adsrt.org Open in urlscan Pro
2606:4700:3035::681f:5d90  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://bit.ly/3500-libros-programacion-y-hacking HTTP 301
   https://adsrt.org/rWhLR2ho Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
• https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 44

• https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOSlni81qsjZ5lZ750clspdznYsIcYOt12FFAYVw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/3/7/3.gif?puid=a4325ea0-d9cd-4800-a4ac-f3e1ad25ca1b&gdpr=1&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/10/6/4.gif?puid=6804414450764315005&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/19/5/5.gif?puid=97e57ed70ceaff55f8b6780e36f51381&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/101/4/6.gif?puid=2bfbc1ee-c3b4-41e0-98d4-5c4137289896&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/108/3/7.gif?puid=f6aa6431-84f4-11ea-bb76-5a4d09408e47&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/112/2/8.gif?puid=36D81176D909B4E3&gdpr=1&gdpr_consent=

Request Chain 70

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1193018245&t=pageview&_s=1&dl=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1495226988&gjid=962852881&cid=1562960789.1587599821&tid=UA-40605702-4&_gid=1619804954.1587599822&_r=1&gtm=2ou4f0&z=1483823159 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1562960789.1587599821&jid=1495226988&_gid=1619804954.1587599822&gjid=962852881&_v=j81&z=1483823159

Request Chain 100

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 102

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 146

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224479bbcbb03fc6d%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22e5b225ae-6f9e-46e4-8529-a6df9ba6d6da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%2245e7d4dcd761dd6%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%22716b6635-11e8-48c7-8975-86f519d0b4db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2246aa33d468b918%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22946f3bf3-1ed7-435b-ada1-2589cbd24f9d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2247b9d4efe867831%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22fb4a9e31-5f73-40db-a166-7621d40fc96e%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2248a224b563870e7%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%22063d468e-1fc6-49b3-ba35-946c00c91b80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224479bbcbb03fc6d%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22e5b225ae-6f9e-46e4-8529-a6df9ba6d6da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%2245e7d4dcd761dd6%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%22716b6635-11e8-48c7-8975-86f519d0b4db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2246aa33d468b918%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22946f3bf3-1ed7-435b-ada1-2589cbd24f9d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2247b9d4efe867831%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22fb4a9e31-5f73-40db-a166-7621d40fc96e%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2248a224b563870e7%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%22063d468e-1fc6-49b3-ba35-946c00c91b80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 147

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249d0201197a08d9%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%220aae0056-c131-47ca-b166-3919d9b61024%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22503f496e9a9be6b%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%22985e5aed-7d4f-4b5a-882f-235852546ba8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22515a577d6a7cebb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%224bf0a307-c3e3-4200-835e-52fc65716693%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2252693192185f66e%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22e33df296-a2f3-43fe-ac92-65b90d5a6a82%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22534b6fb4f012845%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%229972f6d7-b57c-452f-8e59-4adfa48e8383%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249d0201197a08d9%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%220aae0056-c131-47ca-b166-3919d9b61024%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22503f496e9a9be6b%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%22985e5aed-7d4f-4b5a-882f-235852546ba8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22515a577d6a7cebb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%224bf0a307-c3e3-4200-835e-52fc65716693%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2252693192185f66e%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22e33df296-a2f3-43fe-ac92-65b90d5a6a82%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22534b6fb4f012845%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%229972f6d7-b57c-452f-8e59-4adfa48e8383%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 159

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9=

Request Chain 165

• https://eb2.3lift.com/sync HTTP 302
• https://eb2.3lift.com/sync?&ld=1

Request Chain 166

• https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588809434&external_user_id=5958373852302547771

Request Chain 167

• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lROa5j_fSOCi6kIlwzPgag&google_cm&publisher_dsp_id=340 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lROa5j_fSOCi6kIlwzPgag&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
• https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEUaegGbIljDTzG12sUgGEU&google_cver=1

Request Chain 168

• https://id5-sync.com/match?publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://id5-sync.com/c/124/124/1/1.gif?puid=95139ae6-3fdf-48e0-a2ea-4225c333e06a&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://id5-sync.com/c/124/101/0/2.gif?puid=f8589e5a-2cab-4c71-92e8-baf7b76e22f2&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOftG4M4nJi6VhIP69xpbiqjfybr0xlZ2SYEkrIQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA

Request Chain 169

• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&google_tc= HTTP 302
• https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEKp0pQKr9SjCUxVwOzaaX8M&google_cver=1

Request Chain 170

• https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://ice.360yield.com/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA HTTP 302
• https://ice.360yield.com/ul_cb/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA

Request Chain 173

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d94dcc2ce388d%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22972f882e-76fd-4191-afee-5a1e3deb0785%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d94dcc2ce388d%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22972f882e-76fd-4191-afee-5a1e3deb0785%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 184

