tonerrefillsnow.tripod.com Open in urlscan Pro
209.202.252.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tonerrefillsnow.tripod.com/samsung/176.html
Submission: On December 08 via api (December 8th 2024, 10:05:49 am UTC) from US — Scanned from CA

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 49 domains to perform 141 HTTP transactions. The main IP is 209.202.252.105, located in United States and belongs to LYCOS, US. The main domain is tonerrefillsnow.tripod.com.
TLS certificate: Issued by R11 on October 31st 2024. Valid for: 3 months.

This is the only time tonerrefillsnow.tripod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	209.202.252.105 209.202.252.105	6354 (LYCOS) (LYCOS)
2	209.202.254.12 209.202.254.12	6354 (LYCOS) (LYCOS)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
5	68.71.249.118 68.71.249.118	46562 (PERFORMIVE) (PERFORMIVE)
9	2606:4700:20:... 2606:4700:20::681a:36b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::681a:233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	207.65.32.82 207.65.32.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	207.65.37.182 207.65.37.182	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
1 1	69.173.154.8 69.173.154.8	26667 (RUBICONPR...) (RUBICONPROJECT)
10	34.203.84.81 34.203.84.81	14618 (AMAZON-AES) (AMAZON-AES)
1	209.202.254.90 209.202.254.90	6354 (LYCOS) (LYCOS)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:30d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:201... 2600:9000:201e:ae00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.171.100.22 3.171.100.22	16509 (AMAZON-02) (AMAZON-02)
1 18	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.76.93 18.67.76.93	16509 (AMAZON-02) (AMAZON-02)
1	51.222.39.185 51.222.39.185	16276 (OVH OVH SAS) (OVH OVH SAS)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	147.75.195.55 147.75.195.55	54825 (PACKET) (PACKET)
2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	27630 (AS-XFERNET) (AS-XFERNET)
2 5	172.98.26.245 172.98.26.245	399668 (E-PLANNING-) (E-PLANNING-)
2	206.189.255.194 206.189.255.194	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	18.154.227.93 18.154.227.93	16509 (AMAZON-02) (AMAZON-02)
1	35.245.40.102 35.245.40.102	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd)
3	54.90.133.190 54.90.133.190	14618 (AMAZON-AES) (AMAZON-AES)
3	51.222.39.187 51.222.39.187	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a00b... 2620:100:a00b::30	19750 (AS-CRITEO) (AS-CRITEO)
1	23.62.165.92 23.62.165.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.106.140.19 185.106.140.19	7979 (SERVERS-COM) (SERVERS-COM)
1	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.228.175.96 34.228.175.96	14618 (AMAZON-AES) (AMAZON-AES)
4 5	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	74.214.194.131 74.214.194.131	19189 (PULSEPOINT) (PULSEPOINT)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	198.8.71.130 198.8.71.130	54312 (ROCKETFUEL) (ROCKETFUEL)
141	45

15 209.202.252.105 (United States)

ASN6354 (LYCOS, US)
PTR: tripod.lycos.co.uk

tonerrefillsnow.tripod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.202.254.12 (United States)

ASN6354 (LYCOS, US)
PTR: origin.scripts.lycos.com

scripts.lycos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.71.249.118 (Scarborough, Canada)

ASN46562 (PERFORMIVE, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:36b (United States)

ASN13335 (CLOUDFLARENET, US)

platform.bidgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imp9.bidgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:233 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prplads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.87 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.32.82 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.157 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.182 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f350:3:2569:0:10:0:d (United States) 2 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.154.8 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.203.84.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-84-81.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.202.254.90 (United States)

ASN6354 (LYCOS, US)
PTR: lycos.kr

sp-log.lycos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:30d7 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:201e:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.171.100.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-100-22.iad12.r.cloudfront.net

cdn.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.64.146.152 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-93.iad89.r.cloudfront.net

hb.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.98.26.245 (Ashburn, United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.255.194 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.227.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-93.iad55.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.245.40.102 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.40.245.35.bc.googleusercontent.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Cyprus)

ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.90.133.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-133-190.compute-1.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.39.187 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::30 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.165.92 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-92.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.140.19 (Netherlands)

ASN7979 (SERVERS-COM, US)

s3.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.228.175.96 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-175-96.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.131 (Amsterdam, Netherlands) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 872 cd.connatix.com — Cisco Umbrella Rank: 4528 cds.connatix.com — Cisco Umbrella Rank: 4423 vid.connatix.com — Cisco Umbrella Rank: 5498 ins.connatix.com — Cisco Umbrella Rank: 5804	409 KB
15	tripod.com tonerrefillsnow.tripod.com	79 KB
11	purpleads.io api.purpleads.io — Cisco Umbrella Rank: 87515 cdn.purpleads.io — Cisco Umbrella Rank: 334833	25 KB
10	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	211 KB
9	bidgear.com platform.bidgear.com — Cisco Umbrella Rank: 34678 imp9.bidgear.com — Cisco Umbrella Rank: 38735	8 KB
7	sonobi.com 2 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915 apex.go.sonobi.com — Cisco Umbrella Rank: 3131	6 KB
6	prplads.com cdn.prplads.com — Cisco Umbrella Rank: 135847	232 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	2 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 450 mug.criteo.com — Cisco Umbrella Rank: 3746 bidder.criteo.com — Cisco Umbrella Rank: 949	2 KB
5	e-planning.net 2 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 12961	4 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 3460 mp.4dex.io — Cisco Umbrella Rank: 2752	22 KB
5	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 684 image2.pubmatic.com — Cisco Umbrella Rank: 886 image4.pubmatic.com — Cisco Umbrella Rank: 1437	3 KB
5	udmserve.net udmserve.net — Cisco Umbrella Rank: 3941	6 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	2 KB
3	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3670	1 KB
3	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1527	2 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 788	3 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059	10 KB
3	lycos.com scripts.lycos.com — Cisco Umbrella Rank: 441158 sp-log.lycos.com — Cisco Umbrella Rank: 687444	3 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 665	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 961	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717	989 B
2	adxpremium.services s3.adxpremium.services — Cisco Umbrella Rank: 37281	297 B
2	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2860	2 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	1 KB
2	adxbid.info adxbid.info — Cisco Umbrella Rank: 27153	318 KB
2	casalemedia.com 1 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 495	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 972	18 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 846	734 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2478	1 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1618	239 B
1	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 16574	189 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3983	713 B
1	openx.net pa.openx.net — Cisco Umbrella Rank: 3484
1	360yield.com hb.360yield.com — Cisco Umbrella Rank: 8081
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	1 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 506 fonts.googleapis.com Failed	145 KB
1	googlesyndication.com 84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com
1	rubiconproject.com 1 redirects pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 6326	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 332	33 KB
0	id5-sync.com Failed id5-sync.com Failed
0	adtelligent.com Failed ghb.adtelligent.com Failed
0	popin.cc Failed api.popin.cc Failed
0	heirem-art.de Failed heirem-art.de Failed
0	underdog.media Failed bid.underdog.media Failed
0	tonerrefillsnow.com Failed www.tonerrefillsnow.com Failed
141	49

	Domain	Requested by
15	tonerrefillsnow.tripod.com	tonerrefillsnow.tripod.com
10	cds.connatix.com	cd.connatix.com cds.connatix.com
10	api.purpleads.io	cdn.prplads.com cdn.purpleads.io
8	securepubads.g.doubleclick.net	www.googletagservices.com tonerrefillsnow.tripod.com platform.bidgear.com securepubads.g.doubleclick.net imasdk.googleapis.com
6	capi.connatix.com	1 redirects tonerrefillsnow.tripod.com cds.connatix.com
6	cdn.prplads.com	platform.bidgear.com cdn.prplads.com cdn.purpleads.io
6	platform.bidgear.com	scripts.lycos.com platform.bidgear.com tonerrefillsnow.tripod.com
5	pixel.tapad.com	4 redirects blank
5	pbjs.e-planning.net	2 redirects tonerrefillsnow.tripod.com cdn.prplads.com
5	sync.go.sonobi.com	2 redirects blank
5	udmserve.net	scripts.lycos.com tonerrefillsnow.tripod.com
4	onetag-sys.com	cdn.prplads.com
4	script.4dex.io	cdn.prplads.com script.4dex.io
3	match.adsrvr.org	3 redirects
3	hb.minutemedia-prebid.com	cdn.prplads.com
3	hb.yellowblue.io	cdn.prplads.com
3	prebid.a-mo.net	cdn.prplads.com
3	image8.pubmatic.com	3 redirects
3	imp9.bidgear.com	platform.bidgear.com tonerrefillsnow.tripod.com
2	bh.contextweb.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	s3.adxpremium.services	adxbid.info
2	mug.criteo.com	blank
2	gum.criteo.com	1 redirects
2	ads.servenobid.com	cdn.prplads.com
2	apex.go.sonobi.com	cdn.prplads.com
2	pixel.quantserve.com	tonerrefillsnow.tripod.com
2	rules.quantcount.com	secure.quantserve.com
2	adxbid.info	platform.bidgear.com adxbid.info
2	ssum-sec.casalemedia.com	1 redirects tonerrefillsnow.tripod.com
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ssl.google-analytics.com	tonerrefillsnow.tripod.com
2	scripts.lycos.com	tonerrefillsnow.tripod.com scripts.lycos.com
1	p.rfihub.com	1 redirects
1	x.bidswitch.net	blank
1	widgets.outbrain.com	blank
1	bidder.criteo.com	adxbid.info
1	mp.4dex.io	cdn.prplads.com
1	ins.connatix.com	cds.connatix.com
1	vid.connatix.com	cds.connatix.com
1	cadmus.script.ac	script.4dex.io
1	prebid-us.creativecdn.com	cdn.prplads.com
1	hb-api.omnitagjs.com	cdn.prplads.com
1	pa.openx.net	cdn.prplads.com
1	hb.360yield.com	cdn.prplads.com
1	cdn.jsdelivr.net	cdn.prplads.com
1	imasdk.googleapis.com	cdn.purpleads.io
1	cd.connatix.com	tonerrefillsnow.tripod.com
1	cdn.purpleads.io	platform.bidgear.com
1	84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sp-log.lycos.com	tonerrefillsnow.tripod.com
1	pixel-us-west.rubiconproject.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	secure.quantserve.com	udmserve.net
1	www.googletagservices.com	tonerrefillsnow.tripod.com
0	fonts.googleapis.com Failed	cdn.prplads.com
0	id5-sync.com Failed	adxbid.info
0	ghb.adtelligent.com Failed	cdn.prplads.com
0	api.popin.cc Failed	cdn.prplads.com
0	heirem-art.de Failed	tonerrefillsnow.tripod.com
0	bid.underdog.media Failed	udmserve.net
0	www.tonerrefillsnow.com Failed	tonerrefillsnow.tripod.com
141	65

