AMAZON-AES) (AMAZON-AES)
6	34.117.239.71 34.117.239.71	15169 (GOOGLE) (GOOGLE)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2606:ae80:145... 2606:ae80:1451:13::2330	25751 (VALUECLICK) (VALUECLICK)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2 8	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
5	104.254.149.100 104.254.149.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.22.124.44 52.22.124.44	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1 2	23.75.190.74 23.75.190.74	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21d... 2600:9000:21dd:e600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.72.149.226 52.72.149.226	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.34.104 141.95.34.104	16276 (OVH) (OVH)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
1	18.206.84.102 18.206.84.102	14618 (AMAZON-AES) (AMAZON-AES)
109	39

11 70.33.222.6 (Vancouver, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

shadowshopperss.jigsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.39.176.77 (Vancouver, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: bnidx.com

assets.bnidx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3011.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3011.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.31 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.200.172.248 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-172-248.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.82 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.24 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.90 (Secaucus, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.218.90.66 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.142 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.40.198 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.124.133 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-124-133.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.81.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-81-31.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.8.43 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-8-43.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.16.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-16-87.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.114.136 (United States) 2 redirects

ASN12181 (INTERNAP-2BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.23 (United States) 7 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.31.104 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-104.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.172.205 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-172-205.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.40.67.149 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-67-149.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.46.249.89 (Lithia Springs, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-249-89.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.178.81 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.57.136.222 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-136-222.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.228.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-228-140.compute-1.amazonaws.com

cms-xch.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com

cms-xch-chicago.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:13::2330 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

33across-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.43.72.98 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.254.149.100 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

lax1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.124.44 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-124-44.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.190.74 (Atlanta, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-190-74.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:e600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.72.149.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-149-226.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.34.104 (France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.84.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-84-102.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7980 router.infolinks.com — Cisco Umbrella Rank: 2877 rt3011.infolinks.com — Cisco Umbrella Rank: 76877	368 KB
14	33across.com 8 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 877 cms-xch.33across.com — Cisco Umbrella Rank: 3591 cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1613	5 KB
13	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 lax1-ib.adnxs.com — Cisco Umbrella Rank: 2175 acdn.adnxs.com — Cisco Umbrella Rank: 565 cdn.adnxs.com — Cisco Umbrella Rank: 1377	60 KB
12	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135 pixel.rubiconproject.com — Cisco Umbrella Rank: 312	16 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484	100 KB
11	jigsy.com 1 redirects shadowshopperss.jigsy.com	36 KB
9	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	10 KB
8	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	4 KB
8	pubmatic.com 7 redirects image8.pubmatic.com — Cisco Umbrella Rank: 609 image2.pubmatic.com — Cisco Umbrella Rank: 1032 image4.pubmatic.com — Cisco Umbrella Rank: 848 ads.pubmatic.com — Cisco Umbrella Rank: 473	64 KB
7	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197	1 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 ads.yahoo.com — Cisco Umbrella Rank: 913	2 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	29 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680	38 KB
2	connextra.com 1 redirects ssl.connextra.com — Cisco Umbrella Rank: 7563	913 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738 api.rlcdn.com — Cisco Umbrella Rank: 812	707 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	630 B
2	dotomi.com 2 redirects 33across-match.dotomi.com — Cisco Umbrella Rank: 3338	614 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	1 KB
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 1634	1 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 990	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 284	2 KB
2	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 2199	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690 ce.lijit.com Failed	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	674 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 675	645 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 588	1 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 710	632 B
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1328 hde.tynt.com — Cisco Umbrella Rank: 4139	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	122 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1894	833 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 596	2 KB
1	clientgear.com 1 redirects event.clientgear.com — Cisco Umbrella Rank: 3454	265 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702	750 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 4389	308 B
1	cpx.to s.cpx.to — Cisco Umbrella Rank: 2057	943 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1044	746 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 510	960 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	591 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	814 B
1	gstatic.com fonts.gstatic.com	44 KB
1	bnidx.com assets.bnidx.com — Cisco Umbrella Rank: 410715	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	30 KB
0	bnmla.com Failed match.bnmla.com Failed
109	48

	Domain	Requested by
18	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
11	shadowshopperss.jigsy.com	1 redirects shadowshopperss.jigsy.com
8	match.adsrvr.org	7 redirects ads.pubmatic.com
7	dt.adsafeprotected.com	fw.adsafeprotected.com shadowshopperss.jigsy.com
7	ssc-cms.33across.com	7 redirects
7	cm.g.doubleclick.net	6 redirects eus.rubiconproject.com
6	cms-xch-chicago.33across.com	hde.tynt.com eus.rubiconproject.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	ib.adnxs.com	4 redirects acdn.adnxs.com
6	resources.infolinks.com	shadowshopperss.jigsy.com router.infolinks.com resources.infolinks.com
5	lax1-ib.adnxs.com	blank lax1-ib.adnxs.com cdn.adnxs.com
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	token.rubiconproject.com	2 redirects eus.rubiconproject.com
4	ups.analytics.yahoo.com	4 redirects
4	image8.pubmatic.com	4 redirects
3	x.bidswitch.net	3 redirects
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	rt3011.infolinks.com	resources.infolinks.com shadowshopperss.jigsy.com
3	cdnjs.cloudflare.com	shadowshopperss.jigsy.com
3	maxcdn.bootstrapcdn.com	shadowshopperss.jigsy.com
2	static.adsafeprotected.com	fw.adsafeprotected.com
2	ssl.connextra.com	1 redirects blank
2	fw.adsafeprotected.com	1 redirects lax1-ib.adnxs.com
2	sync-tm.everesttech.net	2 redirects
2	mug.criteo.com	shadowshopperss.jigsy.com
2	gum.criteo.com	1 redirects
2	33across-match.dotomi.com	2 redirects
2	sync.mathtag.com	2 redirects
2	eus.rubiconproject.com	hde.tynt.com eus.rubiconproject.com
2	cm.adgrx.com	2 redirects
2	px.owneriq.net	2 redirects
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	api.intentiq.com	1 redirects shadowshopperss.jigsy.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	u.openx.net	2 redirects
2	image4.pubmatic.com	2 redirects
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	cdn.adnxs.com	lax1-ib.adnxs.com
1	acdn.adnxs.com	lax1-ib.adnxs.com
1	id.rlcdn.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	cms-xch.33across.com	1 redirects
1	event.clientgear.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	imasdk.googleapis.com	resources.infolinks.com
1	ads.pubmatic.com	resources.infolinks.com
1	p.rfihub.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	hde.tynt.com	router.infolinks.com
1	de.tynt.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	shadowshopperss.jigsy.com
1	assets.bnidx.com	shadowshopperss.jigsy.com
1	code.jquery.com	shadowshopperss.jigsy.com
0	ce.lijit.com Failed	router.infolinks.com
0	match.bnmla.com Failed	router.infolinks.com
109	72

This site contains links to these domains. Also see Links.

Domain
jigsy.com

Subject Issuer	Validity	Valid
*.jigsy.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-22` - `2022-05-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.bnidx.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-16` - `2022-05-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Frame ID: 453009FBBFE17199C34767CE6BCC3979
Requests: 40 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Frame ID: 01ACE80A29EDC2738717F0602B391E29
Requests: 18 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: EF7AB32FE9EE4C53CBCCB8D054B18ED5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: A4A315019095AF3E19A5635D9073AF67
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: E3E3FD4D165EE68F69B3970DFBB8C063
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: EB006F3D78758412135E5EEB75F8DE93
Requests: 12 HTTP requests in this frame

Frame: https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806
Frame ID: 091C483AA68908FC2EF6115C8536AE64
Requests: 7 HTTP requests in this frame

Frame: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Frame ID: 29B3B18D944C3B2183D0F4F2DD72E294
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1669543
Frame ID: 7964943DD0ADE53B09767DE6EDEBED90
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/skeleton.gif
Frame ID: D111EB3D91EF695B98527F3C69FAC485
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1420FF7323C308EF3E9DC6CF5A8E1F40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Easy Website Builder, it's free! Jigsy.com

Page URL History Show full URLs

http://shadowshopperss.jigsy.com/shadow-shoppers-application HTTP 301
https://shadowshopperss.jigsy.com/shadow-shoppers-application Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

XRegExp (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

xregexp.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

62 %
HTTPS

17 %
IPv6

48
Domains

72
Subdomains

39
IPs

5
Countries

922 kB
Transfer

2767 kB
Size

115
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://jigsy.com/

Search URL Search Domain Scan URL

URL: https://jigsy.com/account/signup
Title: sign up

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/tos
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowshopperss.jigsy.com/shadow-shoppers-application HTTP 301
https://shadowshopperss.jigsy.com/shadow-shoppers-application Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

Request Chain 27

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 29

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZDRDcyN0MtREZGQy00M0FFLUIzNEUtQUI5RTAxRjFFOTM5&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZDRDcyN0MtREZGQy00M0FFLUIzNEUtQUI5RTAxRjFFOTM5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DE6CD727C-DFFC-43AE-B34E-AB9E01F1E939 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=829513164673294724

Request Chain 31

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://router.infolinks.com/dyn/ox-usync?uid=fdb9d287-406e-4240-8723-2384a954f197

Request Chain 32

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-~A

Request Chain 33

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643323928000 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4615951224 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4615951224 HTTP 302
https://sync.1rx.io/usersync/tradedesk/80b26bf8-b762-48e6-9e6d-7991eb5d015b HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9c224379-3847-44b0-8fda-d12751e27a87-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9c224379-3847-44b0-8fda-d12751e27a87-005 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-9c224379-3847-44b0-8fda-d12751e27a87-005

Request Chain 34

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=gTC7tlRUv-yA1cE4pCev&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVTVIQZXORWFEVLWFV4UCMLDIU2HAQ3FOY HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVTVIQZXORWFEVLWFV4UCMLDIU2HAQ3FOY HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=gTC7tlRUv-yA1cE4pCev

Request Chain 35

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
https://router.infolinks.com/dyn/sonobi-usync?uid=cb444b0c-ed84-4467-b2ff-7133e6ffef42

Request Chain 36

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fshadowshopperss.jigsy.com%252Fshadow-shoppers-application&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fshadowshopperss.jigsy.com%25252Fshadow-shoppers-application%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=829513164673294724

Request Chain 37

https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D HTTP 302
https://router.infolinks.com/dyn/earn-usync?uid=A3621684663870980674

Request Chain 38

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://router.infolinks.com/dyn/imd-usync?user_id=0c52e69d-0469-4fca-b84b-f117d1c2cd1f&partner_id=1531

Request Chain 39

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc15e366c-7fc3-11ec-882a-0a7a30665509 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-vCmmZhpE2uERxfeLmDJ8pa3Jg0PhIubX~A~UPc15e366c-7fc3-11ec-882a-0a7a30665509

Request Chain 41

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=75d73196b0cff873255089db

Request Chain 42

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DE6CD727C-DFFC-43AE-B34E-AB9E01F1E939 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939

Request Chain 43

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=968625777244077701

Request Chain 44

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
https://router.infolinks.com/dyn/33a-usync?uid=77823423758612