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9=

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request rWhLR2ho Show response adsrt.org/ Redirect Chain http://bit.ly/3500-libros-programacion-y-hacking https://adsrt.org/rWhLR2ho	34 KB 10 KB	435ms 389ms	Document text/html	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43f972467ea0cc897e65f1030e6baaf834574d0a2fa8e40116af4f75c136c962 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority adsrt.org :scheme https :path /rWhLR2ho pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:00 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d23cb653d207d0fb387e94118dbf5377f1587599820; expires=Fri, 22-May-20 23:57:00 GMT; path=/; domain=.adsrt.org; HttpOnly; SameSite=Lax; Secure AppSession=d62a19b1d2f72e37dadd48b7fa1cb9a3; path=/; HttpOnly csrfToken=365b32cb014f35d6dec43dd643490a40221189815d617040f867642151944eb17f30aa05ef6addfcb90d898352d639c4168c25a959d8897f2ec8e630fd766d4a; path=/; HttpOnly expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 588348dd5b1b6497-FRA content-encoding br cf-request-id 0245ebde5600006497a2aae200000001 Redirect headers Server nginx Date Wed, 22 Apr 2020 23:57:00 GMT Content-Type text/html; charset=utf-8 Content-Length 113 Cache-Control private, max-age=90 Location https://adsrt.org/rWhLR2ho Set-Cookie _bit=k3mnV0-0c09a058c63f44040b-00e; Domain=bit.ly; Expires=Mon, 19 Oct 2020 23:57:00 GMT Via 1.1 google
GET H2	200	css fonts.googleapis.com/	425 B 429 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c3040da0c417bf4812b0a302b6c8ba55fa040cb5827eacf00d31a2cff4a108f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 22 Apr 2020 23:57:00 GMT server ESF date Wed, 22 Apr 2020 23:57:00 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Apr 2020 23:57:00 GMT
GET H2	200	bootstrap.css static.adshort.co/link/css/	107 KB 18 KB	158ms 19ms	Stylesheet text/css	51.255.81.138 OVH
General Check archive.org Show headers Download Go to Full URL https://static.adshort.co/link/css/bootstrap.css Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.255.81.138 , France, ASN16276 (OVH, FR), Reverse DNS ns3037287.ip-51-255-81.eu Software nginx / Resource Hash 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip tp-cache HIT last-modified Mon, 24 Feb 2020 16:45:13 GMT server nginx age 2253 vary , Accept-Encoding content-type text/css status 200 content-length 18113 tp-l2-cache MISS accept-ranges bytes x-device desktop
GET H2	200	link.css static.adshort.co/link/css/	5 KB 2 KB	169ms 30ms	Stylesheet text/css	51.255.81.138 OVH
General Check archive.org Show headers Download Go to Full URL https://static.adshort.co/link/css/link.css Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.255.81.138 , France, ASN16276 (OVH, FR), Reverse DNS ns3037287.ip-51-255-81.eu Software nginx / Resource Hash 9ef2e6b76c28447ceba52be082a4e1bebe5e6866d91c8b6fd74fa2ad4b932d6f Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip tp-cache HIT last-modified Mon, 24 Feb 2020 16:45:13 GMT server nginx age 2253 vary , Accept-Encoding content-type text/css status 200 content-length 1538 tp-l2-cache MISS accept-ranges bytes x-device desktop
GET H2	200	logo.png static.adshort.co/	10 KB 11 KB	171ms 33ms	Image image/png	51.255.81.138 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://static.adshort.co/logo.png Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.255.81.138 , France, ASN16276 (OVH, FR), Reverse DNS ns3037287.ip-51-255-81.eu Software nginx / Resource Hash 4edeb7cd021290261f7f7dc72cd26cd53ece78918bd11a23b4af3484f3a6abfa Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT tp-cache HIT last-modified Mon, 24 Feb 2020 16:53:20 GMT server nginx age 3485 content-type image/png status 200 x-device desktop tp-l2-cache HIT accept-ranges bytes content-length 10737
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	7 KB 3 KB	67ms 13ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=2 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 2602 expires Thu, 23 Apr 2020 23:56:32 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	76 KB 10 KB	126ms 73ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 644b9cc8bfba5609cdb440a64c0ca607f7065ec87ea0c0db73b7f67aa32db7a6 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Thu, 23 Apr 2020 23:57:00 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	42 KB 14 KB	128ms 66ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 496937c054e36632a16b3b925e6ec8d355533cfbca56579cb5337098b5ad3a75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "494 / 465 of 1000 / last-modified: 1587436432" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 14360 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	80 KB 30 KB	30ms 24ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-40605702-4 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b3d9e8bd565db1735195c5d0b6fcc10062f2c483f4811d0cd8d97b69f724bc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br vary Accept-Encoding status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 30162 x-xss-protection 0 last-modified Wed, 22 Apr 2020 23:00:31 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 22 Apr 2020 23:57:00 GMT
GET H2	200	ads.js Show response adsrt.org/js/	191 B 194 B	19ms 13ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/js/ads.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5835 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc26497-FRA cf-request-id 0245ebe08400006497a2abf200000001
GET H2	200	jquery.min.js Show response adsrt.org/vendor/	84 KB 29 KB	25ms 18ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/jquery.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5212 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc36497-FRA cf-request-id 0245ebe08400006497a2ac0200000001
GET H2	200	bootstrap.min.js Show response adsrt.org/vendor/bootstrap/js/	39 KB 10 KB	21ms 15ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5212 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc46497-FRA cf-request-id 0245ebe08400006497a2ac1200000001
GET H2	200	owl.carousel.min.js Show response adsrt.org/vendor/owl/	43 KB 11 KB	25ms 19ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/owl/owl.carousel.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5212 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc56497-FRA cf-request-id 0245ebe08400006497a2ac2200000001
GET H2	200	wow.min.js Show response adsrt.org/vendor/	8 KB 3 KB	16ms 11ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/wow.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5208 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc66497-FRA cf-request-id 0245ebe08400006497a2ac3200000001
GET H2	200	clipboard.min.js Show response adsrt.org/vendor/	11 KB 3 KB	19ms 13ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/clipboard.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5208 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc76497-FRA cf-request-id 0245ebe08400006497a2ac4200000001
GET H2	200	front.js Show response adsrt.org/costo_theme/js/	4 KB 1 KB	20ms 15ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/costo_theme/js/front.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02527ae379ddcc3151dfdc7967b127675308ce92f5e1242db4d8bfaf8ec93297 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Tue, 19 Nov 2019 14:20:37 GMT server cloudflare age 3992 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 588348e0dbc86497-FRA cf-request-id 0245ebe08400006497a2ac5200000001 expires Fri, 10 Apr 2020 22:43:24 GMT
GET H2	200	app.js Show response adsrt.org/js/	29 KB 6 KB	19ms 14ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/js/app.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5208 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348e0dbc96497-FRA cf-request-id 0245ebe08400006497a2ac6200000001
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	742 B 882 B	68ms 16ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9c5f0aa99f803b8b171d7d447362fa517d37e491f597e241e68f5313d55b0be1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 471 x-xss-protection 1; mode=block expires Wed, 22 Apr 2020 23:57:00 GMT
GET H/1.1	200 OK	tag.min.js Show response sendmepush.com/pfe/current/	38 KB 12 KB	127ms 53ms	Script application/javascript	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash dc7b76e65cd88a0389fb4d5d9b23bfa3d1a22677c5875ea24c597844fd3beb71 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Last-Modified Mon, 20 Apr 2020 11:12:36 GMT Server nginx ETag W/"5e9d83a4-96ab" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	7 KB 3 KB	65ms 14ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=6 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 2602 expires Thu, 23 Apr 2020 23:56:32 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	73 KB 10 KB	75ms 24ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=6 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash a0730eabe2d68c7aff1a903c76ff882f6c5f9c62b36f3d733aba651eae444ec6 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Thu, 23 Apr 2020 23:57:00 GMT
GET H/1.1	200 OK	popunder1000.js Show response a.optimizesrv.com/	72 KB 32 KB	102ms 51ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://a.optimizesrv.com/popunder1000.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash df4c4d4a30eadf0fa6f47f63f6ce15d807db624c91e1de57742bd978f9cd592d Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Server nginx X-HW 1587599820.dop109.fr8.t,1587599821.cds159.fr8.shn,1587599821.cds159.fr8.c Content-Type application/javascript Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 32588
GET H2	200	QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2 fonts.gstatic.com/s/questrial/v9/	13 KB 13 KB	9ms 5ms	Font font/woff2	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v9/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Questrial Origin https://adsrt.org Response headers date Thu, 16 Apr 2020 00:43:51 GMT content-encoding gzip x-content-type-options nosniff age 601989 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 12870 x-xss-protection 0 last-modified Tue, 16 Jul 2019 23:53:30 GMT server sffe vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Apr 2021 00:43:51 GMT
GET H/1.1	200 OK	/ Show response g.themoneytizer.net/g/	26 B 200 B	195ms 33ms	Script text/html	145.239.193.145 OVH
General Check archive.org Show headers Download Go to Full URL https://g.themoneytizer.net/g/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.145 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Server nginx X-IPLB-Instance 29820 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	moneyvisibility.js Show response ads.themoneytizer.com/	12 KB 4 KB	56ms 54ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneyvisibility.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip last-modified Wed, 08 Jan 2020 19:01:35 GMT server nginx etag "779a-30ad-59ba5857e2265" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 3955 expires Thu, 23 Apr 2020 23:56:48 GMT
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	37 KB 16 KB	55ms 53ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip last-modified Wed, 27 Feb 2019 16:57:00 GMT server nginx etag "7ff1-9390-582e30fefbc74" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 15733 expires Thu, 23 Apr 2020 23:56:13 GMT
GET H2	200	getjs.static.js Show response tag.contextweb.com/	32 KB 11 KB	90ms 17ms	Script application/x-javascript	74.214.194.132 PULSEPOINT-EU
General Check archive.org Show headers Download Go to Full URL https://tag.contextweb.com/getjs.static.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL), Reverse DNS Software envoy / Resource Hash bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:00 GMT content-encoding gzip server envoy etag d13c8ae45565efb782b52cb7f6a3b3828e3d77a7 p3p policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" status 200 cache-control max-age=432000, public x-envoy-upstream-service-time 2 content-type application/x-javascript content-length 11296
GET H/1.1	200 OK	px.js Show response p.cpx.to/p/11528/	1 KB 2 KB	181ms 20ms	Script application/javascript	13.225.73.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/11528/px.js?r=19eae Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-69.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 09 Apr 2020 05:49:39 GMT Content-Encoding UTF-8 Connection keep-alive Last-Modified Wed, 10 Oct 2018 10:49:46 GMT Server AmazonS3 Age 1188443 ETag "f30057c89bf67afeaf18ceba624fa4b7" X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront) Cache-Control max-age=2419200 X-Amz-Cf-Pop FRA2-C2 Accept-Ranges bytes Content-Length 1498 X-Amz-Cf-Id o6DoD-3mdMbqfwwktle9h8aBGc9h7pjmg-7F1MG5DqVZZS61qSgK7g==
GET H/1.1	200 OK	smart.js Show response ced-ns.sascdn.com/diff/js/ Redirect Chain https://ww1097.smartadserver.com/config.js?nwid=1097 https://ced-ns.sascdn.com/diff/js/smart.js	27 KB 9 KB	19ms 5ms	Script application/x-javascript	2a01:4a0:1338:28::c38a:ff11 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://ced-ns.sascdn.com/diff/js/smart.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software Apache / Resource Hash a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Last-Modified Mon, 23 Mar 2020 14:27:30 GMT Server Apache ETag "308b0663b760da8cd1006f7a3f2458d5:1584973650" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 8932 Redirect headers location https://ced-ns.sascdn.com/diff/js/smart.js date Wed, 22 Apr 2020 23:57:00 GMT cache-control private content-length 159 content-type text/html; charset=utf-8