This site contains no links.

Subject Issuer	Validity	Valid
tripod.com R11	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.lycos.com R11	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
udmserve.net GlobalSign RSA OV SSL CA 2018	`2024-10-23` - `2025-11-24`	a year	crt.sh
bidgear.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
prplads.com WE1	`2024-11-29` - `2025-02-27`	3 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.purpleads.io Amazon RSA 2048 M02	`2024-08-30` - `2025-09-27`	a year	crt.sh
adxbid.info WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
connatix.com WE1	`2024-10-23` - `2025-01-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
script.4dex.io WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
improvedigital.com Amazon RSA 2048 M02	`2024-02-04` - `2025-03-04`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
pa.openx.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.a-mo.net R11	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
ads.servenobid.com R11	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.yellowblue.io Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M03	`2024-03-09` - `2025-04-08`	a year	crt.sh
capi.connatix.com WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
script.ac E5	`2024-10-19` - `2025-01-17`	3 months	crt.sh
vid.connatix.com WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
ins.connatix.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.e-planning.net R10	`2024-11-20` - `2025-02-18`	3 months	crt.sh
mp.4dex.io WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2024-07-30` - `2025-08-05`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tonerrefillsnow.tripod.com/samsung/176.html
Frame ID: 166A8750D57CF3D559BFB9008BF76EFA
Requests: 96 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F1D9C28C7C31B814B3D0E5ACE5C3D413
Requests: 1 HTTP requests in this frame

Frame: https://84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6ABA73C8EE88B6F2DD51CD1F23F5847D
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Frame ID: D49484FD263EB078E6C79FED8471CB22
Requests: 15 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2024-08-21.js
Frame ID: 6307CE895A055061C30D37C425B3E7F8
Requests: 14 HTTP requests in this frame

Frame: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Frame ID: 6A26AA15A0185E41C0C7FCCB6B39F757
Requests: 1 HTTP requests in this frame

Frame: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Frame ID: 3CAEBB39FAA216400FAB5BFADB76B3B6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: EBA2F40E1AC142F0E46072397C44ECF5
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: E5B02B53188742327E6BC5D9ADDCF3D1
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: A51260A6893D8EE9A5C9C28B5FFDBA97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

141
Requests

84 %
HTTPS

35 %
IPv6

49
Domains

65
Subdomains

45
IPs

5
Countries

1543 kB
Transfer

5563 kB
Size

84
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.13189237 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.13189237 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=4103286286238624210;cb=0.13189237

Request Chain 29

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.13189237 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.13189237&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDQyQkFGMEEtN0UwRi00QzIyLThDNkMtMTRDQzJBMkZGRTU3&gdpr=-1&gdpr_consent=&google_cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEANBUkciUSnWhdKKUwsCWsE&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?cb=0.13189237&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57 HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57

Request Chain 30

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D&s=199174&C=1

Request Chain 31

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bsono%3D%5BUID%5D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.13189237;sono=d6b69711-ed2f-4c2b-b31a-f5b78b38431e

Request Chain 32

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.13189237 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;magid=M4FFTVW9-21-3DOA

Request Chain 80

https://pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=8.43.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html HTTP 302
https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=8.43.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html

Request Chain 102

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=3

Request Chain 108

https://pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=7.22.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vctx=1&vv=3 HTTP 302
https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=7.22.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vctx=1&vv=3

Request Chain 122

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftonerrefillsnow.tripod.com%2F&domain=tonerrefillsnow.tripod.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=nUD_qHxhMUxicnprTlZvTWFKTllEVll6OUdFdWtRLzE4c2xEalFTZzNhRjJ4S3NPbVE3dkR3eVllUHR1MGxISHl1SmFtTzFxb3Ivd3RMRm1pZTBUcnM2OGJrMnh0ZFcrV0JDUGZVNFBqdHJrRlRoTTJIeGJYdk1GTnB6VWZMVWxNWndvR3JyZjZwN0tmQjJFSHpWaVhtdnFZdXE0YzBOWlZjS2QweERiTzVod1ROMGVYdEo2WnpWTVcxRHFjN0ZwSlZHcVBTR0QrNXRldW1jdXRQQnhYZk5keGptWURrTDlEMWQ3SkJ2cGUrY1lXQ2ZMUGZ5ajlxMXp0SzYwVEh3TVpUMndlaitGdDRSTjVIbllDQkdrZlltMU51UT09fA&cppv=2

Request Chain 136

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=

Request Chain 137

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d6b69711-ed2f-4c2b-b31a-f5b78b38431e&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=YVdqQjkyNWdxTU5UN3JfRHhsNUlSdw&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGxbDDNlQS0zzLGbCsGrc-w&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=JM5SDxIL0U8e

Request Chain 138

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=2fc5fedd37&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=2fc5fedd37&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=242bc87b-9a33-4cdf-89ca-f595f1495b08&pubid=2fc5fedd37 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=d6b69711-ed2f-4c2b-b31a-f5b78b38431e HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=d6b69711-ed2f-4c2b-b31a-f5b78b38431e HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=242bc87b-9a33-4cdf-89ca-f595f1495b08&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%2C%2C

Request Chain 139

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808927863420247

141 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 176.html Show response
tonerrefillsnow.tripod.com/samsung/ 28 KB
29 KB 595ms
117ms Document
text/html 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL

https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.202.252.105 , United States, ASN6354 (LYCOS, US),

Reverse DNS

tripod.lycos.co.uk

Software

nginx/1.18.0 /

Resource Hash

7955a710aed162136e93a9fbd0c44413a569b6d32d6ddbf05f43f9966d6f689f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html
Date: Sun, 08 Dec 2024 10:05:19 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: *
X-Frame-Options: SAMEORIGIN
X-Server-IP: 209.202.244.207

GET
H/1.1 200
OK init.js Show response
scripts.lycos.com/catman/ 2 KB
1 KB 488ms
68ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.lycos.com/catman/init.js
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=21600
Content-Encoding: gzip
ETag: "9c0-gzip"
Connection: Keep-Alive
Expires: Sun, 08 Dec 2024 16:05:19 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 927
Date: Sun, 08 Dec 2024 10:05:19 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 01 Sep 2021 17:20:36 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: application/javascript

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 266ms
71ms Script
text/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
age: 4796
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 10:45:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 08:45:23 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 17168
server: Golfe2

GET header.jpg
www.tonerrefillsnow.com/images/ 0
0

GET 176.jpg
www.tonerrefillsnow.com/samsung/images/ 0
0

GET
H/1.1 200
OK check.jpg
tonerrefillsnow.tripod.com/samsung/images/ 135 B
799 B 132ms
128ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/check.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 69f3fb6150cb6272128e49019845f8d52ba81dfc42d4f267f715f00b28545148

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

ETag: "87-439b36b3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Expires: Sun, 15 Dec 2024 10:05:19 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Date: Sun, 08 Dec 2024 10:05:19 GMT
Content-Type: image/jpeg
Vary: *
Last-Modified: Sat, 10 Dec 2005 20:12:35 GMT
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: max-age=604800
X-Server-IP: 209.202.244.204
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 135
Server: nginx/1.18.0

GET
H/1.1 200
OK buy.jpg
tonerrefillsnow.tripod.com/samsung/images/ 1 KB
2 KB 211ms
78ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/buy.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: e1d237b53621dac06f907369c704d779fad317fb69feb8674976b299baa60302

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

ETag: "55f-439b36b3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Expires: Sun, 15 Dec 2024 10:05:19 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Date: Sun, 08 Dec 2024 10:05:19 GMT
Content-Type: image/jpeg
Vary: *
Last-Modified: Sat, 10 Dec 2005 20:12:35 GMT
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: max-age=604800
X-Server-IP: 209.202.244.196
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1375
Server: nginx/1.18.0