Request Chain 45

https://router.infolinks.com/dyn/iq-usync HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=ffe23310-ebd7-4214-b18c-316de908936f&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=1591710469&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=fdb9d287-406e-4240-8723-2384a954f197 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=ffe23310-ebd7-4214-b18c-316de908936f&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=1591710469&3rdpcid=&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=fdb9d287-406e-4240-8723-2384a954f197&ckls=true&ci=qUpfbx18sm&nc=false&trid=534146371 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1509139146%26rnd%3D-1002363262%26pcid%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJNmVWiel18vxVqi8HBGXl8&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:24783076C3AF418A8649AE596F186962 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1509139146&rnd=-1002363262&pcid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1509139146%3B1402230080%26rnd%3D1116084585&pcid=$UID HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1509139146;1402230080&rnd=1116084585&pcid=829513164673294724 HTTP 302
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%26rnd%3D735746719%26pcid%3D HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1509139146;1402230080;1709765917&rnd=735746719&pcid=218b16a6-1ffc-4d3f-8289-8255bdbb1717 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-641679154%26pcid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-641679154%26pcid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=c1fdc2c7-7fc3-11ec-a999-112d0e150403 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=1509139146;1402230080;1709765917;1486637409&rnd=-641679154&pcid=c1fdc23f-7fc3-11ec-a999-112d0e150403 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B1072441116%26rnd%3D213053974%26pcid=[MM_UUID] HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1509139146;1402230080;1709765917;1486637409;1072441116&rnd=213053974&pcid=e66961f3-2218-4e00-99bc-8929570a53e2 HTTP 302
https://ce.lijit.com/merge?pid=8101&3pid=qUpfbx18sm&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%26rnd%3D-222848656%26pcid%3D%5BSOVRNID%5D

Request Chain 46

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-d78539601b44&iiqpciddate=1643323927902&dbsaved=true&fbp=2503514552 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-d78539601b44&iiqpciddate=1643323927902&dbsaved=true&fbp=2503514552&ckls=true&ci=cOXojQe7kH&nc=false&trid=1124140792

Request Chain 51

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b&expiration=1645915928&gdpr=0&gdpr_consent=

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHpxmQVfg6mRdft235Z0q0g&google_cver=1

Request Chain 53

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfMiF6hvpY3t0hkW0x9IKgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUfPCF73I-c45YEH56o2KI&google_cver=1

Request Chain 54

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&dcc=t

Request Chain 55

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YfMiF6hvpY3t0hkW0x9IKgAA HTTP 302
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YfMiF6hvpY3t0hkW0x9IKgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662312920460785

Request Chain 56

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993

Request Chain 57

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6966103281166635982&uid=Q6966103281166635982&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6966103281166635982

Request Chain 58

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c1763d04-7fc3-11ec-bbcf-2c6438850a76

Request Chain 60

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 61

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=84e4fe17-27e6-43f0-a7ae-981caf54ceab HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mka6f7474d-2d4e-43b7-8b83-7fd964b07d64&expires=7&user_group=5&ssp=the33across&bsw_param=84e4fe17-27e6-43f0-a7ae-981caf54ceab HTTP 302
https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D84e4fe17-27e6-43f0-a7ae-981caf54ceab HTTP 302
https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab HTTP 301
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab

Request Chain 62

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643323928006.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=e66961f3-2218-4e00-99bc-8929570a53e2

Request Chain 63

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf~A HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf%7EA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 64

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=6d16b6719831203&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZdLYlz5v-wMSFpbeAAAAAAA&expiration=1643410328&is_secure=true&us_privacy= HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZdLYlz5v-wMSFpbeAAAAAAA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 65

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1645915928%26external_user_id%3D80b26bf8-b762-48e6-9e6d-7991eb5d015b HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1645915928&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b

Request Chain 68

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshadowshopperss.jigsy.com%2F&domain=shadowshopperss.jigsy.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=OrfaOnx4K1FGNDhYekluZTk0dU1SaGxTRkwyZ3hBVFVUTW45WVM4dGV6ZnV2Q29RTkg1RWFRL2NlT0JxUEdxTWdPTjgyOThOSnZMcGluZFplWlZ3MXQ2UVhxTi91eUVCcXl3L3gxcXRDQXN1VWpUNnNEcFhWek00bTZ1eTE4QjR0N0ExZ3Q5OERJdk9GVVdKTzEyUU40V3hRUUM3SUFLYXZuQTlHZ0xoeHYxVnk3OGVGUEJublp1ZENrYzNScUg1ZDFhZkJUK2Z5QU5ySkxwVmZoaWJ4RC9OR3IrRllKRWlGelJJTEZxNzNMb21TL3ZVVTJJTTlhNGJBRHJsbFBCOXBhUVBwfA&cppv=2

Request Chain 74

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KYXKMYCC-21-9MML HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=KYXKMYCC-21-9MML HTTP 302
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KYXKMYCC-21-9MML&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 75

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfMiGAABz6DggQBH HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfMiGAABz6DggQBH&_test=YfMiGAABz6DggQBH

Request Chain 76

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYXKMYCC-21-9MML&sigv=1&esig=2~93dfcf65c4dc92a61dda6ed714d42d57232cedeb

Request Chain 78

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYS01ZQ0MtMjEtOU1NTA==

Request Chain 80

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e66961f3-2218-4e00-99bc-8929570a53e2&expires=28

Request Chain 81

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=80b26bf8-b762-48e6-9e6d-7991eb5d015b&gdpr=0&gdpr_consent=&expires=30

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXcJ0YlE2LBYlCYuUFlLyI&google_cver=1

Request Chain 90

https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&apnauc=4078459807296792860&bidid=4078459807296792860&dspid=3bc1d7fd2e HTTP 302
https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Casino_Impression_Pixel_1x1&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&apnauc=4078459807296792860&bidid=4078459807296792860&dspid=3bc1d7fd2e

Request Chain 93

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009&adsafe_url=https%3A%2F%2Fshadowshopperss.jigsy.com&adsafe_type=g&adsafe_url=https%3A%2F%2Ffw.adsafeprotected.com%2Frjsi%2Fservedby.flashtalking.com%2F665297%2F55785894%2Fimp%2F1%2F149210%3B5690242%3B201%3Bjsiframe%3BGeniusSports%3BCanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90%2F%3Fft_custom%3D%26imageType%3Dgif%26ftDestID%3D30295116%26ft_width%3D728%26ft_height%3D90%26click%3Dhttps%3A%2F%2Flax1-ib.adnxs.com%2Fclick%3FDB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNMQVgxOjQ2NjQ%3D%2Fbn%3D94353%2Fclickenc%3D%26ftOBA%3D1%26ftExpTrack%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cachebuster%3D731651009&adsafe_type=d&adsafe_jsinfo=,id:faba023a-96a9-12f8-3ef0-1d7cdeb06a39,c:2xB6PP,sl:outOfView,em:true,fr:false,thd:1,mn:app25va,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,ex:e10,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:BODY,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjsi,et:25,oid:c1ec4599-7fc3-11ec-9e14-0ad4d7b160f1,v:19.8.284,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.gif

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request shadow-shoppers-application Show response
shadowshopperss.jigsy.com/
Redirect Chain

http://shadowshopperss.jigsy.com/shadow-shoppers-application
https://shadowshopperss.jigsy.com/shadow-shoppers-application

4 KB
5 KB

343ms
132ms

Document
text/html

70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: b1344c3a453508c57a193771019ba0c28b0eac72427526c9e8ee33e92cf85794

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
cache-control: no-cache
x-request-id: 1c07fe3dc7548cbed5f47519f5a6e43a
x-ua-compatible: IE=Edge
x-runtime: 0.023992
x-rack-cache: miss
x-powered-by: Phusion Passenger 6.0.4
status: 404 Not Found
content-type: text/html; charset=utf-8

Redirect headers

Content-length: 0
Location: https://shadowshopperss.jigsy.com/shadow-shoppers-application

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 68ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 718
age: 24150523
cdn-cachedat: 2021-03-11 04:57:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fd9790f5364733fa4266619009a41568
cf-ray: 6d458cae1aa24bd1-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 66ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 24150522
cdn-cachedat: 2021-03-10 13:26:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 898a5586476273b50179fca1a96b41f8
cf-ray: 6d458cae1aa34bd1-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/ 6 KB
2 KB 78ms
32ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/bootstrap-select.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 78653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1315
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-19ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeTlxyo6sKC%2FM4w6EXt2bbvo4svUp4%2FafeqftZbtfEw%2Fj3wAyU0tIAMwGxn%2FA30axv0x3BONPOrqIrJnUNBFsxnqxYWNlKvTj8PptPnAgloLcGCYeszZgGGKc04eW%2By3KNvlUozZgaKtkivj1E4Z0Lrj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d458cae2d5becfe-YUL
expires: Tue, 17 Jan 2023 22:52:06 GMT

GET
H2 200 style-1b7c0e119bc58347e850590d5f2f6fd3.css
shadowshopperss.jigsy.com/assets/responsive/ 9 KB
10 KB 118ms
116ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/style-1b7c0e119bc58347e850590d5f2f6fd3.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.002543
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: 23ddcdea5b46777aeb49678ccc9281f7dab07c82
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 67a054b2ac0c81b424bcd3848bb22221
content-length: 9444
etag: "1b7c0e119bc58347e850590d5f2f6fd3"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 helper-classes-7f703c796690e15e41571acefd4feed6.css
shadowshopperss.jigsy.com/assets/responsive/ 166 B
612 B 118ms
117ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/helper-classes-7f703c796690e15e41571acefd4feed6.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.002914
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: f4a7c3ef80123f6b5ea85b03de7e1020999de185
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 041430e8e34b0085a2f2b3c968017719
content-length: 166
etag: "7f703c796690e15e41571acefd4feed6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy-f762e135464f4d07cbaa221229fb49a6.css
shadowshopperss.jigsy.com/assets/responsive/ 3 KB
3 KB 112ms
110ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.002684
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: e8ecde58886faae00e94437dce0d2c83e1aa61af
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 3b9e8dc28d16cb86a0dd58544ae58f31
content-length: 3106
etag: "f762e135464f4d07cbaa221229fb49a6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 83ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1643323926.dop007.dc2.t,1643323926.cds207.dc2.hn,1643323926.cds073.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 67ms
29ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 24150521
cdn-cachedat: 2021-03-10 13:26:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 53afe90ae1525b33eedeab47bbd5d8aa
cf-ray: 6d458cae1aa54bd1-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/ 33 KB
9 KB 73ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6147802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8703
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-8263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y2nQ%2FAzebIeXBb2iooSFcVukJgmiBGt%2BFTqWsqMZObwGBARIPrA2kKT5JIoU5XX9uu32R%2FBjigs50bFNO735DFQA%2FYfdR2pHn7ip9STn04vl1mPJo3FieI01%2F7KF7TuJEC4wzS%2BDMMhemJB0HwpMs3%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d458cae2d5cecfe-YUL
expires: Tue, 17 Jan 2023 22:52:06 GMT