GET H2	200	sync Show response gum.criteo.com/	49 B 371 B	85ms 12ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control private, max-age=3600 date Wed, 22 Apr 2020 23:57:00 GMT content-length 165 expires 60
GET H/1.1	200 OK	libJsLP.js Show response tag.leadplace.fr/	3 KB 3 KB	143ms 25ms	Script application/javascript	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/libJsLP.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.14.2 / Resource Hash 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Last-Modified Tue, 30 Oct 2018 10:00:26 GMT Server nginx/1.14.2 ETag "5bd82bba-a72" X-IPLB-Instance 30195 Content-Type application/javascript Accept-Ranges bytes Content-Length 2674
GET H2	200	/ onetag-sys.com/usync/ Frame DD3C	0 0	152ms 73ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1587599820996 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.253 , Germany, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2a897e3f18e6769&cb=1587599820996 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H2	200	/ spl.zeotap.com/ Frame 1AEA	0 0	150ms 81ms	Document text/html	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority spl.zeotap.com :scheme https :path /?env=mWeb&uc=2&zdid=1258&eventType=map pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 date Wed, 22 Apr 2020 23:57:01 GMT content-type text/html set-cookie __cfduid=d2c2ab9fa3b38871e6953596ea6c2546e1587599821; expires=Fri, 22-May-20 23:57:01 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=996b470a-2201-4a10-4527-495338112e6f; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=996b470a-2201-4a10-4527-495338112e6f; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%D1%90%FFa%EA%3B%90%B25%5D%08%B1%AC%80%B1%5C%06%DE%A5s%E3%A8%B7%F6X%5B%A9I%BF%8E%86%19%86gFp%E2%E05%0D%A6%04%D4k%E0%91%C6%B8cCgO%8A%1CT%C4E%AC%5D%94%D5%27Y%5DI%B3x%27%C7%3D%B52y%AD%8CQ%FA%AE%9F%87%EBZ%95%05%7FH%01%81%17%CB%2Ar%895%2B%DD%0E%8F; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure access-control-allow-headers * access-control-allow-origin * via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 588348e1bb98d6c9-FRA content-encoding br cf-request-id 0245ebe10e0000d6c97a14c200000001
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/	13 KB 6 KB	189ms 75ms	Script application/x-javascript	91.228.74.166 QUANTCAST
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.166 , United Kingdom, ASN27281 (QUANTCAST, US), Reverse DNS Software QS / Resource Hash e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Last-Modified Wed, 22-Apr-2020 23:57:01 GMT Server QS Etag M0-56c8c653 Vary Accept-Encoding Connection keep-alive Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Strict-Transport-Security max-age=86400 Content-Length 5651 Expires Wed, 29 Apr 2020 23:57:01 GMT
GET H/1.1	200 OK	notifyme.js Show response d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	188ms 72ms	Script text/javascript	13.225.78.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.78.155 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-155.fra2.r.cloudfront.net Software Apache / Resource Hash b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 01:24:58 GMT Via 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache Age 81272 X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive X-Amz-Cf-Pop FRA2-C2 Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id XR6Mwuo6Mf1N8iwq31x3FllTh_TKsFOdBg0p-hYz1_Y2zb93dA4I9g==
GET H/1.1	200 OK	186329-261067657875242.js Show response js-sec.indexww.com/ht/p/	35 KB 12 KB	123ms 27ms	Script text/javascript	23.213.165.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/186329-261067657875242.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-44.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Last-Modified Wed, 22 Apr 2020 23:16:32 GMT Server Apache ETag "da496f-8bc6-5a3e95299a4bf" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=1229 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 12312 Expires Thu, 23 Apr 2020 00:17:30 GMT
GET H2	200	prebid.js Show response ads.themoneytizer.com/moneybid2_445_2/build/dist/	407 KB 130 KB	16ms 15ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash a68d161af49e25a6bc817a4af26143f51c6690653baff4d86686f2495a4a540f Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip last-modified Fri, 17 Apr 2020 14:55:51 GMT server nginx etag "1e3f7-65bd5-5a37dbeda57b8" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 132673 expires Thu, 23 Apr 2020 23:56:55 GMT
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	109 B 839 B	92ms 13ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=adsrt.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	69ms 62ms	Script application/javascript	2a00:1450:4001:817::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=adsrt.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020042001.js Show response securepubads.g.doubleclick.net/gpt/	171 KB 63 KB	72ms 65ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Apr 2020 20:16:23 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 64174 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:01 GMT
GET H/1.1	200 OK	ads-priv.php Show response syndication.optimizesrv.com/	0 319 B	160ms 60ms	Script text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.optimizesrv.com/ads-priv.php?i=0 Requested by Host: a.optimizesrv.com URL: https://a.optimizesrv.com/popunder1000.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sticky-embed.js Show response tags.audionews.fm/	7 KB 3 KB	160ms 71ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/sticky-embed.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c5668e7d6448a1651213bb4a5b5b099cd806bfff85b89226515db47aee14aa6 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:31:54 GMT server cloudflare age 5030 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348e2f9cc97fc-FRA cf-request-id 0245ebe1df000097fc9da5b200000001
GET H2	200	cmp.js Show response quantcast.mgr.consensu.org/	264 KB 76 KB	77ms 8ms	Script text/javascript	2600:9000:20eb:d600:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/cmp.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:d600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:55:51 GMT content-encoding gzip last-modified Tue, 24 Mar 2020 19:10:19 GMT server AmazonS3 age 272 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-meta-qc-ineu True x-amz-cf-pop FRA2-C1 x-amz-cf-id wpMycd28NVgqySutxyMgO22GpL1v3mCK10KFpJsr4InpXSXuKLdIIQ== via 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
GET		8.gif id5-sync.com/c/12/112/2/ Redirect Chain https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOSlni81qsjZ5lZ750clspdznYsIcYOt12FFAYVw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd... https://id5-sync.com/c/12/3/7/3.gif?puid=a4325ea0-d9cd-4800-a4ac-f3e1ad25ca1b&gdpr=1&gdpr_consent= https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/10/6/4.gif?puid=6804414450764315005&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/12/19/5/5.gif?puid=97e57ed70ceaff55f8b6780e36f51381&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/101/4/6.gif?puid=2bfbc1ee-c3b4-41e0-98d4-5c4137289896&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp... https://id5-sync.com/c/12/108/3/7.gif?puid=f6aa6431-84f4-11ea-bb76-5a4d09408e47&gdpr=1&gdpr_consent= https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/112/2/8.gif?puid=36D81176D909B4E3&gdpr=1&gdpr_consent=	0 0
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/	299 KB 121 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 16:59:00 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Apr 2020 04:05:48 GMT server sffe age 197881 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 124243 x-xss-protection 0 expires Tue, 20 Apr 2021 16:59:00 GMT
GET H/1.1	200 OK	zone Show response sendmepush.com/	634 B 1 KB	63ms 61ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/zone?pub=0&zone_id=2982850&is_mobile=false&domain=adsrt.org&var=&ymid= Requested by Host: sendmepush.com URL: https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash 9e8bcc26f66efc7bb3b461fbcd96fb99368fa4edaf3990cd313230d06673d2f4 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Trace-Id e8b96789a92023796c72588d74a558b0 Date Wed, 22 Apr 2020 23:57:01 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 634
GET H/1.1	200 OK	universal.min.js Show response sendmepush.com/pfe/current/	138 KB 42 KB	106ms 16ms	Fetch application/javascript	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/pfe/current/universal.min.js?v=3.1.212 Requested by Host: sendmepush.com URL: https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash e5d29bbfbe521a4dd1e8b1ac268f12751ac95270586b9500f0d806357414983c Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:01 GMT Content-Encoding gzip Last-Modified Mon, 20 Apr 2020 11:12:36 GMT Server nginx ETag W/"5e9d83a4-22979" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://adsrt.org Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-40605702-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 1107 date Wed, 22 Apr 2020 23:38:34 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Thu, 23 Apr 2020 01:38:34 GMT
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 645 B	32ms 31ms	XHR application/json	63.33.80.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-80-49.eu-west-1.compute.amazonaws.com Software / Resource Hash 06d2b35fd9f60c0621f5bd3df8a055d7c71cec654474fab901f9e7b2a96d2fdb Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 22 Apr 2020 23:57:01 GMT x-aspnet-version 4.0.30319 status 200 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://adsrt.org cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Fri, 22 May 2020 23:57:01 GMT
GET H2	200	rules-p-6Fv0cGNfc_bw8.js Show response rules.quantcount.com/	1 KB 965 B	25ms 9ms	Script application/x-javascript	2600:9000:21f3:8c00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:8c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:15:30 GMT content-encoding gzip last-modified Mon, 19 Mar 2018 22:28:36 GMT server AmazonS3 age 2495 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id BMedzAKaDwfFeEZTC7H0uOeC4tig4k2IhF6mHis2oVn-wF8qfho7rQ== via 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	427 B 643 B	171ms 171ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821385&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=308&adys=104&adks=947428104&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=71&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x90&msz=1585x90&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash ecb6e68874a8ae9e18a7e60e2245803e0e9c4786659aa8d4ce78226a576304a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 238 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020042001.js Show response securepubads.g.doubleclick.net/gpt/	67 KB 24 KB	51ms 51ms	Script text/javascript	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software sffe / Resource Hash 4e84d85a31c26a182e31a0e7e97f1393690c5b5756a00201ca7752a253c79998 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Apr 2020 20:16:23 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 24855 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:01 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	58ms 5ms	Other text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 307 B	178ms 177ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821401&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2879391044&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=132&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash c91bc6573619a8fea6968408f0299d43998571f44129b78216dfedcd5cf6d007 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 230 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 306 B	210ms 209ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821453&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=100&adks=3789892724&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=516&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 8666e69887bf176b7a53bbb760617d4c1cc1f4ee7363b31435ce123a55a962f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 311 B	288ms 287ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821459&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=633&adys=319&adks=3678738878&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=690x100&msz=690x100&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 52ab3fc4532a421fa7ea5719066a8b2f461ead82fa7beb6b7c8b7d6be08888e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 233 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	40 KB 10 KB	329ms 329ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_ex5&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821464&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=628&adys=456&adks=2531372102&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x280&msz=330x280&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash f1a96df280dc1e47afad725d4e4517463cad70c155090861382068fd4698703c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 10431 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	40 KB 10 KB	412ms 411ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821477&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=635&adys=756&adks=2718537552&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=305x280&msz=305x280&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 8ceb212661ef3ff27de149f4d1e2c21aa151cbc3bf58b83a4b9b3c3f1f83f737 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 10356 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 307 B	479ms 478ms	XHR text/plain	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4475591526348781&correlator=1071968355388056&output=ldjh&impl=fif&adsid=NT&eid=21065918&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200422&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1587599821&dt=1587599821485&dlt=1587599820767&idt=604&frm=20&biw=1585&bih=1200&oid=3&adxs=638&adys=1091&adks=1935797142&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&dssz=72&icsg=11727676633088&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=305x250&msz=305x250&ga_vid=1562960789.1587599821&ga_sid=1587599821&ga_hid=1193018245&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software cafe / Resource Hash 82cf36381b4f3dc9570638dbf1272278e26043cb9bca87cf6129e2f1e8b483f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 233 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	localstore.js Show response script.4dex.io/	450 B 747 B	77ms 20ms	Script application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br cf-cache-status HIT age 1387 status 200 x-amz-request-id DCC53D891D133E6C x-amz-id-2 aSAJUwjDW2sRjhrMGOF4TOndBgucCQndsJBlaQU+/0Vbn2yd08RVSGrgYpaP5/hsxjXYpTiJH7c= last-modified Mon, 06 Apr 2020 11:18:51 GMT server cloudflare etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-request-id 0245ebe2f90000dfe72d34b200000001 cf-ray 588348e4c93fdfe7-FRA