GET
H/1.1 200
OK bigiron.jpg
tonerrefillsnow.tripod.com/samsung/images/ 8 KB
9 KB 373ms
164ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/bigiron.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: b2ae0cf13e9e6978c1edbf22aa7dc86a016b81737db2db8378f2e4f8845b9cdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

ETag: "203f-439b36b2"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Expires: Sun, 15 Dec 2024 10:05:19 GMT
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Date: Sun, 08 Dec 2024 10:05:19 GMT
Content-Type: image/jpeg
Vary: *
Last-Modified: Sat, 10 Dec 2005 20:12:34 GMT
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Cache-Control: max-age=604800
X-Server-IP: 209.202.244.202
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8255
Server: nginx/1.18.0

GET
H2 200 shim.jpg
tonerrefillsnow.tripod.com/samsung/images/ 61 B
531 B 336ms
124ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/shim.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: b98e8352fc26b05104c22c81487fa840da1c576c3d5d408ec9a8d2a59956aaf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.199
etag: "3d-439b36b5"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:37 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 dot.jpg
tonerrefillsnow.tripod.com/samsung/images/ 223 B
694 B 577ms
365ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/dot.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 16cc3909bf0a509fd8cfea44faf7f652aeebe20110f82541b9d7534c0bedd7b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.208
etag: "df-439b36b4"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 223
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:36 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 4b.jpg
tonerrefillsnow.tripod.com/samsung/images/ 26 KB
26 KB 461ms
250ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/4b.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 28708f9caca156e6a3fa4a253679538739188e2491773c9be4e77d0994879814

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.210
etag: "679c-439b36b1"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26524
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:33 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 pf.jpg
tonerrefillsnow.tripod.com/samsung/images/ 2 KB
2 KB 197ms
117ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/pf.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: e3cdf3511145a634a3a80144cc639c1ad32c53767deeb058eb44a3df58fe8e0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.193
etag: "662-439b36b4"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1634
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:36 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 iron.jpg
tonerrefillsnow.tripod.com/samsung/images/ 4 KB
5 KB 136ms
135ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/iron.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 66bb29508f737804c7eb1402a0bb9dba2bebedfaa65f7483edcf27cb53f13a7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.199
etag: "1106-47bd1a52"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4358
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Thu, 21 Feb 2008 06:29:38 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 tm.jpg
tonerrefillsnow.tripod.com/samsung/images/ 2 KB
2 KB 123ms
123ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/tm.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: bb4c7217f10a70d2dedfea65574e14e2b6b9acab24e9656506f0381efee4f6cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.192
etag: "7e8-439b36b5"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2024
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:37 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET footer.jpg
www.tonerrefillsnow.com/images/ 0
0

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
410 B 67ms
66ms Image
image/gif 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=632827010&utmhn=tonerrefillsnow.tripod.com&utme=8(member_name)9(tonerrefillsnow)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-ca&utmje=0&utmfl=-&utmdt=Samsung%20ML-6060D6%2C%20Samsung%20ML-1440%2F1450%2F1451%2F6060%20Toner%20Refill%20Kits&utmhid=156403254&utmr=-&utmp=%2Fsamsung%2F176.html&utmht=1733652319404&utmac=UA-21402695-19&utmcc=__utma%3D31113466.2109589721.1733652319.1733652319.1733652319.1%3B%2B__utmz%3D31113466.1733652319.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1844509483&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 10:05:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
server: Golfe2

GET
H/1.1 200
OK memberembedded.js Show response
scripts.lycos.com/catman3/code/tripod.lycos.com/ 3 KB
1 KB 68ms
68ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
Requested by: Host: scripts.lycos.com
URL: https://scripts.lycos.com/catman/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: b93914f0559985baff5a4aaa7c829f941bdc36bef8145a004fb27a0a5d2b9c6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=21600
Content-Encoding: gzip
ETag: "a08-gzip"
Connection: Keep-Alive
Expires: Sun, 08 Dec 2024 16:05:19 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Content-Length: 893
Date: Sun, 08 Dec 2024 10:05:19 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Fri, 12 Jan 2024 20:53:50 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 104 KB
33 KB 248ms
88ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39020513d97ecd24b78c2779cbc87c3d5331634e5145c23d04f77966fd298bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: br
etag: 878 / 20065 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 10:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33475
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 18 KB
3 KB 533ms
117ms Script
application/x-javascript 68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=17754;tid=1;dt=6;
Requested by: Host: scripts.lycos.com
URL: https://scripts.lycos.com/catman/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: 3850e8661319a5d1804f056b57ca749256fe8225e6c1a1fcf0d611073de12fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive
Expires: 0
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: application/x-javascript

GET
H2 200 ads.php Show response
platform.bidgear.com/ 761 B
991 B 230ms
64ms Script
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361
Requested by: Host: scripts.lycos.com
URL: https://scripts.lycos.com/catman/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f927d433bf4a4a3459f9d7996ddc34bc2520fcb2fb5d69fa3af4488a7ab8f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyaHefoQSD2oYOah9pz209%2FPgC1B3nu9sTYRah7khbuJ96qmoW54oM7hce0Y2s81hlP0xxss1c%2FDVx%2BPPD%2F648DttwLeYXVpgRFx4lEId7XI8g5MaXqKT993%2Bp5cxgbgMsqbxo%2F7SbXT9%2FtCo01QeS9f"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefb70ac40f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=15889&min_rtt=15865&rtt_var=4477&sent=5&recv=7&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2318&delivery_rate=256684&cwnd=254&unsent_bytes=0&cid=949da4a7f15b1272&ts=70&x=0"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 497 KB
153 KB 249ms
48ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: br
etag: 6831530709922679929
age: 40650
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 22:47:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 22:47:50 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H2 200 ads.php Show response
platform.bidgear.com/ 2 KB
2 KB 50ms
49ms Script
application/javascript 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17dee119989562177114af49696cc9cedbcd8610efcaf73621ab976d9ee99ee7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9YiNEMhwzcpvxQZg1NZOxJAa4km1AN%2BVRASLiN223F3dnQYEfhtCGOuQjNNqfqBRE%2FnlNp%2BUm2JmvZBYAzslkPgyprhxGePTIMNJgtTVJkBco0bP4rLTacYRLWlx%2BzKFX1K9LDJ0XIYJ9KTe9elRmny"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefb7cb230f5d-EWR
expires: 0
server-timing: cfL4;desc="?proto=TCP&rtt=21042&min_rtt=15761&rtt_var=12863&sent=10&recv=10&lost=0&retrans=0&sent_bytes=5062&recv_bytes=2480&delivery_rate=256684&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=191&x=0"
date: Sun, 08 Dec 2024 10:05:19 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 229ms
46ms Other
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 5636
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 08:31:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 08:31:24 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 175ms
85ms Script
text/javascript 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

018c5fb25a858c19fa7b935dbb2e97ca16b44f65acd7571cf1615eb432b9d49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: br
etag: 20 / 20065 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 10:05:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33476
x-xss-protection: 0
server: cafe

GET
H2 200 agent.js Show response
cdn.prplads.com/ 76 KB
22 KB 255ms
68ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4133815d4895620a9cbf527c3f454055b005eb3b8620e3c0fdee38f4faf094e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "40d73066d67ab868d57b46d4c334cfcd"
age: 2361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ztiaG75xR5jCIY5L7MR2Y47kcI4wihZ6k9c7P22ZcTI8GMNeuRG7EF0gl%2B8Fo0yTfmdLGzj2%2Fqp5vjiJqixm02unkbdBeyK5K%2B%2FFM%2BKqEEGjYgwU0GJEyz8q%2BTIeHAHcQ7KFwVJi3JlDpJqZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=18859&min_rtt=18847&rtt_var=5309&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4020&recv_bytes=2524&delivery_rate=216480&cwnd=254&unsent_bytes=0&cid=65132f25fb40d18b&ts=81&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Sep 2024 08:21:14 GMT
vary: Accept-Encoding
x-amz-id-2: U8bvSEnzZEaxEBuCnDnq4mJ8+W2QN8Zwpy1RzWQpOAu8yHsZBnZqVW+5Fz7cnIUReMJV1TyW8So=
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1Q7WDBS0A5SRWJW8
cf-ray: 8eebefb9be5c447a-EWR
accept-ranges: bytes
content-length: 21970
server: cloudflare

GET
H2 200 load.js Show response
cdn.prplads.com/ 45 KB
12 KB 268ms
82ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/load.js?publisherId=3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f115e3ebae1d56ff453b9a0b671233bb984fa6ca6f7b89a15a5e546e7d5ca6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "92cc94c70d131767c87668c5efff89d3"
age: 509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MjnXLer8dItsTk59BTId2N1S12y8ysjJ5%2Fwzawq48iAB60K9JB9AtKoAdmVFQnMFFNJRtQJd9Lg9rDu2cxmKIO%2BGiGA1iRaaSTTHpOq4eDXOjYIKQhFByPtfzUWQPRTzldx8EoLKcSLPXn7FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=18859&min_rtt=18847&rtt_var=5309&sent=26&recv=7&lost=0&retrans=0&sent_bytes=27202&recv_bytes=2524&delivery_rate=216480&cwnd=254&unsent_bytes=0&cid=65132f25fb40d18b&ts=82&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
last-modified: Wed, 26 Jun 2024 08:53:30 GMT
vary: Accept-Encoding
x-amz-id-2: VpGn4JG+Ywp0YE0Cr9b5Lw6gS1ZeyQR3CShgBbSi1aAwsnWRt1EBgQJjwFkanr+k2H08TVyLCts=
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 438DK20BAY9X9TFW
cf-ray: 8eebefb9be59447a-EWR
accept-ranges: bytes
content-length: 12145
server: cloudflare