GET
H2 200 xregexp-all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/ 78 KB
19 KB 74ms
31ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/xregexp-all.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 79831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18708
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04035-13844"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ssLGA%2FA5uON7VMCo5unqETj8xbUKpGcwOvBOQQer%2Fv4NJ8aP%2F6pVUReVaf7tPLhV3yUG0bmpRSmMOtTVupYtWN5AG6qltw%2F98sFILE2dIE3lObQ5L6cemGmJalbM3w3VTSGbmmLmIUmIPrI4DYLh5w7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d458cae2d5eecfe-YUL
expires: Tue, 17 Jan 2023 22:52:06 GMT

GET
H2 200 jigsy-ae828f57d7e73ce8be0baab9815bf39d.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 2 KB
2 KB 214ms
213ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-ae828f57d7e73ce8be0baab9815bf39d.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.003438
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: 57cafd7253f2589b7edeea98ff28d3e2513b29fd
last-modified: Wed, 21 Jul 2021 18:27:00 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: b0f766b86e6d9c90443d759da6f6f844
content-length: 1596
etag: "ae828f57d7e73ce8be0baab9815bf39d"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 165 B
625 B 115ms
114ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.003501
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: 5013b6f831ab2693830c852cdd95becba3932508
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: e40fa853f9fcf61c26194f8e10b2db73
content-length: 165
etag: "eb7237748346a9b56ca02c5ca99d335b"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 462 B
922 B 117ms
116ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.003284
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: 108bde0280e7cd09ab021606962d45f4e46b551f
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: e58494a15f47a337a8ba2bc4538fb8c6
content-length: 462
etag: "dd3b6a9aecc8ca06dd6386af6b3293cf"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 381 B
841 B 113ms
113ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.002409
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: e6d0302d8fdfbd9dc6ff99f71976697ec1687440
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 21b6d8f7d59a60ddd7adce7827bb3891
content-length: 381
etag: "b02294cb797aa3c7d5e870687ce759c8"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js Show response
shadowshopperss.jigsy.com/assets/ 7 KB
8 KB 214ms
213ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 0.005037
date: Thu, 27 Jan 2022 22:52:06 GMT
x-content-digest: 4e652faa2f2f3b8fafd800dccf62aca27212fc98
last-modified: Mon, 19 Apr 2021 18:08:45 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: c34c1f60af0d5661bb6c3c12cdf1a547
content-length: 7523
etag: "f73e1bd169fae2ec00e76eb32d636a9a"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 logo.png
shadowshopperss.jigsy.com/images/jigsy/ 5 KB
5 KB 105ms
105ms Image
image/png 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowshopperss.jigsy.com/images/jigsy/logo.png
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 /
Resource Hash: d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:06 GMT
last-modified: Wed, 15 Dec 2021 23:15:24 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
accept-ranges: bytes
etag: "1322-5d3377b02db00"
content-length: 4898
content-type: image/png

GET
H2 200 loader.js Show response
assets.bnidx.com/jigsy/js/ 920 B
2 KB 662ms
249ms Script
text/html 65.39.176.77
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bnidx.com/jigsy/js/loader.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.39.176.77 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: bnidx.com
Software: Apache / PHP/7.2.24
Resource Hash: 572b97df994ccad7b2bddd1b44ea184efe041777c6a452dce8bd1c929178b2e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:07 GMT
cache-control: no-cache, private
server: Apache
x-powered-by: PHP/7.2.24
content-length: 920
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 22:16:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 22:52:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 22:52:06 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowshopperss.jigsy.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 13:43:38 GMT
x-content-type-options: nosniff
age: 464908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 22 Jan 2023 13:43:38 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 90ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bad98b8bc7693f1a8c28d83b70090c16199b8a983d86f7065e61fd69a8fcaee

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb3ceaa53e9-YYZ
date: Thu, 27 Jan 2022 22:52:07 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 13:25:28 GMT
server: cloudflare
age: 5188
etag: W/"dad-5d6904070db3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 27 Jan 2022 22:25:39 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1779.004-3.025/ 178 KB
55 KB 33ms
32ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7bd1334f301c24ce594782077437f378992fa2d2608275a1e9bcfdcc9c9aea1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb40f3253e9-YYZ
date: Thu, 27 Jan 2022 22:52:07 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Jan 2022 11:00:41 GMT
server: cloudflare
age: 11310
etag: W/"2c618-5d60169c3cdda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 26 Feb 2022 19:43:37 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 01AC 9 KB
2 KB 64ms
53ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6428a7089dd9fb5b807218ac529c9b9d6dcfd6332af7f121fdf89d39d2520eb4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/

Response headers

date: Thu, 27 Jan 2022 22:52:07 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d458cb4b8ac53e9-YYZ
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 263 B
314 B 59ms
54ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092e21294c3c7715055df6cdbb1b86068b6f298cc39cf4a8e50a6e57fe8966ca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d458cb4b8af53e9-YYZ
p3p: CP="NON DSP NID OUR COR"
content-encoding: gzip
cache-control: no-store
content-type: application/javascript;charset=ISO-8859-1

GET
H2 200 gsd Show response
router.infolinks.com/ 321 B
527 B 55ms
52ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3235947&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&jsv=1779.004-3.025&_cb=16433239277750
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a07ac3c9470b1aba8fe40beb0e587d1edc6b391a8dc9b9c9aa4d3572d1b0f09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 6d458cb4b8b253e9-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 doq.htm Show response
rt3011.infolinks.com/action/ 2 KB
2 KB 167ms
116ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3011.infolinks.com/action/doq.htm?pcode=utf-8&r=16433239278551
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e12ca26ea7e557d19f726108b7635cf2224d82ac760e8c9b44d8c000bc5b2a1

Request headers

Referer: https://shadowshopperss.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-CA
access-control-allow-origin: https://shadowshopperss.jigsy.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 6d458cb58df253e3-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iqusync-1.14.min.js Show response
resources.infolinks.com/static/usync/ 3 KB
1 KB 40ms
39ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/usync/iqusync-1.14.min.js
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4672d29f833a7f7cc73b07fb9de14be1ebe2d293a913fe5196191e89ae5037b6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb539c053e9-YYZ
date: Thu, 27 Jan 2022 22:52:07 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 09 Jan 2022 13:00:03 GMT
server: cloudflare
age: 12712
etag: W/"ab3-5d525cc6a0e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 26 Feb 2022 19:20:15 GMT

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame EF7A
Redirect Chain

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

1 KB
2 KB

40ms
36ms

Document
text/html

67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: bb2a3ff818df580541e8008988f030910423ead4120685a124d96607e5168ac9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 1333
date: Thu, 27 Jan 2022 22:52:07 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-length: 0
date: Thu, 27 Jan 2022 22:52:07 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

35ms
35ms

Document
text/html

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 93d39b459b2028996f556d87910715c99e8eb49a84ee73bc359bf82f9929526b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|45|241|131|218|31|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Thu, 27 Jan 2022 22:52:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Content-Length: 1848
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 27 Jan 2022 22:52:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:07 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E3E3 2 KB
814 B 41ms
9ms Document
text/html 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZDRDcyN0MtREZGQy00M0FFLUIzNEUtQUI5RTAxRjFFOTM5&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTZDRDcyN0MtREZGQy00M0FFLUIzNEUtQUI5RTAxRjFFOTM5&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DE6CD727C-DFFC-43AE-B34E-AB9E01F1E939
https://router.infolinks.com/dyn/pbm-usync?uid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939

0
275 B

53ms
53ms

Image
text/html

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6d458cb92ada53e9-YYZ
content-length: 0
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
date: Thu, 27 Jan 2022 22:52:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=829513164673294724

35 B
187 B

52ms
52ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=829513164673294724
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb61c0253e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:07 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 81b17163-32b0-4002-892e-39e92e8039c7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=829513164673294724
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ox-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://router.infolinks.com/dyn/ox-usync?uid=fdb9d287-406e-4240-8723-2384a954f197

35 B
224 B

67ms
67ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ox-usync?uid=fdb9d287-406e-4240-8723-2384a954f197
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb5eb9453e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

date: Thu, 27 Jan 2022 22:52:07 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://router.infolinks.com/dyn/ox-usync?uid=fdb9d287-406e-4240-8723-2384a954f197
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-~A

35 B
211 B

52ms
51ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb60bf553e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-~A
date: Thu, 27 Jan 2022 22:52:07 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643323928000
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4615951224
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4615951224
https://sync.1rx.io/usersync/tradedesk/80b26bf8-b762-48e6-9e6d-7991eb5d015b
https://sync.targeting.unrulymedia.com/csync/RX-9c224379-3847-44b0-8fda-d12751e27a87-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9c224379-3847-44b0-8fda-d12751e27a87-005
https://router.infolinks.com/dyn/r1-usync?uid=RX-9c224379-3847-44b0-8fda-d12751e27a87-005

35 B
205 B

52ms
52ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-9c224379-3847-44b0-8fda-d12751e27a87-005
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb8ea5a53e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Tengine
ETag: RX9c224379384744b08fdad12751e27a87005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-9c224379-3847-44b0-8fda-d12751e27a87-005
Connection: keep-alive
Content-Type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://stags.bluekai.com/site/23178?id=gTC7tlRUv-yA1cE4pCev&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TN...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVTVIQZXORWFEVLWFV4UCMLDIU2HAQ3FOY
https://router.infolinks.com/dyn/zmn-usync?uid=gTC7tlRUv-yA1cE4pCev

35 B
268 B

78ms
49ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=gTC7tlRUv-yA1cE4pCev
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb7afd053e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
P3p: CP="We do not support P3P header."
Location: https://router.infolinks.com/dyn/zmn-usync?uid=gTC7tlRUv-yA1cE4pCev
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 90
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

sonobi-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
https://router.infolinks.com/dyn/sonobi-usync?uid=cb444b0c-ed84-4467-b2ff-7133e6ffef42

35 B
203 B

56ms
56ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sonobi-usync?uid=cb444b0c-ed84-4467-b2ff-7133e6ffef42
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb61c0b53e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-7-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=cb444b0c-ed84-4467-b2ff-7133e6ffef42
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 01AC
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fshadowshopperss.jigsy.com%252Fshadow-shoppers-application&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fshadowshopperss.jigsy.com%25252Fshadow-shoppers-application%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=829513164673294724

95 B
943 B

579ms
116ms

Image
image/png

34.255.81.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=829513164673294724

Requested by

Protocol

HTTP/1.1

Server

34.255.81.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-81-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 27 Jan 2022 22:52:08 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 27 Jan 2022 22:52:08 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:07 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 4dfbc89d-ee95-4c65-bc0a-d11f1b4e14d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=829513164673294724
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

earn-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
https://router.infolinks.com/dyn/earn-usync?uid=A3621684663870980674

35 B
269 B

54ms
54ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/earn-usync?uid=A3621684663870980674
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb5db7853e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:07 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/earn-usync?uid=A3621684663870980674
Date: Thu, 27 Jan 2022 22:52:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

imd-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://router.infolinks.com/dyn/imd-usync?user_id=0c52e69d-0469-4fca-b84b-f117d1c2cd1f&partner_id=1531

35 B
288 B

60ms
60ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/imd-usync?user_id=0c52e69d-0469-4fca-b84b-f117d1c2cd1f&partner_id=1531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb64c8a53e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

location: https://router.infolinks.com/dyn/imd-usync?user_id=0c52e69d-0469-4fca-b84b-f117d1c2cd1f&partner_id=1531
date: Thu, 27 Jan 2022 22:52:08 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc15e366c-7fc3-11ec-882a-0a7a30665509
https://router.infolinks.com/dyn/outh-usync?uid=y-vCmmZhpE2uERxfeLmDJ8pa3Jg0PhIubX~A~UPc15e366c-7fc3-11ec-882a-0a7a30665509