GET H2	200	cmp-3pc-check.html static.quantcast.mgr.consensu.org/v32/ Frame 9EB2	0 0	24ms 6ms	Document text/html	2600:9000:20eb:d000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority static.quantcast.mgr.consensu.org :scheme https :path /v32/cmp-3pc-check.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 content-type text/html content-length 645 last-modified Tue, 24 Mar 2020 19:10:15 GMT x-amz-server-side-encryption AES256 accept-ranges bytes server AmazonS3 date Wed, 22 Apr 2020 23:51:59 GMT etag "55b98270d639ef0c34781d9f03cce91f" x-cache Hit from cloudfront via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amz-cf-id Cotl3HSv5OwOJ-lYY2mQ1LldRdhhUicQgJFgM7e3m-uoZQUCRzL_Aw== age 449
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.0.0/	84 KB 30 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 15 Apr 2020 01:53:10 GMT content-encoding gzip x-content-type-options nosniff age 684231 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 30186 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Apr 2021 01:53:10 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame BB47	0 0	36ms 35ms	Document text/html	2a00:1450:4001:820::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNydC5vcmc6NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=ih9b0o6ahh1z Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-6bKtkkQnK+o0r2NEnCPMKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNydC5vcmc6NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=ih9b0o6ahh1z pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 22 Apr 2020 23:57:01 GMT content-security-policy script-src 'report-sample' 'nonce-6bKtkkQnK+o0r2NEnCPMKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10117 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
POST H/1.1	200 OK	headerstats Show response as-sec.casalemedia.com/	0 333 B	128ms 42ms	XHR text/plain	23.213.165.44 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&v=3 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-165-44.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:01 GMT Server Apache Content-Type text/plain Access-Control-Allow-Origin https://adsrt.org Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Wed, 22 Apr 2020 23:57:01 GMT
GET H2	200	video-js.min.css tags.audionews.fm/dist/	38 KB 9 KB	19ms 18ms	Stylesheet text/css	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/video-js.min.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:13 GMT server cloudflare age 6492 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 588348e60bb297fc-FRA cf-request-id 0245ebe3c8000097fc9da6d200000001
GET H2	200	videojs.ads.css tags.audionews.fm/dist/	917 B 402 B	21ms 20ms	Stylesheet text/css	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ads.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:15 GMT server cloudflare age 5580 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 588348e60bb397fc-FRA cf-request-id 0245ebe3c8000097fc9da6e200000001
GET H2	200	videojs.ima.css tags.audionews.fm/dist/	4 KB 1 KB	26ms 26ms	Stylesheet text/css	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ima.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:11 GMT server cloudflare age 5836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 588348e60bb697fc-FRA cf-request-id 0245ebe3c8000097fc9da6f200000001
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	264 KB 90 KB	190ms 156ms	Script text/javascript	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 420b0da3f4e41827174f892bfe3c46a2b9bec8675f53549b1b556d06032e567e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 91808 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:01 GMT
GET H2	200	cmpui-banner.js Show response static.quantcast.mgr.consensu.org/v32/	257 KB 74 KB	8ms 7ms	Script text/javascript	2600:9000:20eb:d000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc804d691659700a97702a671ef7e6ad9ee33ddf2faf9afb2b6ca15951185bd2 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:54:28 GMT content-encoding gzip last-modified Tue, 24 Mar 2020 19:10:14 GMT server AmazonS3 age 924 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-cf-pop FRA2-C1 x-amz-cf-id o5qgVGDKKVU6fIg80Hn7CMllEEXbBZ8CfrTPhfgS8p26takdVX_pSw== via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
GET H2	200	collect stats.g.doubleclick.net/r/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1193018245&t=pageview&_s=1&dl=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1562960789.1587599821&jid=1495226988&_gid=1619804954.1587599822&gjid=962852881&_v=j81&z=1483823159	35 B 102 B	75ms 71ms	Image image/gif	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1562960789.1587599821&jid=1495226988&_gid=1619804954.1587599822&gjid=962852881&_v=j81&z=1483823159 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 22 Apr 2020 23:57:01 GMT status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 22 Apr 2020 23:57:01 GMT last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 302 location https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1562960789.1587599821&jid=1495226988&_gid=1619804954.1587599822&gjid=962852881&_v=j81&z=1483823159 content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 419 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adagio.js Show response script.4dex.io/	62 KB 18 KB	95ms 75ms	Fetch application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:01 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 188 status 200 x-amz-request-id CAB8840F08AB805D x-amz-id-2 trQcLdBATKMOHgbLY+T6EW30XGAbr+OF1JOh1PPgqS3wMxp3LxgQh6ErgxdXDODQq+rzCmU3Br8= last-modified Mon, 06 Apr 2020 11:18:49 GMT server cloudflare etag W/"69fac1b60dfd5d00b8ff023e19aca7e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-request-id 0245ebe49b0000dfc3cc331200000001 cf-ray 588348e759b9dfc3-FRA
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/032004071640410/ Frame CBAD	201 KB 55 KB	104ms 13ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/ Origin https://adsrt.org Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91073 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 56035 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:39:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "e11d51f2d5d78cb7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:39:09 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/032004071640410/ Frame CBAD	201 KB 56 KB	96ms 5ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91073 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 56035 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:39:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "e11d51f2d5d78cb7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:39:09 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame CBAD	16 KB 6 KB	107ms 17ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a729df0f6435cd25e9ca002e7e4d7f6fd64193d07bd5b9798f13f57ee87b6f7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91119 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5891 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9842abddb9da2610" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:23 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame CBAD	93 KB 28 KB	106ms 16ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f6d48af065ccaf916673bdf0810e78ed805f08e4c0e50c45d14a6cb5d0f6ea5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91118 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28521 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "8819c4e7488d2a57" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:24 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame CBAD	4 KB 2 KB	106ms 15ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09dbbbfe478c3209aa304df78e72f42265ce0d89c1ea016a6769202f5d810673 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91119 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 1632 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7fb57c3a7786d59d" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:23 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame CBAD	47 KB 15 KB	103ms 13ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ae29c160b1366a1875a245e7da998f7c8fd1660f1eaa3e93646518598842517 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91140 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 14938 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f7f430dfda1a4b7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:02 GMT
GET DATA	200 OK	truncated / Frame CBAD	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 14e6d434c7b115382917c5b961d2eea14393224ee6a623068597878b59df5caf Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/032004071640410/	20 KB 7 KB	89ms 87ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68155bf2ecc6c28f6c42d7b49ba3d78a9f9004091fd656b17a45841831821b84 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 188288 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 7309 x-xss-protection 0 server sffe date Mon, 20 Apr 2020 19:38:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7df7e6d63ae9c907" accept-ranges bytes timing-allow-origin * expires Tue, 20 Apr 2021 19:38:54 GMT
GET H2	200	546614549309609577 tpc.googlesyndication.com/simgad/ Frame CBAD	50 KB 50 KB	70ms 68ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/546614549309609577?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qng937r58kTyjCHu9pwyyqRe2RsXQ Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2393e14cd892ce8abe5a8382636ac841901e05c4060eed4c84fd7ac40cfbaf38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 10:34:49 GMT x-content-type-options nosniff last-modified Mon, 20 Apr 2020 07:09:42 GMT server sffe age 220932 status 200 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 51176 x-xss-protection 0 expires Tue, 20 Apr 2021 10:34:49 GMT
GET H2	200	es.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame CBAD	3 KB 3 KB	8ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/es.png Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 21:06:44 GMT x-content-type-options nosniff server cafe age 10217 etag 15820072736840818134 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 2687 x-xss-protection 0 expires Thu, 23 Apr 2020 21:06:44 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame CBAD	295 B 521 B	7ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 22:24:17 GMT x-content-type-options nosniff server cafe age 5564 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 23 Apr 2020 22:24:17 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame CBAD	0 0	74ms 73ms	Image text/html	2a00:1450:4001:820::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7MakQVcsR8RYz1a67v123CpCMGTllBfPVmqXNa9VwuUgA-AP9RIykekFylT7LbSjkQWEN Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame CBAD	0 0	76ms 75ms	Image text/html	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CTWBPzdmgXtz_KYeZ3gP5uo6AB5Hj79xc0IWekKcLk6Sy0esBEAEgiLGRH2CRhICAjBigAbKGrvQCyAEC4AIAqAMByAMIqgThAU_QXDuW9aKEfFLi_DurycBpN4yJNQlvGfZdejSQpxj0Avbr5yF42gGqtViOZEYd7C1SdzpA0xAelkQMw-dThC2dqag6LiXAh1SmPh5sB6fDx6_-XBhL523k4HSmYGT1JHVBY7ZGu8uMvth6XLeM69ViAjV5xnDjDsP0ubE8hDxhLGE-TGOG1HJivtBG9tS7Nlsfu3wxlbNjJmMl4erB5-mFsyWH39-MlCZeHJunZYJ2OiTJjVvCAb1an_tunZwEKAD-D4iwimjpQhEIykAtVdvAs4B2eMW1iOpBu1oQdyvpZcAE0e3DmPsC4AQBkgUECAQYAZIFBAgFGASgBgKAB6-pgZkBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJ_eAdIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNjI2OTM4Nzk5NTM0MDkwOYAKA8gLAdgTDA&sigh=2Xq0zlaa5Ek&tpd=AGWhJmuwHBzb87z4tXRJ2GeG6VilGOiO5Ztaze4LWOx-ywe1SA Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/032004071640410/ Frame 9CD0	201 KB 56 KB	13ms 5ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/ Origin https://adsrt.org Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91073 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 56035 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:39:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "e11d51f2d5d78cb7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:39:09 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/032004071640410/ Frame 9CD0	201 KB 55 KB	87ms 85ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17e29cfb9c11ac8521b5deec1592ecd22919463c1b7436e86facb637fb1c06a3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91073 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 56035 