GET
H2 200 rec
imp9.bidgear.com/ 0
434 B 94ms
52ms Image
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp9.bidgear.com/rec?t=1&z=7361&uuid=324e7953a0154d1583047c24190d5540&p=128&g=CA&token=33492368ee&tbg=1733652319
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09qtLhcgLp9gU%2BrEa%2Fe8jwaxG3qJ7YRm77xzdoel9yWUzS4tT6noea1vm56oaDRZPDD674CX0zoiS9PGVvRw61fLIND2ROEExrX9zgGmeQLdYQTGuZFtDYOxLFE3jANJaLL2b3yr7zwxx1FI3ZQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefb8bbaa0f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=27429&min_rtt=15761&rtt_var=22269&sent=13&recv=13&lost=0&retrans=0&sent_bytes=6945&recv_bytes=2710&delivery_rate=256684&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=345&x=0"
content-length: 0
date: Sun, 08 Dec 2024 10:05:20 GMT
server: cloudflare

GET udm-r3_v3.4.3.js
bid.underdog.media/ 0
0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 354ms
63ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17754;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Sun, 15 Dec 2024 10:05:20 GMT
accept-ranges: bytes
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.13189237
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.13189237
https://udmserve.net/udm/fetch.pix?dt=1;apnid=4103286286238624210;cb=0.13189237

43 B
612 B

100ms
99ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=4103286286238624210;cb=0.13189237
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Server: 68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=43200
Content-Length: 43
Date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: image/gif
Connection: Keep-Alive

Redirect headers

cache-control: no-store, no-cache, private
location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=4103286286238624210;cb=0.13189237
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.185; 166.0.205.185; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 3def6067-a541-4edc-824e-243a083efe5d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 08 Dec 2024 10:05:20 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDQyQkFGMEEtN0UwRi00QzIyLThDNkMtMTRDQzJBMkZGRTU3&gdpr=-1&gdpr_consent=&google_cm
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEANBUkciUSnWhdKKUwsCWsE&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
https://image4.pubmatic.com/AdServer/SPug?cb=0.13189237&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57
https://udmserve.net/udm/fetch.pix?pmid=042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57

43 B
628 B

101ms
101ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Server: 68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=43200
Content-Length: 43
Date: Sun, 08 Dec 2024 10:05:22 GMT
Content-Type: image/gif
Connection: Keep-Alive

Redirect headers

cache-control: no-store, no-cache, private
location: https://udmserve.net/udm/fetch.pix?pmid=042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 08 Dec 2024 10:05:21 GMT
server: nginx

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D&s=199174&C=1

43 B
341 B

71ms
70ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D&s=199174&C=1
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNIUO8eZuEJuGzHRMnmnWZdK%2F%2BX0bWLFtdrqrEAvjIu1PIxU%2FidgkXD6JCASFepMwUiUfnQ4N5CLU0v39kSfpP20EPkFpirqBHnuhzutgugAmKhJPeCbOVDkDbAXwtw4JqqBYtmorU%2Fi%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbc0966ac58-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bindx%3D&s=199174&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MZrt645B1Ln5uGrSzDLIvLLr4%2BBgQOQ92eRkL3rKln7piiSyi21rympifEllFeCShHtDeEwP5qHubYc0JJ9NopIDvHRWLWl7UYhBmPaIMGTbeyXmpC8bYJpXt8pRehWQt11PNwe1YyZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbb0910ac58-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sun, 08 Dec 2024 10:05:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.13189237%3Bsono%3D%5BUID%5D
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.13189237;sono=d6b69711-ed2f-4c2b-b31a-f5b78b38431e

43 B
628 B

100ms
99ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.13189237;sono=d6b69711-ed2f-4c2b-b31a-f5b78b38431e
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Server: 68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=43200
Content-Length: 43
Date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: image/gif
Connection: Keep-Alive

Redirect headers

cache-control: no-cache, no-store, private
location: https://udmserve.net/udm/fetch.pix?dt=1;cb=0.13189237;sono=d6b69711-ed2f-4c2b-b31a-f5b78b38431e
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.13189237
https://udmserve.net/udm/fetch.pix?dt=1;magid=M4FFTVW9-21-3DOA

43 B
609 B

100ms
100ms

Image
image/gif

68.71.249.118
PERFORMIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;magid=M4FFTVW9-21-3DOA
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Server: 68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: max-age=43200
Content-Length: 43
Date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: image/gif
Connection: Keep-Alive

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Location: https://udmserve.net/udm/fetch.pix?dt=1;magid=M4FFTVW9-21-3DOA
Pragma: no-cache
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
content-length: 0
Content-Type: text/html

GET
H2 200 init Show response
api.purpleads.io/x/ 103 B
341 B 325ms
93ms Fetch
application/json 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1733652320332
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash: 0af17552baaa71e1bc34e64cb3dfe4c4ea1b09d2d04ec9204d7484942f6d64ae

Request headers

Authorization: Bearer 06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Referer: https://tonerrefillsnow.tripod.com/
x-request-url: aHR0cHM6Ly90b25lcnJlZmlsbHNub3cudHJpcG9kLmNvbS9zYW1zdW5nLzE3Ni5odG1s
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
pa-user-id: 830eee69-1530-41a8-b1c9-44815aa72bbb
x-purpleads-version: 4.0.3

Response headers

access-control-expose-headers: pa-user-id
etag: W/"67-CcJt0qMHWKyL2C/UEiCU1N+2ZoY"
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 103
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H2 200 f Show response
api.purpleads.io/x/v2/ 3 KB
2 KB 295ms
63ms Fetch
application/json 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=e6082256dd674ccd9c742d7479145be4&ts=1733652320340
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/load.js?publisherId=3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash: 40e3222f4cfdb7889e996f25c3b617419fd8fd52bd548ef30f706c4f4bfa3438

Request headers

Authorization: Bearer 3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c
Referer: https://tonerrefillsnow.tripod.com/
x-request-url: aHR0cHM6Ly90b25lcnJlZmlsbHNub3cudHJpcG9kLmNvbS9zYW1zdW5nLzE3Ni5odG1s
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
pa-user-id: 830eee69-1530-41a8-b1c9-44815aa72bbb
x-purpleads-version: 3.0.0

Response headers

access-control-expose-headers: pa-user-id
content-encoding: br
etag: W/"c2b-Py7Z8lL9fkkSbkgrHd/JcgdEabQ"
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H2 200 ads.php Show response
platform.bidgear.com/ 760 B
847 B 49ms
47ms Script
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e99116b7e903860c52c8cdf126e9dc973f0429addda202e33c59a2e58365d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWGCY4xtImsPY8Cob6FyI6JOW2Zw6imLPlbNVd9v5musIb3OzgbSa%2BRLLOJKMlDH8vBAc99OuQn5tqFDiOtl2s%2FiGxeP7ARrbxNLm1dQ28vDYnlFyRmqEasqxIR%2BhUstG9B%2F3q%2B7vLYsr%2B0nIynIIs5m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefba3c9e0f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=31947&min_rtt=15761&rtt_var=25738&sent=14&recv=15&lost=0&retrans=0&sent_bytes=7401&recv_bytes=2877&delivery_rate=256684&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=584&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

GET
H/1.1 200
OK tp_cm.gif
sp-log.lycos.com/ 45 B
312 B 409ms
64ms Image
image/gif 209.202.254.90
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-log.lycos.com/tp_cm.gif
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.202.254.90 , United States, ASN6354 (LYCOS, US),
Reverse DNS: lycos.kr
Software: Apache /
Resource Hash: e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

ETag: "2d-572c8204a63ec"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 45
Keep-Alive: timeout=5, max=100
Date: Sun, 08 Dec 2024 10:05:20 GMT
Last-Modified: Mon, 06 Aug 2018 18:05:44 GMT
Content-Type: image/gif
Server: Apache