35 B
235 B

53ms
53ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-vCmmZhpE2uERxfeLmDJ8pa3Jg0PhIubX~A~UPc15e366c-7fc3-11ec-882a-0a7a30665509
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb7e85853e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-vCmmZhpE2uERxfeLmDJ8pa3Jg0PhIubX~A~UPc15e366c-7fc3-11ec-882a-0a7a30665509
date: Thu, 27 Jan 2022 22:52:08 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET usersync
match.bnmla.com/ Frame 01AC 0
0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=75d73196b0cff873255089db

35 B
195 B

59ms
56ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=75d73196b0cff873255089db
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb7bfe853e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=75d73196b0cff873255089db
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DE6CD727C-DFFC-43AE-B34E-AB9E01F1E939
https://router.infolinks.com/dyn/usersync?pmuservalue=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939

0
166 B

49ms
49ms

Image
text/plain

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6d458cb8797553e9-YYZ
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
date: Thu, 27 Jan 2022 22:52:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=968625777244077701

35 B
227 B

62ms
60ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=968625777244077701
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb74ee953e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=968625777244077701
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

33a-usync
router.infolinks.com/dyn/ Frame 01AC
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
https://router.infolinks.com/dyn/33a-usync?uid=77823423758612

35 B
184 B

62ms
61ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/33a-usync?uid=77823423758612
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb74eed53e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:07 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://router.infolinks.com/dyn/33a-usync?uid=77823423758612
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET

merge
ce.lijit.com/ Frame 01AC
Redirect Chain

https://router.infolinks.com/dyn/iq-usync
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=ffe23310-ebd7-4214-b18c-316de908936f&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=ffe23310-ebd7-4214-b18c-316de908936f&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=44...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1509139146%26rnd%3...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJNmVWiel18vxVqi8HBGXl8&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:24783076C3AF418A8649AE596F186962
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1509139146&rnd=-1002363262&pcid=E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1509139146%3B1402230080%26rnd%3D1116084585&pcid...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1509139146;1402230080&rnd=1116084585&pcid=829513164673294724
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1509...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1509139146;1402230080;1709765917&rnd=735746719&pcid=218b16a6-1ffc-4d3f-8289-8255bdbb1717
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D1509139146%3B...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=1509139146;1402230080;1709765917;1486637409&rnd=-641679154&pcid=c1fdc23f-7fc3-11ec-a999-112d0e150403
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1509139146%3B14022300...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1509139146;1402230080;1709765917;1486637409;1072441116&rnd=213053974&pcid=e66961f3-2218-4e00-99bc-892...
https://ce.lijit.com/merge?pid=8101&3pid=qUpfbx18sm&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B14...

0
0

GET
H2

200

ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/
Redirect Chain

https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-...

15 B
832 B

29ms
28ms

XHR
text/html

13.226.31.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-d78539601b44&iiqpciddate=1643323927902&dbsaved=true&fbp=2503514552&ckls=true&ci=cOXojQe7kH&nc=false&trid=1124140792
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Server: 13.226.31.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-104.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://shadowshopperss.jigsy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: bfd72iLjTG6EWo-jaxHDJANvNR8HMTK027KZhebIjw7Um0ommkag_Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
content-length: 43
pragma: no-cache
access-control-allow-origin: https://shadowshopperss.jigsy.com
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: image/gif
location: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=ffe23310-ebd7-4214-b18c-316de908936f&iiqidtype=2&iiqpcid=d2e9d3e8-c214-4a7a-a133-d78539601b44&iiqpciddate=1643323927902&dbsaved=true&fbp=2503514552&ckls=true&ci=cOXojQe7kH&nc=false&trid=1124140792
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: 33iRDcvX2qHVpyI-JcFWtJ8o4tBfnJ6wB6L0pxteGb5HCpy9YDKxkA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156872/3103/ 196 KB
62 KB 166ms
19ms Script
text/javascript 23.200.172.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.172.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-205.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 84e18d9144b52818f5ce1d7458c677100251597dacdecba06225b9ff265670ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 18:28:45 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121326-3108a-5d219d81d0a54"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=51706
accept-ranges: bytes
content-type: text/javascript
content-length: 62966
expires: Fri, 28 Jan 2022 13:13:54 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1779.004-3.025/ 123 KB
46 KB 48ms
47ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb65cb653e9-YYZ
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Jan 2022 11:00:41 GMT
server: cloudflare
age: 546
etag: W/"1eb7c-5d60169c3c9f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 26 Feb 2022 22:43:02 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
120 KB 103ms
34ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee73730ca9a66dd099ff14ef96527374f09d5d632d7776bb0745993e1370565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122262
x-xss-protection: 0
expires: Thu, 27 Jan 2022 22:52:08 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 46ms
45ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb65cbf53e9-YYZ
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 13093
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 26 Feb 2022 19:13:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b&expiration=1645915928&gdpr=0&gdpr_consent=

43 B
1006 B

50ms
27ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b&expiration=1645915928&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b&expiration=1645915928&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHpxmQVfg6mRdft235Z0q0g&google_cver=1

43 B
315 B

55ms
33ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHpxmQVfg6mRdft235Z0q0g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHpxmQVfg6mRdft235Z0q0g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfMiF6hvpY3t0hkW0x9IKgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUfPCF73I-c45YEH56o2KI&google_cver=1

43 B
997 B

51ms
25ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUfPCF73I-c45YEH56o2KI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUfPCF73I-c45YEH56o2KI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A4A3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&dcc=t

43 B
932 B

48ms
47ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0RZQPNF3EJRYN6B66XXX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: K4W56JWRFT1HY2BCTNV7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfMiF6hvpY3t0hkW0x9IKgAAA-EAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662312920460785

43 B
1 KB

28ms
27ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662312920460785
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 111
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d458cb7df1decfa-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662312920460785
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A4A3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993

42 B
945 B

89ms
89ms

Image
image/gif

52.40.67.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

52.40.67.149 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-67-149.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v024-01df58dd5.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: StLxkFl9Qww=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v024-0a74b12e5.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CVvKUfLbSDQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YfMiF6hvpY3t0hkW0x9IKgAA%26993
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6966103281166635982&uid=Q6966103281166635982&ref=%2Feucm%2Fp%2Fcc
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6966103281166635982

43 B
1 KB

27ms
27ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6966103281166635982
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6966103281166635982
Cache-Control: max-age=82073
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A4A3
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
https://cm.adgrx.com/bridge.gif?AG_PID=casale
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c1763d04-7fc3-11ec-bbcf-2c6438850a76

43 B
1 KB

29ms
29ms

Image
image/gif

23.200.172.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c1763d04-7fc3-11ec-bbcf-2c6438850a76
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 23.200.172.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-172-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Jan 2022 22:52:08 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
server: Cowboy
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=c1763d04-7fc3-11ec-bbcf-2c6438850a76
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: lga-delivery-4
Content-Length: 0
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame A4A3 35 B
197 B 67ms
67ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YfMiF6hvpY3t0hkW0x9IKgAA%26993
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d458cb6ad6553e9-YYZ
content-length: 35
expires: Wed, 27 Jan 2021 22:52:08 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame EB00
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
410 B

51ms
26ms

Document
text/html

23.57.136.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-136-222.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: about:blank

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
etag: "402b2-119-5d32342a551c0"
accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 27 Jan 2022 22:52:08 GMT
vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
date: Thu, 27 Jan 2022 22:52:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EF7A
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=84e4fe17-27e6-43f0-a7ae-981caf54ceab
https://x.bidswitch.net/sync?dsp_id=257&user_id=mka6f7474d-2d4e-43b7-8b83-7fd964b07d64&expires=7&user_group=5&ssp=the33across&bsw_param=84e4fe17-27e6-43f0-a7ae-981caf54ceab
https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab

68 B
127 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

location: https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=84e4fe17-27e6-43f0-a7ae-981caf54ceab
date: Thu, 27 Jan 2022 22:52:08 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EF7A
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1643323928006.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=e66961f3-2218-4e00-99bc-8929570a53e2

68 B
127 B

29ms
29ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=e66961f3-2218-4e00-99bc-8929570a53e2
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: MT3 4133 baa842e master ord-pixel-x21 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=e66961f3-2218-4e00-99bc-8929570a53e2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Jan 2022 22:52:07 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EF7A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf~A
https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf%7EA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
213 B

79ms
30ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf%7EA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:07 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=99&external_user_id=y-yEK6QoJE2uH2dOPEt2fNoDPOLuaRkWqf%7EA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EF7A
Redirect Chain

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=6d16b6719831203&is_secure=true&networkId=78390&version=1&us_privacy=
https://ssc-cms.33across.com/ps?xi=64&xu=AAAGZdLYlz5v-wMSFpbeAAAAAAA&expiration=1643410328&is_secure=true&us_privacy=
https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZdLYlz5v-wMSFpbeAAAAAAA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
127 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZdLYlz5v-wMSFpbeAAAAAAA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:07 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=64&external_user_id=AAAGZdLYlz5v-wMSFpbeAAAAAAA&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EF7A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1645915928%26external_user_id%3D80b26bf8-b762-48e6-9e6d-7991eb5d015b
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1645915928&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b

68 B
127 B

28ms
28ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1645915928&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 40000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1645915928&external_user_id=80b26bf8-b762-48e6-9e6d-7991eb5d015b
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 getads.htm Show response
rt3011.infolinks.com/action/ 2 KB
2 KB 529ms
529ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3011.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22canada%22%2C%22scs%22%3A%228nbj8LFRDy%22%7D%5D&rid=5b5ffd5b-9710-4384-9afb-94f8bb2b140a&jsv=1779.004-3.025&sr=1600X1200&rts=1643323928115&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&tzo=-0000&c=c&strg=true&rsd=qir5wKYsLwFrwRBIcrtrNvtYzFF6WIkL-Ciat9moZQ6L8RUZQGkWMMKrgTvn5fEKUpYLLzybrfW_o5o60TaaBRCpGlIpDi5e63vYw4IxDZRpiOLMCQTa1yoMh37oPA7lPkYmdicSI0UvehFGQj2Kt2JlzT7aCXNX&rsk=8&rcs=s0RGbWSrvN_XkGVdMar6Ew&cuid=ffe23310-ebd7-4214-b18c-316de908936f&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d1037e6d0cb095a3fe96ab4fb49b8336f36583d0cf1ffacb5ada3bd99b8a49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-CA
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d458cb6ddc853e9-YYZ
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 80ms
28ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshadowshopperss.jigsy.com%2F&domain=shadowshopperss.jigsy.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shadowshopperss.jigsy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://shadowshopperss.jigsy.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1680
date: Thu, 27 Jan 2022 22:52:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshadowshopperss.jigsy.com%2F&domain=shadowshopperss.jigsy.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=OrfaOnx4K1FGNDhYekluZTk0dU1SaGxTRkwyZ3hBVFVUTW45WVM4dGV6ZnV2Q29RTkg1RWFRL2NlT0JxUEdxTWdPTjgyOThOSnZMcGluZFplWlZ3MXQ2UVhxTi91eUVCcXl3L3gxcXRDQXN1VWpUNnNEcFhWek00bTZ1eT...