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:39:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "e11d51f2d5d78cb7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:39:09 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame 9CD0	16 KB 6 KB	86ms 85ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a729df0f6435cd25e9ca002e7e4d7f6fd64193d07bd5b9798f13f57ee87b6f7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91119 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5891 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9842abddb9da2610" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:23 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame 9CD0	93 KB 28 KB	83ms 82ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f6d48af065ccaf916673bdf0810e78ed805f08e4c0e50c45d14a6cb5d0f6ea5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91118 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28521 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "8819c4e7488d2a57" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:24 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame 9CD0	4 KB 2 KB	20ms 18ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09dbbbfe478c3209aa304df78e72f42265ce0d89c1ea016a6769202f5d810673 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91119 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 1632 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7fb57c3a7786d59d" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:23 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/032004071640410/v0/ Frame 9CD0	47 KB 15 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032004071640410/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ae29c160b1366a1875a245e7da998f7c8fd1660f1eaa3e93646518598842517 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 91140 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 14938 x-xss-protection 0 server sffe date Tue, 21 Apr 2020 22:38:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f7f430dfda1a4b7" accept-ranges bytes timing-allow-origin * expires Wed, 21 Apr 2021 22:38:02 GMT
GET H2	200	es.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CD0	3 KB 3 KB	13ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/es.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 21:06:44 GMT x-content-type-options nosniff server cafe age 10218 etag 15820072736840818134 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 2687 x-xss-protection 0 expires Thu, 23 Apr 2020 21:06:44 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CD0	295 B 359 B	12ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 22:24:17 GMT x-content-type-options nosniff server cafe age 5565 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 23 Apr 2020 22:24:17 GMT
GET DATA	200 OK	truncated / Frame 9CD0	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 22da1316f557e8bac4cabe4f844f919f804616401a0493f5baef26f4b8a04cd6 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	17336328890193882774 tpc.googlesyndication.com/simgad/ Frame 9CD0	62 KB 62 KB	10ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17336328890193882774?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmgKqxyJ_aMILWn0MIeRhAFSzt8Zg Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a1dfb78f9c6729ddbb3768a885fcb640891421ad9cf95c4680f0b34b5b0db42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 17 Apr 2020 13:44:12 GMT x-content-type-options nosniff last-modified Fri, 17 Apr 2020 10:26:45 GMT server sffe age 468770 status 200 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 63393 x-xss-protection 0 expires Sat, 17 Apr 2021 13:44:12 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 9CD0	0 0	86ms 82ms	Image text/html	172.217.22.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CAX3gzdmgXq3GL42j3wPDt6L4DpHj79xcnu3ws7wLk6Sy0esBEAEgiLGRH2CRhICAjBigAbKGrvQCyAEC4AIAqAMByAMIqgTgAU_QqUvbs9QLUSpDUWgQTnZCqO6RoX0gnAZo8g60i14qPMEDzaX5J2KpNKZqBE4BuWPVzlgGOsMOPSrMNRHaIEZvGYYBuonHWCsnBK_Yjr3-9jTH94XduYgCfhImYGMfQVjyVqbt8n66n8AJU0Jt9X13tyi5ocMbvC0LIsbINT6WiU0tXUxRgDLBy4tHpeWRu4UCMtiHryL1BZnm2rjlufnLvAXMVlWGu2EFq02xnG8_EnKies9K4PGCtbPg4zC6gxe8Ps0wdlOwBtbxz5EsXCi3_PTXctzP9t4h06mW9l07wATR7cOY-wLgBAGSBQQIBBgBkgUECAUYBKAGAoAHr6mBmQGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ65EC0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi02MjY5Mzg3OTk1MzQwOTA5gAoDyAsB2BMM&sigh=gi_-UN9R1pk&tpd=AGWhJmu8ype1LjLpSiMzoUcJ6deWJOJuemithFo7JjZV4rJhXA Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s16-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	vendorlist.json Show response vendorlist.consensu.org/	96 KB 18 KB	79ms 8ms	XHR application/json	2600:9000:2156:5a00:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/vendorlist.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:5a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04f9206da6b56f38a4e4757ae31e983faad788629925eb0b7630ae1363f5e73f Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 16 Apr 2020 16:34:42 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 544941 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 16 Apr 2020 16:00:55 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id 3dIfidhajd6Uz2fa6kKbmXcjfH20Tpr2 via 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop FRA50-C1 content-type application/json; charset=utf-8 x-amz-cf-id 5Gy0TjuVvKrO9S37Nb4ycJfLiFm0FsDy7tFm7R2DnuV2_K6LhG7c4A==
GET H/1.1	200 OK	notifyme.php Show response adtrack.adleadevent.com/	0 520 B	163ms 63ms	XHR application/x-javascript	54.228.220.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-220-169.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:02 GMT Content-Encoding gzip Last-Modified Wed, 22 Apr 2020 23:57:02 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	video.min.js Show response tags.audionews.fm/dist/	491 KB 113 KB	18ms 17ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/video.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fc57b49cdcfa478396b186bdd03fdaa108b8975e58d156f41bc011056388728 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:11 GMT server cloudflare age 5030 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348ea6da997fc-FRA cf-request-id 0245ebe684000097fc9da82200000001
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame 98AA	0 0	16ms 16ms	Document text/html	2a00:1450:4001:820::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&cb=jnilcpqe6d44 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8OmkLw1BbQuEZ25TSetywQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&cb=jnilcpqe6d44 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 22 Apr 2020 23:57:02 GMT content-security-policy script-src 'report-sample' 'nonce-8OmkLw1BbQuEZ25TSetywQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1178 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame CBAD Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers date Wed, 22 Apr 2020 23:57:02 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H2	200	purposes-es.json Show response vendorlist.consensu.org/	4 KB 4 KB	7ms 7ms	XHR application/json	2600:9000:2156:5a00:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/purposes-es.json?timestamp=1587599822657 Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:5a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 85957fcf9f6eae286eff4e1b9de72d212ce03b613c928e8eac0ff08e7bb13578 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 Apr 2020 08:25:52 GMT via 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront) vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 142271 x-cache Hit from cloudfront status 200 content-length 3926 last-modified Thu, 16 Apr 2020 16:21:27 GMT server AmazonS3 etag "5a1918e34f297c033ac72bbd64bac68c" access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id DQVufOX_2nKA3q.oQ4CFWaaVOnqL7AHr access-control-allow-origin * cache-control max-age=259200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/json; charset=utf-8 x-amz-cf-id 4LM7rDHHxooPLYg3oGXFKeLCUwMo68tIzDrmxxy4h10NCX5qM5eaDw==
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 9CD0 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers date Wed, 22 Apr 2020 23:57:02 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H2	200	546614549309609577 tpc.googlesyndication.com/simgad/ Frame CBAD	50 KB 50 KB	6ms 5ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/546614549309609577?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qng937r58kTyjCHu9pwyyqRe2RsXQ Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2393e14cd892ce8abe5a8382636ac841901e05c4060eed4c84fd7ac40cfbaf38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 20 Apr 2020 10:34:49 GMT x-content-type-options nosniff last-modified Mon, 20 Apr 2020 07:09:42 GMT server sffe age 220933 status 200 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 51176 x-xss-protection 0 expires Tue, 20 Apr 2021 10:34:49 GMT
GET H2	200	es.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame CBAD	3 KB 3 KB	7ms 7ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/es.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 21:06:44 GMT x-content-type-options nosniff server cafe age 10218 etag 15820072736840818134 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 2687 x-xss-protection 0 expires Thu, 23 Apr 2020 21:06:44 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame CBAD	295 B 355 B	7ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 22:24:17 GMT x-content-type-options nosniff server cafe age 5565 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 23 Apr 2020 22:24:17 GMT
GET H2	200	17336328890193882774 tpc.googlesyndication.com/simgad/ Frame 9CD0	62 KB 62 KB	7ms 6ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17336328890193882774?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmgKqxyJ_aMILWn0MIeRhAFSzt8Zg Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a1dfb78f9c6729ddbb3768a885fcb640891421ad9cf95c4680f0b34b5b0db42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 17 Apr 2020 13:44:12 GMT x-content-type-options nosniff last-modified Fri, 17 Apr 2020 10:26:45 GMT server sffe age 468770 status 200 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 63393 x-xss-protection 0 expires Sat, 17 Apr 2021 13:44:12 GMT
GET H2	200	es.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CD0	3 KB 3 KB	10ms 9ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/es.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 21:06:44 GMT x-content-type-options nosniff server cafe age 10218 etag 15820072736840818134 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 2687 x-xss-protection 0 expires Thu, 23 Apr 2020 21:06:44 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9CD0	295 B 355 B	9ms 9ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/032004071640410/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 22:24:17 GMT x-content-type-options nosniff server cafe age 5565 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 23 Apr 2020 22:24:17 GMT
GET BLOB	200 OK	9a49a537-6bba-482c-a7d9-e0b273620319 https://adsrt.org/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://adsrt.org/9a49a537-6bba-482c-a7d9-e0b273620319 Requested by Host: tags.audionews.fm URL: https://tags.audionews.fm/dist/video.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	videojs.ads.min.js Show response tags.audionews.fm/dist/	23 KB 6 KB	10ms 10ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ads.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:04 GMT server cloudflare age 5029 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348ec7e8a97fc-FRA cf-request-id 0245ebe7ca000097fc9da8c200000001
GET H2	404	CookieAccess Show response api.quantcast.mgr.consensu.org/	30 B 586 B	177ms 127ms	XHR application/json	143.204.89.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.quantcast.mgr.consensu.org/CookieAccess Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.89.118 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-118.fra50.r.cloudfront.net Software / Resource Hash 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding gzip x-amz-cf-pop FRA50-C1 x-amzn-requestid c2b963b4-5d84-4f45-963c-2ee9e42b5b51 x-cache Error from cloudfront status 404 x-amz-apigw-id Lab4WFwQIAMFQzQ= content-length 50 access-control-allow-origin https://adsrt.org x-amzn-trace-id Root=1-5ea0d9ce-7437f8a0d15906e013d518a0;Sampled=0 vary Origin access-control-allow-methods GET, POST content-type application/json via 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront) cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type x-amz-cf-id AoegZUdo-qe--0KGdj2AUYbQ9V3inzrSAexwKg4BnW5dX4xUyGTx2w==
GET H2	200	videojs.ima.js Show response tags.audionews.fm/dist/	81 KB 15 KB	13ms 13ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ima.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4a6277e7af456bcb0adb33a64ec505d626969c1297a61c40a5004b15809e200 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:16 GMT server cloudflare age 5028 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348eceebd97fc-FRA cf-request-id 0245ebe811000097fc9da8e200000001
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	15ms 14ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 8bd8a06e41452e8b58443997d6dddc17 Date Wed, 22 Apr 2020 23:57:02 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	sw.js Show response adsrt.org/	3 KB 1 KB	10ms 10ms	Fetch application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/sw.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f041fbf04472ed4f6b8adee25685977644b5ffbfaa96357fef2c8841e0b10dbc Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Fri, 20 Dec 2019 11:34:18 GMT server cloudflare age 4740 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 588348ecef526497-FRA cf-request-id 0245ebe81400006497a2b00200000001