GET
H2 200 ads.php Show response
platform.bidgear.com/ 760 B
843 B 62ms
61ms Script
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfdce168e67521342feabaae3cc61ad835be09c5c82f92d20c6a76307497926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuJ3Yov%2F2igIKmoGVRApaq2Gm36JGYVMpMI4AanOeoQb50l7XziGrMNFEON2q%2F100vHUiPQIgW12%2FNuy3vBdMDYg5uvXEwf2iWHGV6KdtOe4HSwPC2Kcdc6OAhbIiekdv5KAHI3LVXZwlWF7TFVPml3j"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefba3c9f0f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=31947&min_rtt=15761&rtt_var=25738&sent=17&recv=15&lost=0&retrans=0&sent_bytes=8314&recv_bytes=2877&delivery_rate=256684&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=586&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F1D9 0
0 207ms
51ms Document
text/html 2607:f8b0:4004:c17::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tonerrefillsnow.tripod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 10:05:09 GMT
expires: Sun, 08 Dec 2024 10:55:09 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
471 B 107ms
106ms Fetch
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2021617132931270&correlator=4118598567791808&eid=31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=95963596%2CTRI_300X250_dfp%2CTRI_above_728x90_dfp%2CTRI_below_728x90_dfp&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%2C728x90%2C728x90&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=tonerrefillsnow.tripod.com&abxe=1&dt=1733652320402&adxs=-9%2C-9%2C-9&adys=-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=tycotrain.tripod.com&loc=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vis=1&psz=0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2&ohw=0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733652319083&idt=1267&adks=3436178998%2C403712788%2C1983224266&frm=20&eoidce=1&td=1&egid=32944&tan=f6cae7df-7b82-4bd9-96de-0360f0068b19%2Cf6cae7df-7b82-4bd9-96de-0360f0068b1a%2Cf6cae7df-7b82-4bd9-96de-0360f0068b1b&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c32af5a125d37e9343effdfddca36e82f6f99034d878bca5ae74dc04006e387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2,-2,-2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 441
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 800 B
413 B 345ms
344ms Fetch
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2021617132931270&correlator=4118598567791808&eid=31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22387492205%3A22680852361%2Ctycotrain.tripod.com.Banner0.1683789437&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100%7C728x90&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=tonerrefillsnow.tripod.com&abxe=1&dt=1733652320411&adxs=650&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=tycotrain.tripod.com&loc=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733652319083&idt=1267&adks=3504133626&frm=20&eoidce=1&td=1&egid=32944&tan=f6cae7df-7b82-4bd9-96de-0360f0068b1c&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684723a6d2eb89b2d3265238546e86bc086777b456c21bdbc2835ec512dc34f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 382
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6ABA 0
0 242ms
51ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tonerrefillsnow.tripod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 10:05:20 GMT
expires: Sun, 08 Dec 2024 10:05:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 init
api.purpleads.io/x/ Frame 0
0 364ms
121ms Preflight 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1733652320332
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://tonerrefillsnow.tripod.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sun, 08 Dec 2024 10:05:20 GMT

OPTIONS
H2 200 f
api.purpleads.io/x/v2/ Frame 0
0 357ms
122ms Preflight 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=e6082256dd674ccd9c742d7479145be4&ts=1733652320340
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://tonerrefillsnow.tripod.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sun, 08 Dec 2024 10:05:20 GMT

GET
H2 200 ads.php Show response
platform.bidgear.com/ 1 KB
1 KB 50ms
50ms Script
application/javascript 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?zoneid=7638&domainid=6586&sizeid=9&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d7140f6f1f14fc2c203b7dc8faecfaa9f626a338f1aaad9dfa00fb2c5de4d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPFprCfE5FXs1GOLNPOl8OfwrOSYbonkGSqKmkXbqfYGC5bltxh6d8CJfJJFKO3ibw1HP57gSyfcGn1GlncXy4yE2akgR8P4BkwhFuJ7Rge4oTlE6HYWOL4nQXq87d2Hjdiu70GChM%2FmMNkiNw0dMcza"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbb0d580f5d-EWR
expires: 0
server-timing: cfL4;desc="?proto=TCP&rtt=28166&min_rtt=15751&rtt_var=21033&sent=20&recv=18&lost=0&retrans=0&sent_bytes=9223&recv_bytes=3007&delivery_rate=457912&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=708&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 tripodcomdynamic.js Show response
adxbid.info/ 534 KB
159 KB 196ms
48ms Script
application/javascript 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/tripodcomdynamic.js
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7638&domainid=6586&sizeid=9&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade1b0e98dc064de5efda19607e67f734023515fd424d91d2215dee8e4ee8d53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

server: cloudflare
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 5733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCII2l1WyMtWl%2FRgjT%2B1wiszezT%2F5QrgrRTvO4fNAHoDreQAiDbNkBGWNhuTI3RXMGSskiZuR1Mebkyzi6t2yZJS6J3SJLPcEaco1YCYwzv9K5WhLh06qrnPGSFjF%2B8QiUgrczsTB6ibqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbc4d1f0f46-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38241&min_rtt=38229&rtt_var=14359&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4099&recv_bytes=4183&delivery_rate=81083&cwnd=12000&unsent_bytes=0&cid=caac9b5b5f8d3ef8&ts=57&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 10:40:26 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H2 200 rec
imp9.bidgear.com/ 0
492 B 46ms
45ms Image
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp9.bidgear.com/rec?t=1&z=7638&uuid=e1250caf586d4daf87d757824bb48502&p=128&g=CA&token=88cd982dae&tbg=1733652320
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4fG7AmQJgHUnOHygBIukePS7sLI75EAq9p9sk1%2FQqClZZbrlQ2nCdmCkbQkpnHmNLBAJuovPb78NltTlalxtC0NY8Lc2pHbUs%2FUFeKnSzy%2Bnq8WqYALhPC7SepKFO9DOAMQH54UMkbqXDneo9U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbb5d970f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=26629&min_rtt=15751&rtt_var=18850&sent=23&recv=20&lost=0&retrans=0&sent_bytes=10440&recv_bytes=3128&delivery_rate=457912&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=759&x=0"
content-length: 0
date: Sun, 08 Dec 2024 10:05:20 GMT
server: cloudflare

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 801 B
404 B 542ms
542ms Fetch
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2021617132931270&correlator=4118598567791808&eid=31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22387492205%3A22680852361%2Ctycotrain.tripod.com.Banner0.1683626824&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C320x280%7C336x280%7C360x300&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=tonerrefillsnow.tripod.com&abxe=1&dt=1733652320524&adxs=394&adys=12&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=tycotrain.tripod.com&loc=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vis=1&psz=336x-1&msz=250x-1&fws=4&ohw=336&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733652319083&idt=1267&adks=3512432953&frm=20&eoidce=1&td=1&egid=32944&tan=f6cae7df-7b82-4bd9-96de-0360f0068b1d&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0c6cb57980bad7765cfdab5fab06b8ab917bb9e0b58a137946832358e085ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 373
x-xss-protection: 0
server: cafe

GET
H2 200 ads.php Show response
platform.bidgear.com/ 2 KB
1 KB 64ms
64ms Script
application/javascript 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.bidgear.com/ads.php?zoneid=7226&domainid=6586&sizeid=2&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86f38fffc7973d220afa405eb55afc60081d9f6add8690af3331e6a8de32778

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACHmsYCub7ggkGLtiLEqSME6DWZuGSG6l3TH9X%2FyxMLbsnTBEoCSVV%2Fo527l%2FXkW29ZfZgrMvIKldm9e%2FQLd39HJUlUeWxWAg0I1TliWv0%2FFwi6oMc64T3%2F44hTXKrwo%2FPTkmQ7DusjN1TMxinyRw%2F5E"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbb8db70f5d-EWR
expires: 0
server-timing: cfL4;desc="?proto=TCP&rtt=25322&min_rtt=15751&rtt_var=16751&sent=24&recv=21&lost=0&retrans=0&sent_bytes=10954&recv_bytes=3258&delivery_rate=457912&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=785&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 160 B
633 B 551ms
67ms Script
application/javascript 2600:9000:201e:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

etag: "435cbd9bc4b3440e866ad1f4f7d1ef02"
age: 3213
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 6Lgsc4moss777xk_6D16OBf685-_r_vAYE8ZTgYRidXDhQRgUVjOhA==
date: Sun, 08 Dec 2024 09:11:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 22:21:01 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160
x-amz-cf-pop: IAD89-C3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 160 B
632 B 551ms
67ms Script
application/javascript 2600:9000:201e:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

etag: "eee1bd1fc55b604b66cd9e63c4f811b8"
age: 338
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: _XzbSWvNhtEUX1t3g7QbIZw2jT8va5ebrJPXA6NIrPMotQ5DA99phw==
date: Sun, 08 Dec 2024 09:59:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 23:00:33 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160
x-amz-cf-pop: IAD89-C3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 video-agent.js Show response
cdn.purpleads.io/ 50 KB
17 KB 579ms
75ms Script
application/javascript 3.171.100.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/video-agent.js?publisherId=baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Requested by: Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?zoneid=7226&domainid=6586&sizeid=2&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.100.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-100-22.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d4cb26bee8a6a46b9d50126c4d11feeb2ad0568b83beea3e0e1d99190e53cea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
etag: "9b3bfd62c3d6c126a53b1b50557b4c65"
age: 56044
via: 1.1 b227700af62579dd9e3f1b8495ccbf04.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 17140
x-amz-cf-id: MksmSSpGPPdNB51drSNws-md4nXYXaWhm8Z-rDeAdFYqeVJJCNjFaQ==
date: Sat, 07 Dec 2024 18:31:18 GMT
content-type: application/javascript
last-modified: Sun, 26 May 2024 12:11:36 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P5
x-amz-server-side-encryption: AES256

GET
H2 200 rec
imp9.bidgear.com/ 0
439 B 45ms
44ms Image
text/plain 2606:4700:20::681a:36b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp9.bidgear.com/rec?t=1&z=7226&uuid=797c9ce320d24ecd9169ee8a09e87f5a&p=103&g=CA&token=88cd982dae&tbg=1733652320
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2eGGQe%2BHBI4RQN3CA6yCvPJ0iY%2FrogOoHL8F08aCjip6RJh3bsa4dGG9oCAyjdWUKZUROuYnkqWD45PMpF%2F6HuRqv8fz%2F0Ts0kFIQleO1AQddqnV43gx8ZMrw1O9rePLtppARyCPb0Oo%2BVjFwU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbc3e1e0f5d-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=24135&min_rtt=15751&rtt_var=14938&sent=27&recv=23&lost=0&retrans=0&sent_bytes=12507&recv_bytes=3378&delivery_rate=457912&cwnd=257&unsent_bytes=0&cid=949da4a7f15b1272&ts=894&x=0"
content-length: 0
date: Sun, 08 Dec 2024 10:05:20 GMT
server: cloudflare