356 B
617 B

72ms
25ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OrfaOnx4K1FGNDhYekluZTk0dU1SaGxTRkwyZ3hBVFVUTW45WVM4dGV6ZnV2Q29RTkg1RWFRL2NlT0JxUEdxTWdPTjgyOThOSnZMcGluZFplWlZ3MXQ2UVhxTi91eUVCcXl3L3gxcXRDQXN1VWpUNnNEcFhWek00bTZ1eTE4QjR0N0ExZ3Q5OERJdk9GVVdKTzEyUU40V3hRUUM3SUFLYXZuQTlHZ0xoeHYxVnk3OGVGUEJublp1ZENrYzNScUg1ZDFhZkJUK2Z5QU5ySkxwVmZoaWJ4RC9OR3IrRllKRWlGelJJTEZxNzNMb21TL3ZVVTJJTTlhNGJBRHJsbFBCOXBhUVBwfA&cppv=2

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

595699277128d923c6aa8f101ca117ba5277d5301d7e7c4c878c3dfd1eccfec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3150
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:07 GMT
location: https://mug.criteo.com/sid?cpp=OrfaOnx4K1FGNDhYekluZTk0dU1SaGxTRkwyZ3hBVFVUTW45WVM4dGV6ZnV2Q29RTkg1RWFRL2NlT0JxUEdxTWdPTjgyOThOSnZMcGluZFplWlZ3MXQ2UVhxTi91eUVCcXl3L3gxcXRDQXN1VWpUNnNEcFhWek00bTZ1eTE4QjR0N0ExZ3Q5OERJdk9GVVdKTzEyUU40V3hRUUM3SUFLYXZuQTlHZ0xoeHYxVnk3OGVGUEJublp1ZENrYzNScUg1ZDFhZkJUK2Z5QU5ySkxwVmZoaWJ4RC9OR3IrRllKRWlGelJJTEZxNzNMb21TL3ZVVTJJTTlhNGJBRHJsbFBCOXBhUVBwfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shadowshopperss.jigsy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1880
content-length: 509
expires: 0

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/1.0/ 620 KB
168 KB 41ms
36ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d458cb7bfe653e9-YYZ
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2019 15:15:02 GMT
server: cloudflare
age: 2263
etag: W/"9b0d4-58d552435a78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 26 Feb 2022 22:14:25 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame EB00 32 KB
10 KB 20ms
18ms Script
text/html 23.57.136.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-136-222.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 929e9f0caaa492d99e6da866bd4c78b7d508bd277ce830138a45cd9871200371

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 23:04:16 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=12589
content-type: text/html; charset=UTF-8
content-length: 9704
expires: Fri, 28 Jan 2022 02:21:57 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame EB00 284 B
934 B 114ms
26ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Content-Type: image/jpg

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 218ms
24ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1050
date: Thu, 27 Jan 2022 22:52:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
BLOB 200
OK 55cf3621-ca8b-4361-96a7-7ee6bbd83185
https://shadowshopperss.jigsy.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shadowshopperss.jigsy.com/55cf3621-ca8b-4361-96a7-7ee6bbd83185
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2

200

match
cms-xch-chicago.33across.com/ Frame EB00
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=KYXKMYCC-21-9MML
https://ssc-cms.33across.com/ps/?xi=1&xu=KYXKMYCC-21-9MML
https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KYXKMYCC-21-9MML&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
127 B

210ms
210ms

Image
image/png

34.117.239.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KYXKMYCC-21-9MML&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google, 1.1 google
server: nginx/1.20.1
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: clear
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cms-xch-chicago.33across.com/match?bidder_id=30&external_user_id=KYXKMYCC-21-9MML&ts=1643323928&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame EB00
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfMiGAABz6DggQBH
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfMiGAABz6DggQBH&_test=YfMiGAABz6DggQBH

42 B
691 B

80ms
24ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfMiGAABz6DggQBH&_test=YfMiGAABz6DggQBH
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643323929.610318,VS0,VE0
x-served-by: cache-yul12820-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfMiGAABz6DggQBH&_test=YfMiGAABz6DggQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame EB00
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYXKMYCC-21-9MML&sigv=1&esig=2~93dfcf65c4dc92a61dda6ed714d42d57232cedeb

0
194 B

103ms
31ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYXKMYCC-21-9MML&sigv=1&esig=2~93dfcf65c4dc92a61dda6ed714d42d57232cedeb

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:08 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYXKMYCC-21-9MML&sigv=1&esig=2~93dfcf65c4dc92a61dda6ed714d42d57232cedeb
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame EB00 42 B
447 B 69ms
41ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 22:52:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB00
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYS01ZQ0MtMjEtOU1NTA==

170 B
188 B

37ms
35ms

Image
image/png

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYS01ZQ0MtMjEtOU1NTA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYS01ZQ0MtMjEtOU1NTA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame EB00 0
460 B 78ms
24ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame EB00
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e66961f3-2218-4e00-99bc-8929570a53e2&expires=28

42 B
691 B

100ms
25ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e66961f3-2218-4e00-99bc-8929570a53e2&expires=28
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Content-Type: image/gif

Redirect headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Server: MT3 4133 baa842e master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e66961f3-2218-4e00-99bc-8929570a53e2&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Jan 2022 22:52:07 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame EB00
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=80b26bf8-b762-48e6-9e6d-7991eb5d015b&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

108ms
25ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=80b26bf8-b762-48e6-9e6d-7991eb5d015b&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=80b26bf8-b762-48e6-9e6d-7991eb5d015b&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

422
Unprocessable Entity

tap.php
pixel.rubiconproject.com/ Frame EB00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXcJ0YlE2LBYlCYuUFlLyI&google_cver=1

0
0

98ms
26ms

Image
text/plain

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXcJ0YlE2LBYlCYuUFlLyI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXcJ0YlE2LBYlCYuUFlLyI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview.htm
rt3011.infolinks.com/action/ 0
151 B 104ms
102ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3011.infolinks.com/action/adview.htm?rid=5b5ffd5b-9710-4384-9afb-94f8bb2b140a&bdc=1&midx=0&emd=OTMzfjczMjBfMzAxMjc3NTgzfjMwMTI3NzU4Mw&rts=1643323928652&prod_t=d&jsv=1779.004-3.025&skin=sidebar&theme=nologo&sdata=canada&scs=8nbj8LFRDy&rsd=qir5wKYsLwFrwRBIcrtrNvtYzFF6WIkL-Ciat9moZQ6L8RUZQGkWMMKrgTvn5fEKUpYLLzybrfW_o5o60TaaBRCpGlIpDi5e63vYw4IxDZRpiOLMCQTa1yoMh37oPA7lPkYmdicSI0UvehFGQj2Kt2JlzT7aCXNX&rsk=8&rcs=s0RGbWSrvN_XkGVdMar6Ew
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d458cba4d5353e9-YYZ
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ab Show response
lax1-ib.adnxs.com/ Frame 091C 12 KB
6 KB 248ms
87ms Script
application/javascript 104.254.149.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.149.100 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3804519e9df094afeca54163d22fad2afa59d0f6b69f72c79eae84936376361d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Content-Encoding: gzip
X-Creative-ID: 301277583
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 543.bm-nginx-loadbalancer.mgmt.lax1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c11b9cab-f85e-4ba0-a439-301e7b22e9f0
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/ Frame 29B3 231 KB
77 KB 146ms
53ms Document
text/html 52.22.124.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Requested by: Host: lax1-ib.adnxs.com
URL: https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.124.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-124-44.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3a0d36739007f49faf8d3a1430d77a4ff923ba722e13e95d89fb8b454438d9b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Thu, 27 Jan 2022 22:52:09 GMT
content-type: text/html;charset=utf-8
server: nginx
pragma: no-cache
cache-control: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: fw.adsafeprotected.com
access-control-allow-credentials: true
x-server-name: app25.va.303net.net
content-encoding: gzip

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7964 52 KB
17 KB 62ms
17ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1669543
Requested by: Host: lax1-ib.adnxs.com
URL: https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 16 Jan 2022 02:32:47 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 27 Jan 2022 22:52:08 GMT
Age: 73140
X-Served-By: cache-lga21969-LGA, cache-yul12834-YUL
X-Cache: HIT, HIT
X-Cache-Hits: 183792, 336986
X-Timer: S1643323929.995303,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
lax1-ib.adnxs.com/ Frame 091C 0
804 B 86ms
86ms Script
text/html 104.254.149.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=a5b6ebd402f1f1a44b8c6d92076749934ea6a4d4&bdref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application,about%3Ablank&

Requested by

Host: lax1-ib.adnxs.com
URL: https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.149.100 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:08 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 543.bm-nginx-loadbalancer.mgmt.lax1; adnxs.com
AN-X-Request-Uuid: ace4df18-29ee-4c69-85ab-4d397aa32b88
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK it
lax1-ib.adnxs.com/ Frame 091C 0
804 B 194ms
107ms Image
text/html 104.254.149.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lax1-ib.adnxs.com/it?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLFC_BMxQUAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPDQOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb22AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI-BaSCIBQGYBQCgBf8RAdABqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAECFPA_0gUJCQEKAQFw2AUB4AUB8AX_jgP6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCeMstARAAMgHkeEF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=84ab1dfdaa4d681eca1043a69be7dedd356f096c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.149.100 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:09 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 543.bm-nginx-loadbalancer.mgmt.lax1; adnxs.com
AN-X-Request-Uuid: 8cf79891-d227-451a-8a82-4409c403bae3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame 091C 85 KB
29 KB 51ms
11ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: lax1-ib.adnxs.com
URL: https://lax1-ib.adnxs.com/ab?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLcDfBM3AYAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPBxOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb23yAhEKBkFEVl9JRBIHMTQzNTQ4NvICEgoGQ1BHX0lEEggxbX8s8gISCgVDUF9JRBIJdXU88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEIBzU1hREA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8NeAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI_D1I8BiAUBmAUAoAX___________8BqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAAAAADwP9IFCQkAAAAFDjTYBQHgBQHwBf-OA_oFBAGbKJAGAJgGALgGAMEGBSIsAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4tARAAMgHkeEF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=e8f1a6fd0ffda80de4ed5bc378acb2cb2daea408&pp=0.133806
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 22:52:08 GMT
Content-Encoding: gzip
Age: 3845423
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga21947-LGA, cache-yul12832-YUL
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1643323929.992641,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 4703648

GET
H2

200

controller
ssl.connextra.com/servlet/ Frame 091C
Redirect Chain

https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&apnauc=4078459807296792860&bidid=4078459807296792860&dspid=3bc1d7...
https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Casino_Impression_Pixel_1x1&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&...