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	16ms 14ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 9de5cc6cfebaa743d97cf771345c8ff9 Date Wed, 22 Apr 2020 23:57:02 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	can-autoplay.min.js Show response tags.audionews.fm/dist/	11 KB 3 KB	14ms 14ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/can-autoplay.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:06 GMT server cloudflare age 4736 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348ed0ec697fc-FRA cf-request-id 0245ebe822000097fc9da8f200000001
GET H2	200	ads_sticky.js Show response tags.audionews.fm/dist/	4 KB 1 KB	10ms 10ms	Script application/javascript	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/ads_sticky.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0e2644ce85b34abf6a9a8ad7d55ec5b39118092eb4384886c93ea1f52afb70e Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:02 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:07 GMT server cloudflare age 4735 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 588348ed2ed297fc-FRA cf-request-id 0245ebe835000097fc9da91200000001
GET DATA	200 OK	truncated /	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7534f0f0571e65e61cb4cbd07673cbf004f38327cae2a669091a92d6c663de7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://adsrt.org Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	bridge3.382.1_en.html imasdk.googleapis.com/js/core/ Frame 9328	0 0	6ms 6ms	Document text/html	2a00:1450:4001:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.382.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 198152 date Wed, 22 Apr 2020 05:23:53 GMT expires Thu, 22 Apr 2021 05:23:53 GMT last-modified Wed, 22 Apr 2020 05:21:02 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 66789 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	26 KB 11 KB	73ms 14ms	Script text/javascript	2a00:1450:4001:816::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:03 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 10523 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:03 GMT
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	42 KB 0	268ms 267ms	Media video/mp4	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://adsrt.org/rWhLR2ho Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Wed, 22 Apr 2020 23:57:03 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 0-38500454/38500455 accept-ranges bytes cf-ray 588348edcf2697fc-FRA Content-Length 38500455 cf-request-id 0245ebe899000097fc9da95200000001
GET H2	200	logo.png adshort.media/	71 KB 71 KB	80ms 14ms	Image image/png	2606:4700:3035::6812:27b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adshort.media/logo.png Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:27b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f236a83ff6aeadf5ef4a4d0fadcf7e8b58100b16e1b278a28e8c63a08854611 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:03 GMT cf-cache-status HIT last-modified Tue, 29 Jan 2019 15:57:47 GMT server cloudflare age 872 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 588348ee3c27c2c7-FRA content-length 72196 cf-request-id 0245ebe8de0000c2c7050b4200000001
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response audit.quantcast.mgr.consensu.org/	80 B 487 B	63ms 21ms	XHR text/html	143.204.89.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit.quantcast.mgr.consensu.org/?log=;1587599823253;AdShort%20Media;https%3A%2F%2Fadsrt.org%2FrWhLR2ho;;;;;b,off,true,,1,es,32,198,true,false,false;displayConsentUi:mandatory,;GDPR-c5le596sigevswiua4kc Requested by Host: static.quantcast.mgr.consensu.org URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.89.28 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-28.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 04:07:05 GMT via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) vary Origin age 71399 x-cache Hit from cloudfront status 200 content-length 80 last-modified Mon, 11 Jun 2018 22:07:34 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" access-control-max-age 3000 access-control-allow-methods GET content-type text/html access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id Cyr6dfzn0U1KMr6aFF7O8EAL599YVWSgvYdz_emh17S6hVJzwJCJVg==
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	190 KB 190 KB	285ms 285ms	Media video/mp4	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68c62d703c76efd136c9b162a852c433e264e5625366a59d90968d80b4057037 Request headers Referer https://adsrt.org/rWhLR2ho Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=38305792- Response headers date Wed, 22 Apr 2020 23:57:03 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 38305792-38500454/38500455 accept-ranges bytes cf-ray 588348f0385597fc-FRA Content-Length 194663 cf-request-id 0245ebea24000097fc9da9d200000001
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame CBAD	42 B 783 B	27ms 15ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuovIYbfYUZZXKHs7g7kw3s3ShrjiFqsUS8JYZ5tciEerdfHyA-VY_4-JDnuiPtS0ekDRYa-bEAgzALED2WHHhgy_-49lVFKcx_pfYGoWeq0S1NUK7aBrdnhfuJpA&sai=AMfl-YRsgS-rc9baTrfjaul5cKijUHYafQhB9Ukik-QNzhhpHLg3cUiYxeiyRT765J5HuYOhRnoqF3FoCOjaqj-MHfJCJwiRGAwpckaY9UBMGaR2XCev6ausNDzs6fvu&sig=Cg0ArKJSzKhP9AVQ5XrlEAE&cid=CAASPeRoJ9Gj0EOAFatWJY9-8da2Lr1tHFzsaV-xwUG6w-40fEDumGOOFyQAij76TpbbozRakwtlDZWiRrrlHyE&id=ampim&o=628,456&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=375&tls=1375&g=100&h=100&tt=1375&r=v&avms=ampa&adk=2531372102 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 9CD0	42 B 110 B	25ms 16ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvMtAAOVoUVlJbA3dYEpMrfTg9M06PBFSNxxKlzEGmXIz0FrxdR9lcs61aDo5OmA_crf8-3isMok9ptCG41Z1a_jxmgw8VvCA5W90lNLj1nmcW0UshZCzuzJEr8g&sai=AMfl-YSTrwd9cVFTTiBJR-qOjaHSyFhuxrfKvKalbXuvr4U_f-i4prFpPV_z_uVhtxFVkANV3mmlalYC8JbWTR-MddZ9I1wcFQZeIfH-UlmoZUyXP-s5T5mF2ZOjgYJR&sig=Cg0ArKJSzH4Uy2eSGxVEEAE&cid=CAASPeRo_dmWm91wRXORcA9QN7eEHILaJETPp6F7-tT7Bil1zHVTO7FiMk-8FTFWGEPQ49192Qy3EuhVI2KORoE&id=ampim&o=635,820&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=274&tls=1275&g=100&h=100&tt=1275&r=v&avms=ampa&adk=2718537552 Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	28ms 17ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash af137decafd1be5705a9ad561cba638ca98cebbb682923a748d2c6d2bca458ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 22 Apr 2020 23:57:03 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5135 x-xss-protection 0
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	14ms 14ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 67e1220e38ac8b2335a2a965d0705caf Date Wed, 22 Apr 2020 23:57:03 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:03 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5456 x-xss-protection 0 expires Wed, 22 Apr 2020 23:57:03 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame B69B	0 0	6ms 5ms	Document text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Wed, 22 Apr 2020 22:57:45 GMT expires Thu, 22 Apr 2021 22:57:45 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3558 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	163 KB 0	277ms 277ms	Media video/mp4	2606:4700:3035::681f:41fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:41fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://adsrt.org/rWhLR2ho Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=32768- Response headers date Wed, 22 Apr 2020 23:57:04 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 32768-38500454/38500455 accept-ranges bytes cf-ray 588348f45ab197fc-FRA Content-Length 38467687 cf-request-id 0245ebecb8000097fc9daac200000001
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 60 B	14ms 14ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042001&jk=4475591526348781&bg=!c3ClcGhYMSD4yd6Zzh0CAAAAXVIAAAAKmQFVGQArgqall2b1ga3CxXH8NopgwApZqifJm48SixxyLfCc27IxxrbXDulefC2CjqG7DSXLN6G4R7SdLu9V1AEgFqHPc50AJWMELWmv5v2eJPpk-DqPUrrO7zxvgZfdCcPqbwv-x-1pqUOHwCfnWM7Sn127hcb_kPBwQ6ERnD_oLhnyiC8ua8zH1Jc0hARTs3BKgH-Chg024YjNDx-XEAVzPJ1bQwC0I7h8sWCHprDgc3DF85khF3H7fL89V_u1j-T8iyV1khLhzHUZaSPHzjncOJ1DgD550esEgfQ_NkOCk-K3PIl7O518kZEfWPxBVo_RUotosaMAuJcaly434zAeKjButpA_Aior5YpdrKhPv8snmPn5S33d-b-ltWVyOAxFUhOeVpoQ66J274vj_5Xe0czgKV80_-aCgxt_PWqX-Rv8nERXG9jYghv1PYxn3b8ZqcFAn48 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/	2 B 153 B	82ms 18ms	XHR text/plain	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/ROS?rnd=0.2513751910706328&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26300%3A300x250%2B26711%3A300x250%2B26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26323%3A300x600%2C300x250%2B26324%3A120x600%2B26706%3A160x600%2B39287%3A970x250%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2C970x90&ur=https%253A%252F%252Fadsrt.org%252FrWhLR2ho&r=pbjs&pbv=2.44.5&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%253A%252F%252Fadsrt.org%252FrWhLR2ho& Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT server openresty status 200 content-type text/plain access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-length 2 x-sid AMS-606
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 402 B	87ms 23ms	XHR application/json	35.158.181.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.5&referrer=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&tmax=3000 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.181.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-181-243.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:11 GMT x-auction-status 12, 12, 12, 12, 12, 12, 12, 12, 12 status 200 content-type application/json; charset=utf-8 access-control-allow-origin https://adsrt.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	75 B 270 B	58ms 29ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=11&formatid=video&size=desktop&country=undefined Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT server nginx x-powered-by PHP/5.4.45 status 200 x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 75 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	624 B 654 B	57ms 28ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=1&formatid=26322&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash c3c530b9481cc827af01f802aa3945a174f38e1d9b557b4b0e77e76176842b06 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	626 B 659 B	58ms 29ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=2&formatid=26300&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 98d4f89d585f764107590b17475cf4924ae326babd0bf3d0646b18ed54874375 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 428 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	59ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=3&formatid=26323&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash e5a2c3acff75cf9732ebcf5b38af34ba113d7bc57bcb384c60058af47e6d6b6e Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	627 B 663 B	59ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=4&formatid=26324&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 58e0f41547dbe105c6db8250f3c3137648a24b66f9387e688b8e5bff4dff61a2 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 432 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	633 B 670 B	57ms 29ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=20&formatid=26706&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 4cbcadb1bb58bb4ef5090e5bb893d7cae2c8232e1e8407df90000bb0353a55cc Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 439 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	627 B 655 B	58ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=19&formatid=26711&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 3bb5c9c00a8e4f99df3a5e04291ea2af0cd53b7351b1173f22be869a16391e3d Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	631 B 666 B	58ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=28&formatid=30012&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash f88ef77833a7da81a70bd82ba2c1111676d7a9097a526ea0ef5fb5f3bcf59d1e Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 435 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	57ms 29ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=31&formatid=39287&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash c63cc7eb735544b8b1cfc52a54d174bd33b2aeb6aa8883ee4c08b8179e81b92d Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Thu, 23 Apr 2020 23:57:11 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 706 B	23ms 23ms	XHR application/json	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:13 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80 AN-X-Request-Uuid 9e05e7c1-3567-4fcf-ba01-6cefec2df892 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	13 KB 5 KB	50ms 50ms	XHR application/json	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224479bbcbb03fc6d%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22e5b225ae-6f9e-46e4-8529-a6df9ba6d6da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%2245e7d4dcd761dd6%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%22716b6635-11e8-48c7-8975-86f519d0b4db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2246aa33d468b918%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22946f3bf3-1ed7-435b-ada1-2589cbd24f9d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2247b9d4efe867831%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22fb4a9e31-5f73-40db-a166-7621d40fc96e%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2248a224b563870e7%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%22063d468e-1fc6-49b3-ba35-946c00c91b80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 