GET
H3 200 si
capi.connatix.com/tr/ 0
284 B 471ms
71ms Image
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=f1975345-7ef0-48cb-a838-46ad001ecf3e&cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8eebefbefbcbab75-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
server: cloudflare
priority: u=3,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame D494 2 KB
1 KB 394ms
50ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28e6a36e25894e6ca5fbcc89c995db3b034ea81da60f32128a4ea8923c53e92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
cf-ray: 8eebefbefbc9ab75-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

GET crpzw3bh.php
heirem-art.de/ 0
0

GET
H/1.1 200
OK check.jpg
tonerrefillsnow.tripod.com/samsung/images/ 135 B
269 B 70ms
68ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/check.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 69f3fb6150cb6272128e49019845f8d52ba81dfc42d4f267f715f00b28545148

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
X-Server-IP: 209.202.244.204
ETag: "87-439b36b3"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:20 GMT
Accept-Ranges: bytes
access-control-allow-origin: *
Content-Length: 135
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: image/jpeg
vary: *
server: nginx/1.18.0
Last-Modified: Sat, 10 Dec 2005 20:12:35 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 shim.jpg
tonerrefillsnow.tripod.com/samsung/images/ 61 B
269 B 151ms
148ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/shim.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: b98e8352fc26b05104c22c81487fa840da1c576c3d5d408ec9a8d2a59956aaf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.199
etag: "3d-439b36b5"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:37 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 dot.jpg
tonerrefillsnow.tripod.com/samsung/images/ 223 B
269 B 126ms
124ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/dot.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 16cc3909bf0a509fd8cfea44faf7f652aeebe20110f82541b9d7534c0bedd7b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.208
etag: "df-439b36b4"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 223
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:36 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK buy.jpg
tonerrefillsnow.tripod.com/samsung/images/ 1 KB
270 B 98ms
96ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/buy.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: e1d237b53621dac06f907369c704d779fad317fb69feb8674976b299baa60302

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
X-Server-IP: 209.202.244.196
ETag: "55f-439b36b3"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:20 GMT
Accept-Ranges: bytes
access-control-allow-origin: *
Content-Length: 1375
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
Content-Type: image/jpeg
vary: *
server: nginx/1.18.0
Last-Modified: Sat, 10 Dec 2005 20:12:35 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 4b.jpg
tonerrefillsnow.tripod.com/samsung/images/ 26 KB
270 B 125ms
123ms Image
image/jpeg 209.202.252.105
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tonerrefillsnow.tripod.com/samsung/images/4b.jpg
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.202.252.105 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tripod.lycos.co.uk
Software: nginx/1.18.0 /
Resource Hash: 28708f9caca156e6a3fa4a253679538739188e2491773c9be4e77d0994879814

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/samsung/176.html

Response headers

cache-control: max-age=604800
x-server-ip: 209.202.244.210
etag: "679c-439b36b1"
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 15 Dec 2024 10:05:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26524
p3p: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: image/jpeg
vary: *
server: nginx/1.18.0
last-modified: Sat, 10 Dec 2005 20:12:33 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 tripodcom_sticky.js Show response
adxbid.info/ 538 KB
160 KB 49ms
49ms Script
application/javascript 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/tripodcom_sticky.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/tripodcomdynamic.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3fc081e9c8193d3168ac40a20dba0bb0a3024e365e70bd6f4a4c0c824add38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

server: cloudflare
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 5733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5Cw3ieHK1YMS%2FsYx%2B7QfBZuTCVcquHGg4QwfYoblvNnpRchQKvZLv%2BGowx7yNxNfCPZ6maAqsh6wiM%2BqmhNkR6uKz%2FnMeEoDl1AgT6F0PUQV51pzDkxS1X2MgILfjzDkQDYy77B6S1Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eebefbe4e2f0f46-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39762&min_rtt=38173&rtt_var=766&sent=161&recv=66&lost=0&retrans=0&sent_bytes=170395&recv_bytes=7000&delivery_rate=1654819&cwnd=68400&unsent_bytes=0&cid=caac9b5b5f8d3ef8&ts=373&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 10:40:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H2 200 agent.js Show response
cdn.prplads.com/ 76 KB
0 1ms
0ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4133815d4895620a9cbf527c3f454055b005eb3b8620e3c0fdee38f4faf094e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "40d73066d67ab868d57b46d4c334cfcd"
age: 2361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ztiaG75xR5jCIY5L7MR2Y47kcI4wihZ6k9c7P22ZcTI8GMNeuRG7EF0gl%2B8Fo0yTfmdLGzj2%2Fqp5vjiJqixm02unkbdBeyK5K%2B%2FFM%2BKqEEGjYgwU0GJEyz8q%2BTIeHAHcQ7KFwVJi3JlDpJqZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=18859&min_rtt=18847&rtt_var=5309&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4020&recv_bytes=2524&delivery_rate=216480&cwnd=254&unsent_bytes=0&cid=65132f25fb40d18b&ts=81&x=0"
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/javascript
last-modified: Sun, 15 Sep 2024 08:21:14 GMT
vary: Accept-Encoding
x-amz-id-2: U8bvSEnzZEaxEBuCnDnq4mJ8+W2QN8Zwpy1RzWQpOAu8yHsZBnZqVW+5Fz7cnIUReMJV1TyW8So=
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1Q7WDBS0A5SRWJW8
cf-ray: 8eebefb9be5c447a-EWR
accept-ranges: bytes
content-length: 21970
server: cloudflare

GET
H2 200 pixel;r=1647617585;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733652321135;tzo=480;ogl=;ses=d...
pixel.quantserve.com/ 35 B
455 B 108ms
103ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1647617585;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733652321135;tzo=480;ogl=;ses=d69c5d1e-edbc-4d8e-83f6-9efdb227a322;d=tripod.com;uht=2;fpan=1;fpa=P0-601452801-1733652321137;pbc=;gdpr=0;mdl=

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 pixel;r=1094429808;labels=edge.1%2Csid.17754;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=173365...
pixel.quantserve.com/ 35 B
578 B 51ms
46ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1094429808;labels=edge.1%2Csid.17754;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733652321136;tzo=480;ogl=;ses=d69c5d1e-edbc-4d8e-83f6-9efdb227a322;d=tripod.com;uht=2;fpan=1;fpa=P0-778662553-1733652321138;pbc=;gdpr=0;mdl=

Requested by

Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["vJAciZ+MIgRm0u2RrWSZ5Q=="],"pcode":["p-effSsmMYCbAck"]},{"label":["i2EFc+Fvax2H3DYYUa2v8g=="],"pcode":["p-effSsmMYCbAck"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 / Show response
api.purpleads.io/x/v2/b/ 3 KB
2 KB 87ms
87ms Fetch
application/json 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=0&pid=e6082256dd674ccd9c742d7479145be4&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=d9bea402-d50c-4734-b2c2-d2ebd594b0ce&ts=1733652321147
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash: 49e3d64cd6a9cef1bfad45fe1411e6ddcab7668793d0df81dc6d842eccb9b03b

Request headers

Authorization: Bearer 06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Referer: https://tonerrefillsnow.tripod.com/
x-request-url: aHR0cHM6Ly90b25lcnJlZmlsbHNub3cudHJpcG9kLmNvbS9zYW1zdW5nLzE3Ni5odG1s
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
pa-user-id: 830eee69-1530-41a8-b1c9-44815aa72bbb
x-purpleads-version: 4.0.3

Response headers

access-control-expose-headers: pa-user-id
content-encoding: br
etag: W/"dbd-tjoczE6atCI/Eej8heh0OOCO+kI"
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/547758/ Frame D494 4 KB
2 KB 136ms
49ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d2cb5e64e2d1fdbd312d724e5d49359a55a2d90373099d56d83853e2e5385a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "46c90962f6cc76b8f0423bac8f97f84c"
x-amz-version-id: 7MZw6MHwqfX8hbHNS8aJqOSzd0bmnO7l
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefbfdc30ab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1359
server: cloudflare