68 B
196 B

68ms
68ms

Image
image/gif

23.75.190.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Casino_Impression_Pixel_1x1&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&apnauc=4078459807296792860&bidid=4078459807296792860&dspid=3bc1d7fd2e
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 23.75.190.74 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-190-74.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 22:52:09 GMT
content-length: 68
content-type: image/gif
x-served-by: vlp-cxtadsrv03.connextra.net
expires: Thu, 27 Jan 2022 22:52:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
vary: *
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
location: https://ssl.connextra.com:443/servlet/controller?service=DDM_Betway_CA_Casino_Impression_Pixel_1x1&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Casino_Impression_Pixel_1x1&_cb=731651009&apnauc=4078459807296792860&bidid=4078459807296792860&dspid=3bc1d7fd2e
expires: Thu, 27 Jan 2022 22:52:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
x-served-by: vlp-cxtadsrv07.connextra.net

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7964 0
732 B 66ms
66ms Script
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3251&pub_id=1669543&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1669543

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:09 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 54d03319-f0a1-4d63-88d4-f80054cc1c51
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
lax1-ib.adnxs.com/ Frame 091C 0
836 B 124ms
77ms Ping
text/html 104.254.149.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLFC_BMxQUAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPDQOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb22AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI-BaSCIBQGYBQCgBf8RAdABqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAECFPA_0gUJCQEKAQFw2AUB4AUB8AX_jgP6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCeMstARAAMgHkeEF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=84ab1dfdaa4d681eca1043a69be7dedd356f096c&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=2683571821172156354&vd=ct~0|rr~0&sv=222&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=18470773&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.149.100 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:09 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 543.bm-nginx-loadbalancer.mgmt.lax1; adnxs.com
AN-X-Request-Uuid: 8e3ba178-dea1-4259-82c9-5054737da0aa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shadowshopperss.jigsy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

skeleton.gif Show response
static.adsafeprotected.com/ Frame D111
Redirect Chain

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&ima...
https://static.adsafeprotected.com/skeleton.gif

43 B
482 B

78ms
17ms

Document
image/gif

2600:9000:21dd:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009

Response headers

content-type: image/gif
content-length: 43
date: Fri, 09 Apr 2021 18:48:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 1C0SQuu-08QKixObYM9KDW1aIEVqZQ-TLxEKoxbNOmAJ2AtyiJRpww==
age: 25329832

Redirect headers

date: Thu, 27 Jan 2022 22:52:09 GMT
content-length: 0
location: https://static.adsafeprotected.com/skeleton.gif
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: app13.va.303net.net

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1420 80 KB
21 KB 108ms
21ms Script
application/javascript 2600:9000:21dd:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 5340960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: D-lzYlZh0WporEUVkOkhlwG6VaTJOxsZm0Ep51Q6BSs0UNVaaXt9ag==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
216 B 116ms
23ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB6QB,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjsi,dtt:0,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,rmeas:1,rend:0,renddet:BODY%7D&br=c
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 113ms
25ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB6QE,pingTime:-6,time:75,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjsi,dtt:0,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,rmeas:1,rend:0,renddet:BODY%7D&tpiLookup=ao:shadowshopperss.jigsy.com*%2Cshadowshopperss.jigsy.com*&br=c
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 104ms
24ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB6QP,pingTime:-2,time:86,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:199,beZ:201,mfA:203,cmA:206,inA:206,inZ:212,prA:212,prZ:218,si:225,poA:240,poZ:256,cmZ:256,mfZ:256,loA:274,loZ:278,ltA:286,ltZ:286%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:86,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:H1,tt:rjsi,dtt:0,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:BODY,sinceFw:46,readyFired:true%7D&br=c
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjsi/servedby.flashtalking.com/665297/55785894/imp/1/149210;5690242;201;jsiframe;GeniusSports;CanadaCasinoBetwayAllHeedDisplayProspectingAppnexus728x90/?ft_custom=&imageType=gif&ftDestID=30295116&ft_width=728&ft_height=90&click=https://lax1-ib.adnxs.com/click?DB8RUyKJxj-txQK6iiDBPwAAAGC4HgdArcUCuoogwT8MHxFTIonGPxwpogyWmZk4hKHcDNQFgwsYIvNhAAAAAHXXGQGzDAAAmBwAAAIAAACPIfUR5jUgAAAAAABVU0QAVVNEANgCWgBJGAAAAAABAgUCAAAAAKIAhh9a1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21TRPviQi1uZ4YEI_D1I8BGObrgAEgACgAMTMzMzMzM-c_OglMQVgxOjQ2NjRAvS1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNMQVgxOjQ2NjQ=/bn=94353/clickenc=&ftOBA=1&ftExpTrack=&us_privacy=${US_PRIVACY}&cachebuster=731651009
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 24ms
23ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB6Xs,pingTime:-10,time:497,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643323929637%7C%7C7ff7a6a7ab5aba36df51c732194fd31f%7C%7C8866308252d63f9bf74b74e606896148%7C%7C1f8d1a4430f714254d7d16167cfbda2a%7C%7Cc56a88f7c2426fc8386768701b66d08c%7C%7C3b45c8b1e06854839a790bbef92b8bc7%7C%7C96fa922d3a1039f86b1157592e5579bb%7C%7Cfbeff987d725781bdaf2665a84b50717%7C%7C1629390669%7D
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 24ms
24ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB6Yq,time:557,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:557,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B547~0%5D,as:%5B547~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:H1,tt:rjsi,dtt:29,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:09 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7964 0
732 B 21ms
21ms Script
text/html 68.67.179.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3251&pub_id=1669543&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3251&pub_id=1669543

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.90 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

568.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:10 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 568.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: d9c36ef5-3f90-4076-9419-7dff1ebe745b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
lax1-ib.adnxs.com/ Frame 091C 0
836 B 87ms
87ms Ping
text/html 104.254.149.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=shadowshopperss.jigsy.com&e=wqT_3QLFC_BMxQUAAAMA1gAFAQiYxMyPBhCc0ojl4LLmzDgYhMPy5sC6wcELKjYJDB8RUyKJxj8RrcUCuoogwT8ZAAAAYLgeB0AhrcUCuoogwT8pDB8JJNAxAAAAwPUovD8w9a7nCDizGUCYOUgCUI_D1I8BWObrgAFgAGjJsER4keEFgAEBigEDVVNEkgUG8FWYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKWAXVmKCdhJywgMTQzNTQ4NiwgMTY0MzMyMzkyOCk7dWYoJ2knLCA1NTM2ODg4LCAxNjYdAABnAToYNjA2NzU5N0Y7ACxzJywgMjY3NDQ0MDJKHwAwcicsIDMwMTI3NzU4MzY-APCLkgKdBCFGV2F6THdpMXVaNFlFSV9EMUk4QkdBQWc1dXVBQVRBQ09BQkFBRWlZT1ZEMXJ1Y0lXQUJnMUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFUV1ViVjRlaWNZX3dRRTFsRzFlSG9uR1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUg0LU5FQzlRSG1mcHMtbUFJQW9BSUJ0UUkFJAB2DQjwaXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DUEd2dmhzUUN4Z0NMUUFBQUFDNkF3bE1RVmd4T2pRMk5qVGdBNzB0Z0FTdW1zUUhpQVM2bXNRSGtBUUJtQVFCd1EFNQkBCE1rRQkJAQEYRFlCQUR4QgELDQE8aUFXNEpKZ0Z1NzdEZjZrRg0XFEE4RC14QgFHUEVCbm10OF93UVVBQUFCQVo1cmZQOA0oGEZtdTR6X1IFKA0BADIFKAEByER3UC1BRnhva0I4QVdOMk5RSC1BWGV6bGVDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCak16TQECLC1jX3FBWUVzZ1lrQwGADQEARR0MAEcdDABJHQw4dUFZS5oCmQEhVFJQdmlROiECNE9icmdBRWdBQ2dBTVRNAWsAegFtCE9nbD1ZFFJBdlMxSg10EEE4RDlSEQwMQUFCWh0MAGgdDABwHQwAeB0MDDRBSWs1bPDQOEQ4LrICJGZmZTIzMzEwLWViZDctNDIxNC1iMThjLTMxNmRlOTA4OTM2ZtgCpEPgAur5JeoCGXNoYWRvd3Nob3BwZXJzcy5qaWdzeS5jb22AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOOiR7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xNDkuNTYuMTUzLjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjczMjAjTEFYMTo0NjY02gQCCAHgBADwBI-BaSCIBQGYBQCgBf8RAdABqgUqNWI1ZmZkNWItOTcxMC00Mzg0LTlhZmItOTRmOGJiMmIxNDBhfjkzM34xwAUAyQUAAAECFPA_0gUJCQEKAQFw2AUB4AUB8AX_jgP6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AapJdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCeMstARAAMgHkeEF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHxP8HiggCEAA.&s=84ab1dfdaa4d681eca1043a69be7dedd356f096c&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=2683571821172156354&vd=ct~0|rr~6&sv=222&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=18470773&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.149.100 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

543.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 22:52:10 GMT
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 543.bm-nginx-loadbalancer.mgmt.lax1; adnxs.com
AN-X-Request-Uuid: 686d6d0b-0414-403e-b816-32e6eb1b07e9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shadowshopperss.jigsy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200 535.json Show response
id5-sync.com/g/v2/ 1 KB
2 KB 401ms
100ms XHR
application/json 141.95.34.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/535.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.34.104 , France, ASN16276 (OVH, FR),

Reverse DNS

p33.id5-sync.com

Software

Resource Hash

08bd31453f3ba25c13de83403472f5f29b7c3fbee3869791ca1ac750ad722b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shadowshopperss.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 27 Jan 2022 22:52:09 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://shadowshopperss.jigsy.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
260 B 80ms
42ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowshopperss.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jan 2022 22:52:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://shadowshopperss.jigsy.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 76 B
833 B 97ms
36ms XHR
application/json 18.206.84.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.84.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-84-102.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fe340e50d2b02c10b49d56ec71fdf5fae83e2796a6816afc5d4268f0757828ed

Request headers

Referer: https://shadowshopperss.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shadowshopperss.jigsy.com
cache-control: no-cache
x-server: 10.40.7.61
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 76
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
682 B 25ms
25ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8dc99d9ffda17ab7053cc7e50eeb8172b8ffc26e1b3fa97f7c33856ed7b5c1e4

Request headers

Referer: https://shadowshopperss.jigsy.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jan 2022 22:52:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shadowshopperss.jigsy.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 26 Feb 2022 22:52:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 23ms
23ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB7oJ,pingTime:1,time:2188,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:1187%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,0~100%5D,as:%5B1177~728.90%5D%7D%7D,%7Bsl:i,t:1187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:H1,tt:rjsi,dtt:28,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:11 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29B3 43 B
215 B 24ms
23ms Image
image/gif 52.72.149.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=665297&asId=faba023a-96a9-12f8-3ef0-1d7cdeb06a39&tv=%7Bc:2xB7oJ,pingTime:1,time:2188,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D,%7Bpiv:100,vs:i,r:,t:1187%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1177~0,0~100%5D,as:%5B1177~728.90%5D%7D%7D,%7Bsl:i,t:1187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:H1,tt:rjsi,dtt:28,fm:sVLdJBz+1111%7C112%7C113%7C12%7C131*.665297-55785894%7C132,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.149.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-149-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fw.adsafeprotected.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 22:52:11 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.bnmla.com
URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=8101&3pid=qUpfbx18sm&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%26rnd%3D-222848656%26pcid%3D%5BSOVRNID%5D