5373d25e67480b7a56bed4f1cf9817557c9f8f81c7a2d36a27e8b360ea171500 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 5025 Redirect headers date Wed, 22 Apr 2020 23:57:11 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2265d4023c4f98744%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224479bbcbb03fc6d%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22e5b225ae-6f9e-46e4-8529-a6df9ba6d6da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%2245e7d4dcd761dd6%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%22716b6635-11e8-48c7-8975-86f519d0b4db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2246aa33d468b918%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22946f3bf3-1ed7-435b-ada1-2589cbd24f9d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2247b9d4efe867831%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22fb4a9e31-5f73-40db-a166-7621d40fc96e%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2248a224b563870e7%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%22063d468e-1fc6-49b3-ba35-946c00c91b80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	13 KB 5 KB	47ms 46ms	XHR application/json	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249d0201197a08d9%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%220aae0056-c131-47ca-b166-3919d9b61024%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22503f496e9a9be6b%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%22985e5aed-7d4f-4b5a-882f-235852546ba8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22515a577d6a7cebb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%224bf0a307-c3e3-4200-835e-52fc65716693%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2252693192185f66e%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22e33df296-a2f3-43fe-ac92-65b90d5a6a82%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22534b6fb4f012845%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%229972f6d7-b57c-452f-8e59-4adfa48e8383%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 36f7e313f7f6c6362bdfbb3ed4f0823c08dc323113c048270da3f3841bd2a657 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 5003 Redirect headers date Wed, 22 Apr 2020 23:57:11 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2266fa28ce9307e48%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249d0201197a08d9%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%220aae0056-c131-47ca-b166-3919d9b61024%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22503f496e9a9be6b%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%22985e5aed-7d4f-4b5a-882f-235852546ba8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%22515a577d6a7cebb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%224bf0a307-c3e3-4200-835e-52fc65716693%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2252693192185f66e%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22e33df296-a2f3-43fe-ac92-65b90d5a6a82%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22534b6fb4f012845%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%229972f6d7-b57c-452f-8e59-4adfa48e8383%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 455 B	26ms 26ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.253 , Germany, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://adsrt.org cache-control no-cache, no-transform access-control-allow-credentials true content-type application/json access-control-allow-headers Content-Type, Origin, Referer, User-Agent, x-ak-clientip
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	89ms 38ms	Script application/javascript	185.86.137.114 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26300&async=1&visit=m&tmstp=3748343704&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,26976,1,adshort.tech,adshort.tech Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip x-smrt-d 3%3b10%3b150 vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache, no-store content-type application/javascript; charset=utf-8 content-length 140 expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	127ms 59ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=2&fi=0 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 22 Apr 2020 23:57:11 GMT Server nginx X-IPLB-Instance 20685 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	304ms 253ms	Script application/javascript	185.86.137.114 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26328&async=1&visit=s&tmstp=3748343704&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&noadcbk=sas.noad Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash fb028f8534028ebf229451fa3c7d42e2848522b054fe5913f5b0df8ead47129c Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:11 GMT content-encoding gzip x-smrt-d 3%3b5%3b147 vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache, no-store content-type application/javascript; charset=utf-8 content-length 140 expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	111ms 34ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=6&fi=0 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 22 Apr 2020 23:57:11 GMT Server nginx X-IPLB-Instance 20688 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tbframe.js Show response cdn.taboola.com/shared/ Frame 24A6	14 KB 4 KB	27ms 27ms	Script application/x-javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/shared/tbframe.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq content-encoding gzip etag "0c6cdb6c2f89bf98124c3679a3412fb6" age 12968 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 3897 x-amz-id-2 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY= x-served-by cache-fra19124-FRA last-modified Thu, 14 Apr 2016 14:04:36 GMT server AmazonS3 x-timer S1587599832.960429,VS0,VE0 date Wed, 22 Apr 2020 23:57:11 GMT vary Accept-Encoding x-amz-request-id 594074B13CFB3805 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/x-javascript abp 77 x-cache-hits 1375
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/themonetizer-network/ Frame 062A	695 KB 173 KB	28ms 28ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/shared/tbframe.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software obaker.284.1.1-10.71.1 / Resource Hash 5c55302943d4b71160afbb27130e9d72890d838cd18f8a15af56d49396e7c3c0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id hJLy5fB6wxv_hEOyLA0fq3W07IWhiRj0 content-encoding gzip etag "d78beda688c42083abe0874f632776f95dcd5615" age 10180 x-cache HIT status 200 content-length 176439 x-amz-id-2 LPgHsdMnaJUEOHSGp4IMoF47/3Q9VXzkTIO8nVfl+pQG0HsLckIzI7NXr8TxdnjaUslKK/ANm9I= x-served-by cache-fra19124-FRA x-from-cache 1 access-control-allow-origin * last-modified Wed, 22 Apr 2020 15:07:06 UTC server obaker.284.1.1-10.71.1 x-timer S1587599832.011641,VS0,VE1 date Wed, 22 Apr 2020 23:57:12 GMT vary Accept-Encoding, Accept-Encoding x-amz-request-id D5F86886EC7B33F2 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 17 x-cache-hits 1
GET H2	200	impl.20200422-3-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 062A	435 KB 124 KB	27ms 27ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200422-3-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2d6de7087497694dc59573d0cf075617db33cba63af968d826b07bfbf00f9c27 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id HYpxUCtOTdl5ZapcErRDIBkfbEWE3qgk content-encoding gzip etag "750ac5e700f7e2488a1b249f8c23eab3" age 109 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 126624 x-amz-id-2 9kzUJbHCVApAsr3+CPZ5ZRyLQPRooriAvtGHqzSScIKi/pA3I7vNkUHoBNyPmiQ9zh2akrAWYZU= x-served-by cache-fra19124-FRA last-modified Wed, 22 Apr 2020 07:38:45 GMT server AmazonS3 x-timer S1587599832.241850,VS0,VE0 date Wed, 22 Apr 2020 23:57:12 GMT vary Accept-Encoding x-amz-request-id 04E3AE7F9822F3AD via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 77 x-cache-hits 209
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/ Frame 062A	1 KB 1 KB	68ms 20ms	Script application/x-javascript	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:12 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Thu, 23 Apr 2020 23:57:12 GMT
GET H2	200	tr5 cdn.taboola.com/libtrc/ Frame 062A	3 B 94 B	35ms 35ms	Image text/html	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/tr5?abgroup=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:12 GMT via 1.1 varnish server Varnish x-timer S1587599832.242871,VS0,VE0 x-served-by cache-fra19124-FRA x-cache HIT content-type text/html status 200 cache-control private,max-age=14400 accept-ranges bytes content-length 3 retry-after 0 x-cache-hits 0
GET H2	200	json Show response trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/ Frame 062A	31 B 385 B	95ms 35ms	Script text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/json?tim=01%3A57%3A12.509&lti=trccache_vB_var&data=%7B%22id%22%3A416%2C%22ii%22%3A%22%2Frwhlr2ho%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1587599832506%2C%22cv%22%3A%2220200422-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A2468%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22285309-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22285309-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22trccache_vB_var%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20200422-3-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 16 date Wed, 22 Apr 2020 23:57:12 GMT content-encoding gzip access-control-allow-origin * x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 x-served-by cache-hhn4046-HHN server nginx x-timer S1587599833.580189,VS0,VE16 vary Accept-Encoding content-type text/plain;charset=utf-8 via 1.1 varnish access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Frame 062A Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9=	0 248 B	20ms 20ms	Image text/plain	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:12 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599832560&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= Pragma no-cache Date Wed, 22 Apr 2020 23:57:12 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame 062A	0 56 B	22ms 22ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=01%3A57%3A12.607&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=1761&cv=20200422-3-RELEASE&lt=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 22 Apr 2020 23:57:12 GMT via 1.1 varnish server Varnish x-timer S1587599833.618867,VS0,VE0 x-served-by cache-hhn4046-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame 062A	0 89 B	19ms 19ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=01%3A57%3A12.608&type=error&msg=loadRBox%20failed%2C%20aborting.&id=4481&cv=20200422-3-RELEASE&lt=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 22 Apr 2020 23:57:12 GMT via 1.1 varnish server Varnish x-timer S1587599833.618847,VS0,VE0 x-served-by cache-hhn4046-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0
GET H/1.1	200	12.json Show response id5-sync.com/g/v1/	131 B 438 B	64ms 21ms	XHR text/json	54.36.109.156 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent= Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.156 , Germany, ASN16276 (OVH, FR), Reverse DNS p07.id5-sync.com Software / Resource Hash d172b1e8eb1636d77cc74345403b3c1e5408411710c42144121ed0b4e4ab465d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://adsrt.org Date Wed, 22 Apr 2020 23:57:14 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type text/json;charset=utf-8
GET H2	200	/ onetag-sys.com/usync/ Frame CCE6	0 0	23ms 22ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1587599831667 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.253 , Germany, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1587599831667 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame D871	0 0	122ms 29ms	Document text/html	23.213.164.226 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.226 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-226.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://adsrt.org/rWhLR2ho Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers Server nginx/1.13.10 Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Thu, 22 Apr 2021 23:57:14 GMT Date Wed, 22 Apr 2020 23:57:14 GMT Connection keep-alive
GET H2	200	sync eb2.3lift.com/ Frame 36E5 Redirect Chain https://eb2.3lift.com/sync? https://eb2.3lift.com/sync?&ld=1	0 0	24ms 24ms	Document text/html	18.194.15.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?&ld=1 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.15.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-15-109.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync?&ld=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsrt.org/rWhLR2ho accept-encoding gzip, deflate, br accept-language en-US cookie tluid=13132816014432729370 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://adsrt.org/rWhLR2ho Response headers status 200 date Wed, 22 Apr 2020 23:57:14 GMT content-type text/html; charset=utf-8 content-length 457 set-cookie sync=CgoIgQIQ7v3LopouCgoIoQEQ7v3LopouCgoI4gEQ7v3LopouCgoI5gEQ7v3LopouCgoI1gEQ7v3LopouCgkIOhDu_cuimi4KCQgLEO79y6KaLgoKCM4BEO79y6KaLgoJCF8Q7v3LopouCgkIHxDu_cuimi4=; Max-Age=7776000; Expires=Tue, 21 Jul 2020 23:57:14 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=13132816014432729370; Max-Age=7776000; Expires=Tue, 21 Jul 2020 23:57:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate Redirect headers status 302 date Wed, 22 Apr 2020 23:57:14 GMT content-length 0 set-cookie tluid=13132816014432729370; Max-Age=7776000; Expires=Tue, 21 Jul 2020 23:57:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure location /sync?&ld=1 cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	match ice.360yield.com/ Redirect Chain https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAA... https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIv... https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588809434&external_user_id=5958373852302547771	43 B 424 B	36ms 34ms	Image image/gif	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588809434&external_user_id=5958373852302547771 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:14 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Wed, 22 Apr 2020 23:57:14 GMT server nginx status 302 location https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588809434&external_user_id=5958373852302547771 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-length 0 expires -1