OPTIONS
H2 200 /
api.purpleads.io/x/v2/b/ Frame 0
0 65ms
64ms Preflight 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/b/?idx=0&pid=e6082256dd674ccd9c742d7479145be4&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=d9bea402-d50c-4734-b2c2-d2ebd594b0ce&ts=1733652321147
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://tonerrefillsnow.tripod.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sun, 08 Dec 2024 10:05:21 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 240ms
51ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d87484ab05f1583269aa457919e2dc84c4fd1467a4c578c4ab01d85cf12c18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 10:05:21 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148133
date: Sun, 08 Dec 2024 10:05:21 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 prebid-video-2024-05-26.js Show response
cdn.prplads.com/ 256 KB
82 KB 49ms
48ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ce5e7b7f1a91da941608673a1e888f7fd5037a540fed41f3b3b3c837623e78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1378c46906a91b9457b21667b57063d4"
age: 954594
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtUcOX0mzmtMJb2hPNYb%2B7HfSUi93YQ%2BbmBGeNcbMJj6PictHIwD%2FqHas2EwybEfdpa5KF0TKAIuZgjrIPQDvTjdF7fkIzaKLt7J0ugwF0t66lwNc2dsws1xIrewa7YbM%2Bi%2Bw7GLxXIDnx2q5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=24669&min_rtt=18847&rtt_var=12037&sent=39&recv=15&lost=0&retrans=0&sent_bytes=40174&recv_bytes=2624&delivery_rate=1470475&cwnd=258&unsent_bytes=0&cid=65132f25fb40d18b&ts=1025&x=0"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
last-modified: Sun, 26 May 2024 12:10:26 GMT
vary: Accept-Encoding
x-amz-id-2: NYBaPXpqklwRe+QmubIGTediNNqWXYN/u5V2Zs6OohnR88o2Cg8KaulUPlOneUmiE8s13rpKPKg=
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AA7EXT14SRXS2CPD
cf-ray: 8eebefbfaa75447a-EWR
accept-ranges: bytes
content-length: 83093
server: cloudflare

GET
H3 200 connatix.player.js Show response
cds.connatix.com/p/547758/ Frame D494 459 KB
108 KB 47ms
47ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73beb443988d83fbeec6cc229b84d91cfd61801aaf7ab72f34f7799649dad106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "af040b9f51e62d451747925a27361ef0"
x-amz-version-id: FR86E4h5kPsEJ2DUJpT4GHE4x2Fu5UH5
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc02c4cab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109628
server: cloudflare

GET
H2 200 prebid-2024-08-21.js Show response
cdn.prplads.com/ Frame 6307 356 KB
116 KB 68ms
62ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/prebid-2024-08-21.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/agent.js?publisherId=06174d57feb541d5df5ef81ffc51d266:87b8936bc016273b782c3a83290f16df6e07d664c95ed62dd3a44903bf9e1e66456669cdc38c534a44a0cdc2fb84da3dda4b66478aaa97eb6e0974adf831b0e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "d5648f1f2569f1aeebd08c555505249b"
age: 861467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5neG92jH0rumJcSwoaniHmozm2esLIAg%2B14T35WdbzxD4ZyLXaJjIt0nvh4pBJRFjfKw8tbSljKfxnXUepJlmeFThxLLoSTbZ%2Fo5ed66t1sc01MqPTJEjtminfbYRyOFFyqpD7Uzrqx%2BL%2BSqHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=21148&min_rtt=18847&rtt_var=3697&sent=104&recv=24&lost=0&retrans=0&sent_bytes=124593&recv_bytes=2688&delivery_rate=4357470&cwnd=276&unsent_bytes=0&cid=65132f25fb40d18b&ts=1163&x=0"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 08:17:43 GMT
vary: Accept-Encoding
x-amz-id-2: V9mGiCXqzwJZgWj5Q2H/DUhL0qwX83wQslaDVhTvA4ryUkpoU6JIz8wZF8X28HzCE1TiTqY40/U=
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RF5MGM4FA1MC8RF9
cf-ray: 8eebefc07ae8447a-EWR
accept-ranges: bytes
content-length: 117692
server: cloudflare

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 6307 2 KB
1 KB 179ms
46ms Fetch
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241208

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

14f72e7e564d269047c9ffc9f1a59ecc6fa6543bbd3816196017c3ae4215b8fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63d-4/eZaX4HUZxvkGg7JBabhJKV240"
age: 21867
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4546-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 845
x-jsd-version: 1.0.2263

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 6307 1 KB
2 KB 250ms
108ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Age: 1044050
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zOTBhjUToB1w63c%2BcJrnYFk0dxp0AR8vUcprQADhBjySuDPJ8mEbftZStml4DnWuUX8iTfICa8kSNgGDL3OCIA%2Frrc7fmPMrPR5vEzLvxfe9C8FSajcjoTRCIR34h5yiREEioRYl7Pki7%2Bb"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=16336&min_rtt=16331&rtt_var=6135&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3470&recv_bytes=2277&delivery_rate=249129&cwnd=253&unsent_bytes=0&cid=bd4db7a6dec2e31a&ts=115&x=0"
Date: Sun, 08 Dec 2024 10:05:21 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Nov 2024 16:59:35 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8eebefc26eef1821-EWR
Server: cloudflare

GET prebid-topics-frame.html
api.popin.cc/topic/ Frame 6A26 0
0

GET
H2 200 topics.html
hb.360yield.com/privacy-sandbox/ Frame 3CAE 0
0 399ms
129ms Document
text/html 18.67.76.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-93.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://tonerrefillsnow.tripod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 166
cache-control: max-age=3600
content-length: 840
content-type: text/html
date: Sun, 08 Dec 2024 10:02:37 GMT
etag: "df731667f516cd61f16f3bc51bc7022f"
last-modified: Thu, 14 Mar 2024 16:48:35 GMT
server: AmazonS3
via: 1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
x-amz-cf-id: 519lSiICef6iduocaXIiDeaA2V25xqbkND6m4YLcpDtQpj9H0lTAMQ==
x-amz-cf-pop: IAD89-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: kpEupr6y3cwJy6IieEVrXoWKzFeDpUx4
x-cache: Hit from cloudfront

GET
H2 200 topicsapi.html
onetag-sys.com/static/ Frame EBA2 0
0 341ms
108ms Document
text/html 51.222.39.185
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/topicsapi.html?bidder=onetag

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tonerrefillsnow.tripod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 566
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
vary: accept-encoding

GET
H2 200 topics_frame.html
pa.openx.net/ Frame E5B0 0
0 226ms
39ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://tonerrefillsnow.tripod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Sun, 08 Dec 2024 09:53:49 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AFiumC4P9UxelTCKoyYqGO6Gt0wddKHMZo_EQ2opL5l00VhSaeN_rnz6QjnUj2dGCRVxE4CeS5_0BKTzvw

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame 6307 1 KB
1 KB 366ms
135ms Fetch
application/json 147.75.195.55
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: a4190a974345a11c73d6a5edaf6c62385049b921bac62cffaaddd3fc577fbea4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
x-envoy-upstream-service-time: 74
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 548
date: Sun, 08 Dec 2024 10:05:20 GMT
content-type: application/json; charset=utf-8
vary: origin, accept-encoding
server: envoy

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 6307 760 B
1 KB 332ms
79ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22431959692ad2fc%22%3A%22cf6f29f07bb1a410ae56%7C970x90%2C728x90%2C468x60%2C320x100%2C320x50%2C300x100%2C300x50%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&s=a5efe1dc-1dab-4051-99d4-346ddac42c7e&pv=361daa49-9b51-4923-8066-9e09d98ba841&vp=tablet&lib_name=prebid&lib_v=8.43.0&us=5&iqid=%7B%22pcid%22%3A%22fff51a74-e538-4b7c-abab-4acc16f6f270%22%2C%22pcidDate%22%3A1733652321483%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22fbd16110-9192-4799-96ed-93aba31d1b29%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22tonerrefillsnow.tripod.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tripod.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22purpleads.io%22%2C%22sid%22%3A%22616beb41bc290237de25b92c%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

fcf715959545e1764beeaecfab7657dfe8ea86d8a77ace89c68c5c5bca10efbd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 443
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:21 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ Frame 6307
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F%2Ftonerre...
https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F...

62 B
534 B

149ms
148ms

Fetch
application/json

172.98.26.245
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=8.43.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Server: 172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: e4461299117e924ad25e116f4c510cf6a4835f01351a9895de80c387fe0751be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, no-cache
accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials: true
expires: Sun, 08 Dec 2024 10:05:21 GMT
x-sid: IAD-1222
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 62
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
server: openresty

Redirect headers

location: /hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.3715063992982839&e=320x50_0%3A320x50%2C300x50%2C970x90%2C728x90%2C468x60%2C320x100%2C300x100&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=8.43.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html
access-control-allow-credentials: true
x-sid: IAD-1222
access-control-allow-origin: https://tonerrefillsnow.tripod.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/html; charset=iso-8859-1
server: openresty

POST /
ghb.adtelligent.com/v2/auction/ Frame 6307 0
0

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame 6307 1 KB
929 B 520ms
260ms Fetch
application/json 206.189.255.194
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=380

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.255.194 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

a3daf9c1669356e7b54c0ebc347de8ccea39cce229db4ff81408e4b4f859a71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
vary: accept-encoding

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ Frame 6307 316 B
758 B 420ms
154ms Fetch
application/json 18.154.227.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-93.iad55.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 4ed59245ad4a4bf53dc71369083c482f098b0532fa902b6e09040d561ea72ab8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 88
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 1103f2f4fcd4848a1668ac878932c20a.cloudfront.net (CloudFront)
access-control-allow-origin: https://tonerrefillsnow.tripod.com
x-cache: Miss from cloudfront
content-length: 232
x-amz-cf-id: 4EuTFNGeDzDMYVcR7u9k-UaMbDSAJwkZipkFR9AtnC2HoYkcaoVZ6w==
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
x-amz-cf-pop: IAD55-P5
server: istio-envoy
x-reason: auction result is empty
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 6307 179 B
713 B 432ms
189ms Fetch
application/json 35.245.40.102
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&PageUrl=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&PageReferrer=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.245.40.102 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