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

115 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shadowshopperss.jigsy.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: fcf445b9-f6b8-4b4d-afaf-f9d16a3acae3
.infolinks.com/	1970-01-20 17:59:55	Name: cuid Value: ffe23310-ebd7-4214-b18c-316de908936f
.openx.net/	1970-01-20 09:14:19	Name: i Value: 0582cf4f-fa3d-4a3b-9c3a-dc9e35d467ff\|1643323927
.adkernel.com/	1970-01-20 01:11:55	Name: ADKUID Value: A3621684663870980674
.adnxs.com/	1970-01-20 02:38:19	Name: uuid2 Value: 829513164673294724
.yahoo.com/	1970-01-20 09:14:41	Name: A3 Value: d=AQABBBci82ECEPJ2vcmpa9_OGI5rQ8OtO9cFEgEBAQFz9GH9YQAAAAAA_eMAAA&S=AQAAAjuPHXYRiRvt4ANdiV36mmA
.tynt.com/	1970-01-20 09:14:19	Name: uid Value: EO05xmHzIhd6+KHpQS8Hiw==
.zemanta.com/	1970-01-20 09:14:19	Name: zuid Value: gTC7tlRUv-yA1cE4pCev
.casalemedia.com/	1970-01-20 09:14:19	Name: CMID Value: YfMiF6hvpY3t0hkW0x9IKgAA
.casalemedia.com/	1970-01-20 02:38:19	Name: CMPS Value: 466
.pubmatic.com/	1970-01-20 00:30:10	Name: KTPCACOOKIE Value: YES
.360yield.com/	1970-01-20 02:38:19	Name: tuuid Value: 0c52e69d-0469-4fca-b84b-f117d1c2cd1f
.360yield.com/	1970-01-20 02:38:19	Name: tuuid_lu Value: 1643323927
.go.sonobi.com/	1970-01-20 01:11:55	Name: __uis Value: cb444b0c-ed84-4467-b2ff-7133e6ffef42
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s878\|YfMiF
.pubmatic.com/	1970-01-20 02:38:19	Name: KADUSERCOOKIE Value: E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
.infolinks.com/	1970-01-20 00:30:10	Name: EARNUSERCOOKIE Value: A3621684663870980674
.casalemedia.com/	1970-01-20 02:38:19	Name: CMPRO Value: 993
.tynt.com/	1970-01-20 02:38:19	Name: pids Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1643323928006%7D%5D
.infolinks.com/	1970-01-20 00:30:10	Name: OXUSERCOOKIE Value: fdb9d287-406e-4240-8723-2384a954f197
.infolinks.com/	1970-01-20 00:30:10	Name: VRUSERCOOKIE Value: y-gqrO3.lE2uHjOaO7HZ7bXAnhrvkM6P2VZdAsRpw-~A
.infolinks.com/	1970-01-20 02:38:19	Name: ANUSERCOOKIE Value: 829513164673294724
.infolinks.com/	1970-01-20 00:30:10	Name: SONOBIUSERCOOKIE Value: cb444b0c-ed84-4467-b2ff-7133e6ffef42
.infolinks.com/	1970-01-20 00:28:47	Name: IMDUSERCOOKIE Value: 0c52e69d-0469-4fca-b84b-f117d1c2cd1f
.advertising.com/	1970-01-20 09:15:46	Name: APID Value: UPc15e366c-7fc3-11ec-882a-0a7a30665509
.lijit.com/	1970-01-20 09:14:19	Name: ljt_reader Value: 75d73196b0cff873255089db
.adsrvr.org/	1970-01-20 09:14:19	Name: TDID Value: 80b26bf8-b762-48e6-9e6d-7991eb5d015b
.infolinks.com/	1970-01-20 00:30:10	Name: IXUSERCOOKIE Value: YfMiF6hvpY3t0hkW0x9IKgAA&993
shadowshopperss.jigsy.com/	1970-01-20 01:11:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.casalemedia.com/	1970-01-20 00:30:10	Name: CMST Value: YfMiF2HzIhgA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjSzMDMyNTc3NzIxMQBSBoZCfIa6gRFJaZlGpq6mwRnZAEY6vqUkAAAA
.rfihub.com/	1970-01-20 09:50:19	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmJsbGRsaWRhaGYMAMQkbpYQAAAA
.rfihub.com/	1970-01-20 09:50:19	Name: rud Value: H4sIAAAAAAAAAOMSsjSzMDMyNTc3NzIxMQBSBoZCfIa6gRFJaZlGpq6mwRnZUryGZibGxkbGlkYWhmbGAP8EOcIzAAAA
.33across.com/	1970-01-20 09:14:19	Name: 33x_ps Value: u%3D1866867466364%3As1%3D1643323928166%3Ats%3D1643323928166
.jigsy.com/	1970-01-20 04:47:55	Name: _pubcid Value: add5e701-a051-4b51-9726-42bccabfe5d0
.doubleclick.net/	1970-01-20 17:59:55	Name: IDE Value: AHWqTUmIJRf0TlBMcJpwBP4wcMm9IJpX5HJM7HcByqGqMrG6O2JV-c1Ws-WxnkfMGAk
.bidswitch.net/	1970-01-20 09:14:19	Name: tuuid Value: 84e4fe17-27e6-43f0-a7ae-981caf54ceab
.bidswitch.net/	1970-01-20 09:14:19	Name: c Value: 1643323928
.bidswitch.net/	1970-01-20 09:14:19	Name: tuuid_lu Value: 1643323928
.infolinks.com/	1970-01-20 00:30:10	Name: ZTUSERCOOKIE Value: 968625777244077701
.infolinks.com/	1970-01-20 02:38:19	Name: 33AUSERCOOKIE Value: 77823423758612
.amazon-adsystem.com/	1970-01-20 06:24:24	Name: ad-id Value: A9YjN5MtIkZwnDQv7cufsKk
.amazon-adsystem.com/	1970-01-21 21:50:19	Name: ad-privacy Value: 0
.1rx.io/	1970-01-20 09:14:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9c224379-3847-44b0-8fda-d12751e27a87-005%22%2C%22nxtrdr%22%3Afalse%7D
.adgrx.com/	1970-01-20 09:57:31	Name: ADGRX_UID Value: c1763d04-7fc3-11ec-bbcf-2c6438850a76
.analytics.yahoo.com/	1970-01-20 09:15:46	Name: IDSYNC Value: "192u~22wm:190u~22wm:18xp~22wm"
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPc15e366c-7fc3-11ec-882a-0a7a30665509
.yahoo.com/	1970-01-20 00:30:10	Name: APIDTS Value: 1643323928
.intentiq.com/	1970-01-20 17:59:55	Name: IQver Value: 1.9
.intentiq.com/	1970-01-20 17:59:55	Name: intentIQ Value: qUpfbx18sm
.owneriq.net/	1970-01-20 17:59:55	Name: si Value: Q6966103281166635982
.owneriq.net/	1970-01-20 00:43:07	Name: p2 Value: cc
.dotomi.com/	1970-01-20 00:28:43	Name: DotomiTest Value: 6d16b6719831203
.adgrx.com/	1970-01-20 00:30:10	Name: ADGRX_CM_CASALE_BRIDGED Value: 1
.infolinks.com/	1970-01-20 02:38:19	Name: ZMNUSERCOOKIE Value: gTC7tlRUv-yA1cE4pCev
.mathtag.com/	1970-01-20 09:54:39	Name: uuid Value: e66961f3-2218-4e00-99bc-8929570a53e2
.infolinks.com/	1970-01-20 00:30:10	Name: SOVRNUSERCOOKIE Value: 75d73196b0cff873255089db
.infolinks.com/	1970-01-20 00:30:10	Name: OUTHUSERCOOKIE Value: y-vCmmZhpE2uERxfeLmDJ8pa3Jg0PhIubX~A~UPc15e366c-7fc3-11ec-882a-0a7a30665509
.pubmatic.com/	1970-01-20 02:38:19	Name: PUBMDCID Value: 2
.tribalfusion.com/	1970-01-20 02:38:19	Name: ANON_ID Value: ajnr6iOleq8PZabprMjqdlOkjFKOAJXfZaIQVpqV6FZcgTH410wAOY3LZdy0joP6pCTcFxyltqZa3
event.clientgear.com/	1970-01-20 04:47:55	Name: mkuuid Value: mka6f7474d-2d4e-43b7-8b83-7fd964b07d64
.pubmatic.com/	1970-01-20 00:30:10	Name: pi Value: 156872:3
.intentiq.com/	1970-01-20 17:59:55	Name: intentIQCDate Value: 1643323928356
.intentiq.com/	1969-12-31 23:59:59	Name: IIQinfolinksCookieSync Value: 1643323928411
.intentiq.com/	1970-01-20 17:59:55	Name: ASDT Value: 0
.rubiconproject.com/	1970-01-20 09:14:19	Name: khaos Value: KYXKMYCC-21-9MML
.infolinks.com/	1970-01-20 00:30:10	Name: KADUSERCOOKIE Value: E6CD727C-DFFC-43AE-B34E-AB9E01F1E939~1643324014810
.casalemedia.com/	1970-01-20 09:14:19	Name: CMRUM3 Value: da61f322172760&f161f3221705a0&e661f322172760&2761f322170b40&2961f322182760c1763d04-7fc3-11ec-bbcf-2c6438850a76&2d61f322182760CAESEDUfPCF73I-c45YEH56o2KI&8361f3221705a0&1f61f322182760Q6966103281166635982
.targeting.unrulymedia.com/	1970-01-20 09:14:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9c224379-3847-44b0-8fda-d12751e27a87-005%22%7D
.demdex.net/	1970-01-20 04:47:55	Name: demdex Value: 79194053294236834894248788130277434901
.infolinks.com/	1970-01-20 00:30:10	Name: R1USERCOOKIE Value: RX-9c224379-3847-44b0-8fda-d12751e27a87-005
.pubmatic.com/	1970-01-20 02:38:19	Name: KRTBCOOKIE_80 Value: 16514-CAESEJNmVWiel18vxVqi8HBGXl8&KRTB&22987-CAESEJNmVWiel18vxVqi8HBGXl8&KRTB&23025-CAESEJNmVWiel18vxVqi8HBGXl8
.pubmatic.com/	1970-01-20 02:38:19	Name: SyncRTB3 Value: 1644451200%3A220_21_13
.cpx.to/	1970-01-20 09:14:19	Name: cpSess Value: 951f121926b499d
.cpx.to/	1970-01-20 09:14:19	Name: dsp_app_nexus Value: 829513164673294724#1643323928479
.infolinks.com/	1970-01-20 00:30:10	Name: PUBMUSERCOOKIE Value: E6CD727C-DFFC-43AE-B34E-AB9E01F1E939
.dpm.demdex.net/	1970-01-20 04:47:55	Name: dpm Value: 79194053294236834894248788130277434901
.adsrvr.org/	1970-01-20 09:14:19	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCNDDiuS1_LA6EAUYBSACKAIyCwi0j5iNzPywOhAFOAE.
.mathtag.com/	1970-01-20 01:11:55	Name: mt_mop Value: 9:1643323928
.rlcdn.com/	1970-01-20 09:14:19	Name: rlas3 Value: czowjU4Iu6H7HQRDfRnBEt3iC3ekcwVu/1QfnaidqaE=
.rlcdn.com/	1970-01-20 01:55:07	Name: pxrc Value: CAA=
.everesttech.net/	1970-01-20 09:14:19	Name: everest_g_v2 Value: g_surferid~YfMiGAABz6DggQBH
shadowshopperss.jigsy.com/	1970-01-20 09:50:19	Name: cto_bidid Value: eSQ9AV9ENDRDSFNsVkR6bjBXaDhERm9mcVRBQkwybktLN21VRVpZZkU1VmNGbDJLcjB5NjJ1RVhTT09pODdJNmEwMVhxT0dTeDZOV2RkeVdHQkl5UzRCRThCUSUzRCUzRA
shadowshopperss.jigsy.com/	1970-01-20 09:50:19	Name: cto_bundle Value: ylywrl9DZ3dSNjI4WU1WOXhhd0lVJTJCUiUyRnBTWUtWTFBrWTRDT01TVWZidiUyRkkzdkZaZCUyRkhDc0RqdmZNQmxFWTdJSHVnMkMlMkJvTHMlMkJJWDJjZUhzJTJCWUJoUHR2MlJVb2pSMyUyQnhYM1RrMUJ6RG04TlVwWTNRNVEyJTJCaU1EWUxXZDFjcEE0VjFjOA