GET H2	200	match match.360yield.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lROa5j_fSOCi6kIlwzPgag&google_cm&publisher_dsp_id=340 https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lROa5j_fSOCi6kIlwzPgag&google_cm=&publisher_dsp_id=340&google_tc= https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEUaegGbIljDTzG12sUgGEU&google_cver=1	43 B 435 B	40ms 30ms	Image image/gif	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEUaegGbIljDTzG12sUgGEU&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:14 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Wed, 22 Apr 2020 23:57:14 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEUaegGbIljDTzG12sUgGEU&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match ice.360yield.com/ Redirect Chain https://id5-sync.com/match?publisher_user_id=95139ae6-3fdf-48e0-a2ea-4225c333e06a&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&publisher_red... https://id5-sync.com/c/124/124/1/1.gif?puid=95139ae6-3fdf-48e0-a2ea-4225c333e06a&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://id5-sync.com/c/124/101/0/2.gif?puid=f8589e5a-2cab-4c71-92e8-baf7b76e22f2&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOftG4M4nJi6VhIP69xpbiqjfybr0xlZ2SYEkrIQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA	43 B 526 B	57ms 56ms	Image image/gif	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOftG4M4nJi6VhIP69xpbiqjfybr0xlZ2SYEkrIQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:15 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers Location https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOftG4M4nJi6VhIP69xpbiqjfybr0xlZ2SYEkrIQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA Date Wed, 22 Apr 2020 23:57:14 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&google_tc= https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEKp0pQKr9SjCUxVwOzaaX8M&google_cver=1	43 B 435 B	32ms 30ms	Image image/gif	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEKp0pQKr9SjCUxVwOzaaX8M&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:14 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Wed, 22 Apr 2020 23:57:14 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEKp0pQKr9SjCUxVwOzaaX8M&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 374 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match ice.360yield.com/ul_cb/ Redirect Chain https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ice.360yield.com/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA https://ice.360yield.com/ul_cb/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA	43 B 424 B	30ms 29ms	Image image/gif	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/ul_cb/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 22 Apr 2020 23:57:14 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers status 302 date Wed, 22 Apr 2020 23:57:14 GMT content-type text/plain content-length 0 location https://ice.360yield.com:443/ul_cb/match?external_user_id=8236676402928235124&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyPQIvCLAAAENDG-AAAAvTAAA p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 706 B	23ms 22ms	XHR application/json	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:21 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80 AN-X-Request-Uuid d32bbff4-cd50-4ee8-a6f9-e9d41716d7bc Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	626 B 659 B	13ms 13ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=2&formatid=26300&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 98d4f89d585f764107590b17475cf4924ae326babd0bf3d0646b18ed54874375 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:19 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 428 expires Thu, 23 Apr 2020 23:57:11 GMT
GET H2	200	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	3 KB 2 KB	29ms 29ms	XHR application/json	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d94dcc2ce388d%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22972f882e-76fd-4191-afee-5a1e3deb0785%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 5ee7a9c75f46878ffb956f721e132ef0d9bfeecab2f8410368db6b49e5501a9b Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:19 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 1779 Redirect headers date Wed, 22 Apr 2020 23:57:19 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%229257d71f8ddf4fb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d94dcc2ce388d%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22972f882e-76fd-4191-afee-5a1e3deb0785%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 455 B	23ms 23ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.253 , Germany, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://adsrt.org cache-control no-cache, no-transform access-control-allow-credentials true content-type application/json access-control-allow-headers Content-Type, Origin, Referer, User-Agent, x-ak-clientip
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/	2 B 152 B	15ms 15ms	XHR text/plain	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/ROS?rnd=0.2513751910706328&e=26300%3A300x250&ur=https%253A%252F%252Fadsrt.org%252FrWhLR2ho&r=pbjs&pbv=2.44.5&ncb=1&vs=F&crs=UTF-8&fr=https%253A%252F%252Fadsrt.org%252FrWhLR2ho& Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 22 Apr 2020 23:57:19 GMT server openresty status 200 content-type text/plain access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-length 2 x-sid AMS-606
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 274 B	21ms 21ms	XHR application/json	35.158.181.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.5&referrer=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&tmax=3000 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.181.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-181-243.eu-central-1.compute.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:19 GMT x-auction-status 12 status 200 content-type application/json; charset=utf-8 access-control-allow-origin https://adsrt.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	34ms 34ms	Script application/javascript	185.86.137.114 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26300&async=1&visit=s&tmstp=3748343704&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,26976,1,adshort.tech,adshort.tech Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 22 Apr 2020 23:57:18 GMT content-encoding gzip x-smrt-d 3%3b13%3b112 vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache, no-store content-type application/javascript; charset=utf-8 content-length 140 expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	38ms 37ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=2&fi=1 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 22 Apr 2020 23:57:19 GMT Server nginx X-IPLB-Instance 20685 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tbframe.js Show response cdn.taboola.com/shared/ Frame 8A8C	14 KB 4 KB	27ms 27ms	Script application/x-javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/shared/tbframe.js Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq content-encoding gzip etag "0c6cdb6c2f89bf98124c3679a3412fb6" age 12975 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 3897 x-amz-id-2 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY= x-served-by cache-fra19124-FRA last-modified Thu, 14 Apr 2016 14:04:36 GMT server AmazonS3 x-timer S1587599839.281300,VS0,VE0 date Wed, 22 Apr 2020 23:57:19 GMT vary Accept-Encoding x-amz-request-id 594074B13CFB3805 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/x-javascript abp 77 x-cache-hits 1377
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/themonetizer-network/ Frame F2EF	695 KB 173 KB	28ms 28ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/shared/tbframe.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software obaker.284.1.1-10.71.1 / Resource Hash 5c55302943d4b71160afbb27130e9d72890d838cd18f8a15af56d49396e7c3c0 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id hJLy5fB6wxv_hEOyLA0fq3W07IWhiRj0 content-encoding gzip etag "d78beda688c42083abe0874f632776f95dcd5615" age 10187 x-cache HIT status 200 content-length 176439 x-amz-id-2 LPgHsdMnaJUEOHSGp4IMoF47/3Q9VXzkTIO8nVfl+pQG0HsLckIzI7NXr8TxdnjaUslKK/ANm9I= x-served-by cache-fra19124-FRA x-from-cache 1 access-control-allow-origin * last-modified Wed, 22 Apr 2020 15:07:06 UTC server obaker.284.1.1-10.71.1 x-timer S1587599839.332971,VS0,VE0 date Wed, 22 Apr 2020 23:57:19 GMT vary Accept-Encoding, Accept-Encoding x-amz-request-id D5F86886EC7B33F2 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 17 x-cache-hits 2
GET H2	200	impl.20200422-3-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame F2EF	435 KB 124 KB	27ms 27ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200422-3-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2d6de7087497694dc59573d0cf075617db33cba63af968d826b07bfbf00f9c27 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id HYpxUCtOTdl5ZapcErRDIBkfbEWE3qgk content-encoding gzip etag "750ac5e700f7e2488a1b249f8c23eab3" age 116 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 126624 x-amz-id-2 9kzUJbHCVApAsr3+CPZ5ZRyLQPRooriAvtGHqzSScIKi/pA3I7vNkUHoBNyPmiQ9zh2akrAWYZU= x-served-by cache-fra19124-FRA last-modified Wed, 22 Apr 2020 07:38:45 GMT server AmazonS3 x-timer S1587599839.383856,VS0,VE0 date Wed, 22 Apr 2020 23:57:19 GMT vary Accept-Encoding x-amz-request-id 04E3AE7F9822F3AD via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 77 x-cache-hits 227
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/ Frame F2EF	1 KB 1 KB	20ms 20ms	Script application/x-javascript	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 23:57:19 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Thu, 23 Apr 2020 23:57:19 GMT
GET H2	200	tr5 cdn.taboola.com/libtrc/ Frame F2EF	3 B 166 B	30ms 30ms	Image text/html	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/tr5?abgroup=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 23:57:19 GMT via 1.1 varnish server Varnish x-timer S1587599839.384927,VS0,VE0 x-served-by cache-fra19124-FRA x-cache HIT content-type text/html status 200 cache-control private,max-age=14400 accept-ranges bytes content-length 3 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Frame F2EF Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9=	0 248 B	34ms 33ms	Image text/plain	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Apr 2020 23:57:19 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587599839393&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FrWhLR2ho&c9= Pragma no-cache Date Wed, 22 Apr 2020 23:57:19 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/ Frame F2EF	31 B 131 B	43ms 42ms	Script text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/json?tim=01%3A57%3A19.707&lti=trccache_vB_var&data=%7B%22id%22%3A440%2C%22ii%22%3A%22%2Frwhlr2ho%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1587599832506%2C%22cv%22%3A%2220200422-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadsrt.org%2FrWhLR2ho%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A2468%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22285309-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22285309-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22trccache_vB_var%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20200422-3-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 16 date Wed, 22 Apr 2020 23:57:19 GMT content-encoding gzip access-control-allow-origin * x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 x-served-by cache-hhn4046-HHN server nginx x-timer S1587599840.717768,VS0,VE16 vary Accept-Encoding content-type text/plain;charset=utf-8 via 1.1 varnish access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame F2EF	0 54 B	20ms 19ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=01%3A57%3A19.763&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=2511&cv=20200422-3-RELEASE&lt=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 22 Apr 2020 23:57:19 GMT via 1.1 varnish server Varnish x-timer S1587599840.775144,VS0,VE0 x-served-by cache-hhn4046-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame F2EF	0 54 B	19ms 19ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=01%3A57%3A19.764&type=error&msg=loadRBox%20failed%2C%20aborting.&id=4756&cv=20200422-3-RELEASE&lt=trccache_vB_var Requested by Host: adsrt.org URL: https://adsrt.org/rWhLR2ho Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/rWhLR2ho User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 22 Apr 2020 23:57:19 GMT via 1.1 varnish server Varnish x-timer S1587599840.775201,VS0,VE0 x-served-by cache-hhn4046-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

id5-sync.com

URL

https://id5-sync.com/c/12/112/2/8.gif?puid=36D81176D909B4E3&gdpr=1&gdpr_consent=