.shadowshopperss.jigsy.com/	1970-01-20 09:14:19	Name: fc Value: %7B%22OTMzfjczMjBfMzAxMjc3NTgzfjMwMTI3NzU4Mw%22%3A%221%3A1643323928650%22%7D
.shadowshopperss.jigsy.com/	1970-01-20 09:14:19	Name: pv Value: %7B%22d%22%3A%221%3A1643323928651%22%7D
.simpli.fi/	1970-01-20 09:15:46	Name: suid Value: 24783076C3AF418A8649AE596F186962
.rubiconproject.com/	1970-01-20 09:14:19	Name: audit Value: 1\|wschdHIBbehiEF6z21co7TJGAHUZw+UAvWIjUJEMibYeECEUBMheinb9GzRn3BSIqCBDMfBV1RbqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.pubmatic.com/	1970-01-20 01:11:55	Name: KRTBCOOKIE_148 Value: 19421-uid:24783076C3AF418A8649AE596F186962
.pubmatic.com/	1970-01-20 01:11:55	Name: PugT Value: 1643302029
.pubmatic.com/	1970-01-20 02:38:19	Name: chkChromeAb67Sec Value: 6
.infolinks.com/	1970-01-20 00:29:16	Name: tv Value: \|OTMzfjczMjBfMzAxMjc3NTgzfjMwMTI3NzU4Mw~1
.intentiq.com/	1969-12-31 23:59:59	Name: IQPubmaticCookieSync Value: 1643323928814
.adnxs.com/	1970-01-20 02:38:19	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU^E-21`!@wnf-Te9(>wL5L!!%xO$L1Z(
.intentiq.com/	1969-12-31 23:59:59	Name: IQAppnexusCookieSync Value: 1643323928983
.intentiq.com/	1969-12-31 23:59:59	Name: IQOpenxPrimisCookieSync Value: 1643323929056
.spotxchange.com/	1970-01-20 09:14:23	Name: audience Value: c1fdc23f-7fc3-11ec-a999-112d0e150403
.connextra.com/	1970-01-20 17:59:55	Name: CxtId Value: 42caad17-5124-4796-9659-86a9ce7ae4cf
.connextra.com/	1970-01-20 09:14:19	Name: Betway Value: A%7Cpostimpression%7C1%7C202201272252%7C7%7CDDM_APN_Betway_CA_Casino_Impression_Pixel_1x1%7CDDM_Betway_CA_Casino_Impression_Pixel_1x1%7C%7C%7CcUPP6acFS4WBJg1fDS_3Kg
.intentiq.com/	1969-12-31 23:59:59	Name: IQSpotXPrimisCookieSync Value: 1643323929251
.intentiq.com/	1969-12-31 23:59:59	Name: IQMediaMathCookieSync Value: 1643323929329
.intentiq.com/	1970-01-20 17:59:55	Name: CSDT Value: UEQ6MTUxMjBfMCZTdmxEamRMIzI0XzAmU3ZsRGpXSSMxNTAxOV8wJlN2bERqUG4jMTAxMzlfMCZTdmxEaloxIzE1MTE1XzAmU3ZsRGphQyMxMDE0MF8wJlN2bERqZWI
.intentiq.com/	1970-01-20 17:59:55	Name: IQPData Value: 2503514552#1643323929329#0#1643323928351
.lijit.com/	1970-01-20 09:14:19	Name: _ljtrtb_8101 Value: qUpfbx18sm
shadowshopperss.jigsy.com/	1970-01-20 00:28:47	Name: _lr_retry_request Value: true
shadowshopperss.jigsy.com/	1970-01-20 01:11:55	Name: _lr_env_src_ats Value: false
shadowshopperss.jigsy.com/	1970-01-20 01:55:07	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2280b26bf8-b762-48e6-9e6d-7991eb5d015b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-27T22%3A52%3A10%22%7D
.crwdcntrl.net/	1970-01-20 06:57:29	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 06:57:29	Name: _cc_id Value: 4b29fd2c851abf3ebfd6c05cb06af14
.crwdcntrl.net/	1970-01-20 06:57:31	Name: _cc_cc Value: "ACZ4XmOQN0kyskxLMUq2MDVMTEozTk1KSzFLNjBNTjIwS0wzNGEAgsTPSlIgGgoAYF0K8A%3D%3D"
.crwdcntrl.net/	1970-01-20 06:57:31	Name: _cc_aud Value: "ABR4XmNgYGBI%2FKwkBaSgAAAUbQGR"
.jigsy.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1643410330263
.jigsy.com/	1970-01-20 06:57:31	Name: _cc_id Value: 4b29fd2c851abf3ebfd6c05cb06af14
.id5-sync.com/	1970-01-20 02:38:19	Name: 3pi Value:
.id5-sync.com/	1970-01-20 02:38:19	Name: id5 Value: 10eaf7d6-f77b-316b-8470-3207600f4382#1643323930533#1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXcJ0YlE2LBYlCYuUFlLyI&google_cver=1 Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network	error	URL: https://ce.lijit.com/merge?pid=8101&3pid=qUpfbx18sm&location=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1509139146%3B1402230080%3B1709765917%3B1486637409%3B1072441116%3B1678944572%26rnd%3D-222848656%26pcid%3D%5BSOVRNID%5D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.tribalfusion.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
api.intentiq.com
api.rlcdn.com
assets.bnidx.com
b1sync.zemanta.com
cdn.adnxs.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
code.jquery.com
de.tynt.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gum.criteo.com
hde.tynt.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
lax1-ib.adnxs.com
match.adsrvr.org
match.bnmla.com
maxcdn.bootstrapcdn.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
rt3011.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
secure-assets.rubiconproject.com
shadowshopperss.jigsy.com
ssc-cms.33across.com
ssl.connextra.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
u.openx.net
ups.analytics.yahoo.com
x.bidswitch.net
ce.lijit.com
match.bnmla.com
104.254.149.100
104.36.113.24
13.226.31.104
141.95.34.104
142.251.40.194
151.101.129.108
151.101.193.108
151.101.66.49
172.66.41.9
172.66.42.247
173.231.178.81
174.137.133.49
18.206.84.102
199.127.204.142
199.38.167.128
2001:4998:14:800::1001
2001:4de0:ac18::1:a:2b
216.200.232.253
23.200.172.205
23.200.172.248
23.3.124.133
23.46.249.89
23.57.136.222
23.75.190.74
2600:9000:21dd:e600:8:48e:53c0:93a1
2606:4700::6810:135e
2606:4700::6812:acf
2606:4700::6812:d05
2606:ae80:1451:13::2330
2607:f8b0:4006:809::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2003
2620:100:a001::c
3.218.90.66
3.227.228.140
34.117.239.71
34.120.155.137
34.255.81.31
34.98.64.218
35.190.60.146
35.211.178.172
47.252.78.131
51.222.39.185
52.200.16.87
52.22.124.44
52.223.40.198
52.40.67.149
52.46.130.91
52.72.149.226
54.161.8.43
63.251.114.136
64.202.112.95
65.39.176.77
67.202.105.23
67.202.105.31
68.67.179.90
69.166.1.10
70.33.222.6
74.119.119.139
8.28.7.82
8.28.7.83
8.43.72.97
8.43.72.98
034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
08bd31453f3ba25c13de83403472f5f29b7c3fbee3869791ca1ac750ad722b73
092e21294c3c7715055df6cdbb1b86068b6f298cc39cf4a8e50a6e57fe8966ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431
359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0
3804519e9df094afeca54163d22fad2afa59d0f6b69f72c79eae84936376361d
3a0d36739007f49faf8d3a1430d77a4ff923ba722e13e95d89fb8b454438d9b9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
4672d29f833a7f7cc73b07fb9de14be1ebe2d293a913fe5196191e89ae5037b6
477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a07ac3c9470b1aba8fe40beb0e587d1edc6b391a8dc9b9c9aa4d3572d1b0f09
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7
572b97df994ccad7b2bddd1b44ea184efe041777c6a452dce8bd1c929178b2e9
595699277128d923c6aa8f101ca117ba5277d5301d7e7c4c878c3dfd1eccfec3
5bad98b8bc7693f1a8c28d83b70090c16199b8a983d86f7065e61fd69a8fcaee
5e12ca26ea7e557d19f726108b7635cf2224d82ac760e8c9b44d8c000bc5b2a1
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
6428a7089dd9fb5b807218ac529c9b9d6dcfd6332af7f121fdf89d39d2520eb4
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
84e18d9144b52818f5ce1d7458c677100251597dacdecba06225b9ff265670ad
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8dc99d9ffda17ab7053cc7e50eeb8172b8ffc26e1b3fa97f7c33856ed7b5c1e4
929e9f0caaa492d99e6da866bd4c78b7d508bd277ce830138a45cd9871200371
93d39b459b2028996f556d87910715c99e8eb49a84ee73bc359bf82f9929526b
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
a7bd1334f301c24ce594782077437f378992fa2d2608275a1e9bcfdcc9c9aea1
b1344c3a453508c57a193771019ba0c28b0eac72427526c9e8ee33e92cf85794
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369
b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2
bb2a3ff818df580541e8008988f030910423ead4120685a124d96607e5168ac9
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0d1037e6d0cb095a3fe96ab4fb49b8336f36583d0cf1ffacb5ada3bd99b8a49
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe340e50d2b02c10b49d56ec71fdf5fae83e2796a6816afc5d4268f0757828ed
fee73730ca9a66dd099ff14ef96527374f09d5d632d7776bb0745993e1370565
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

shadowshopperss.jigsy.com Open in urlscan Pro 70.33.222.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

62 %HTTPS

17 %IPv6

48 Domains

72 Subdomains

39 IPs

5 Countries

922 kBTransfer

2767 kBSize

115 Cookies

4 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shadowshopperss.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

62 %
HTTPS

17 %
IPv6

48
Domains

72
Subdomains

39
IPs

5
Countries

922 kB
Transfer

2767 kB
Size

115
Cookies

109 HTTP transactions
0 data transactions