102.40.245.35.bc.googleusercontent.com

Software

Resource Hash

81050f6d27b8db1f30bd1c775a0246d75be78a23ca1342cd6dab3e89c31fcfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 3600
content-encoding: br
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
expires: 0
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-kong-request-id: 32e2464e8c7e7b611e89020fb9916352
pragma: no-cache
access-control-allow-credentials: true
via: kong/3.6.1
x-kong-upstream-latency: 108
access-control-allow-origin: https://tonerrefillsnow.tripod.com

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebidfledge/ Frame 6307 0
189 B 408ms
123ms Fetch 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebidfledge/bids
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:21 GMT
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ Frame 6307 42 B
443 B 434ms
131ms Fetch
application/json 54.90.133.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.90.133.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-133-190.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: f4c2f2af474f4b590da7acf9c69ae5d7386d295e1c05ff4c484a70d61326ac8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 67
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
server: istio-envoy
x-reason: path does not match the SaaS type
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 6307 15 B
563 B 321ms
138ms Fetch
application/json 51.222.39.187
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H3 200 player.user.manager.service.js Show response
cds.connatix.com/p/547758/ Frame D494 57 KB
16 KB 49ms
47ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/player.user.manager.service.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6ebeb78a663f1ba7ff056a5e9fd0194ef38bd875413542d1045d1a4b7b875d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "dd1882311e54fd9be27dec7ad0c2ddd7"
x-amz-version-id: Ph8ZdKkQUtBKedqhmchZpKRhspV.EBa8
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1ad54ab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15554
server: cloudflare

GET
H3 200 player.renderer.js Show response
cds.connatix.com/p/547758/ Frame D494 196 KB
46 KB 50ms
49ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/player.renderer.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d048e1885c03b626fe98ed7961489f4789e56cc3d28ddff236d78e9daa2d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "bdd4cd9a0873934adc986ad4331d398f"
x-amz-version-id: O2takoxENTXkuy6Zi_ts4Zgap6E.rwTw
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1bd55ab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46478
server: cloudflare

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/547758/ Frame D494 3 KB
2 KB 84ms
83ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4bc110433be99a4bd806e403b52a6205fafc2b62b4d0f08921825cc719b8cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "aef415c3a9d75543c40464cbc6303e0e"
x-amz-version-id: 3vFXS4MH0hJUa5Chm8y2siIjxvd0Epd7
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1bd58ab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1354
server: cloudflare

GET
H3 200 player.style.eba3e4dec5b26fab3aa1.css
cds.connatix.com/a/ 67 KB
10 KB 79ms
79ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/a/player.style.eba3e4dec5b26fab3aa1.css
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5bd3c191c542f7768d9b2e28a52ee98b7044fe16f90ec1e6def50c16e0c5f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "cbbb19c20cc059850af4e440801d4d0a"
x-amz-version-id: alKG7EhbWXTvYRh_jPNWQAWkSfgpCdsR
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 15:05:57 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1bd5aab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9373
server: cloudflare

GET
H3 200 player.hls.217259d2fbd1b2e2029a.js Show response
cds.connatix.com/a/ 290 KB
75 KB 83ms
81ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/a/player.hls.217259d2fbd1b2e2029a.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9ed827b2890d3b4b2090bb90064c542a1e2b745c7ec4773795d296657442c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "9634d4c4dbc2997e280301817da01efe"
x-amz-version-id: PQGnTxyow0yavwFUiQVHP5HAoNfIxI9g
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:46 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1bd5cab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76689
server: cloudflare

GET
H3 200 player.ads.js Show response
cds.connatix.com/p/547758/ Frame D494 412 KB
92 KB 83ms
81ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/player.ads.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4273c31f9bca08be5643cfe57110d6674be644b894142bca4a1aff4b1535b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "def22dceb7d66a7996839195cefa97f0"
x-amz-version-id: 7mhWp_Fduqy4raq9ZK36k1zQZkcmIUH9
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc1bd5dab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 94096
server: cloudflare

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 187 B
95 B 59ms
58ms XHR
application/json 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c1369b230a4a69c2f801701bcc49b6d142998be62ccb8d2f724f98bbd7fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 10:05:21 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 70
date: Sun, 08 Dec 2024 10:05:21 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 200 mny Show response
capi.connatix.com/core/ Frame D494 1 KB
1 KB 85ms
84ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/mny?v=547758&cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f87c1056f183e7041f09663ea95a69d0cac918a5a534eb7943519a8749e09d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8eebefc21d89ab75-YYZ
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 993
server: cloudflare

GET
H2 200 v Show response
api.purpleads.io/x/v2/ 2 KB
1 KB 63ms
62ms Fetch
application/json 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/v?pid=e6082256dd674ccd9c742d7479145be4&ts=1733652321608
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash: c498bf41492bdc0e59b833b8f373c4e9c38c1934a88eecfd3f57c801a48506ae

Request headers

Authorization: Bearer baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Referer: https://tonerrefillsnow.tripod.com/
x-request-url: aHR0cHM6Ly90b25lcnJlZmlsbHNub3cudHJpcG9kLmNvbS9zYW1zdW5nLzE3Ni5odG1s
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
pa-user-id: 830eee69-1530-41a8-b1c9-44815aa72bbb
x-purpleads-version: 3.1.2

Response headers

access-control-expose-headers: pa-user-id
content-encoding: br
etag: W/"7de-uVnP5+iucCq6+erOXjkY9cnw5cE"
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 200 v
api.purpleads.io/x/v2/ Frame 0
0 55ms
55ms Preflight 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/v?pid=e6082256dd674ccd9c742d7479145be4&ts=1733652321608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://tonerrefillsnow.tripod.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sun, 08 Dec 2024 10:05:21 GMT

GET
H3 200 cSyncRemote.js Show response
cds.connatix.com/p/547758/ Frame D494 208 KB
50 KB 53ms
53ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/547758/cSyncRemote.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3ad60ea5c6afda6fc5b54d705fb2e283742b42486f8f188c749a99fef09aff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "552551d8adddf017da7fbac6d704f3fe"
x-amz-version-id: IBXKWhcHTC9Fh3i.w_qvk0y13PWGbdem
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:45 GMT
x-amz-expiration: expiry-date="Wed, 25 Jun 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc26dabab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50217
server: cloudflare

POST
H3 200 / Show response
capi.connatix.com/metrics/ Frame D494 0
407 B 217ms
71ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/metrics/?v=547758&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8eebefc3abf8a222-YYZ
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 20
server: cloudflare

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 303ms
120ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age: 0
cf-ray: 8eebefc41c80efa1-EWR
content-length: 3
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 01 Jan 2018 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame 6307 61 KB
20 KB 350ms
228ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bc72811f208b5c16bc07739eab6e7aca69b1f191d1b83a38ac924154bdf2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: MISS
ETag: W/"10a01d2a2318722bba6213f0fa7cdfc3"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVCzTX6i0c8s3pj%2FrHHgI4UPuvCQaDlC8efpqpWyFWigIf%2B9A7MnggGy90QQAGHEG4JTja00YN%2FEZPHCv1pCL9S8jShM1OH7EE2ve55cuKfw5tTcIMF%2BI23xwCYisvHu2ZDG%2BCjJHi3zVtXX"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=15914&min_rtt=15913&rtt_var=5970&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3470&recv_bytes=2258&delivery_rate=256200&cwnd=253&unsent_bytes=0&cid=464e50e524c6ec04&ts=230&x=0"
Date: Sun, 08 Dec 2024 10:05:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Nov 2024 16:59:32 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 8eebefc3ef214223-EWR
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame D494
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=3

6 KB
3 KB

80ms
80ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=3
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e2fc1adf27c6815d1de34a30b2621a21d191051d2975f505dfd6b58295f63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8eebefc38e24ab75-YYZ
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 2616
server: cloudflare

Redirect headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://capi.connatix.com:443/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=3
access-control-allow-credentials: true
cf-ray: 8eebefc2fde3ab75-YYZ
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 31
server: cloudflare

POST
H3 200 pls Show response
capi.connatix.com/core/ Frame D494 1003 B
1 KB 79ms
78ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=547758&tier=1&cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&abid=MNY-3791-6&part=Feature
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2630be96403443d46bcc7ee210949d507730143f72bcd5be94d2ccbb465bc028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8eebefc2fde4ab75-YYZ
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 910
server: cloudflare

GET
H/1.1 304
Not Modified localstore.js Show response
script.4dex.io/ 1 KB
887 B 47ms
47ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

If-None-Match: W/"00a8e13a83b2bbab51af8e55f52be363"
Referer: https://tonerrefillsnow.tripod.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since: Fri, 22 Nov 2024 16:59:35 GMT

Response headers

Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: HIT
ETag: "00a8e13a83b2bbab51af8e55f52be363"
Age: 1044050
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubpU19t0ZdgL1bc%2B8vN20hT86yRxeng0%2F4%2FI2UrmIyXvFGDOVs%2FgoHq5HT%2Fta9eZJC%2FkQg6Hd4JSZfJR29d9FxJELTbSLHEuds%2BXwW277J8VbRJcILSLEQnTgTwHzsqkWEmfyd%2FeWQKNwMHg"}],"group":"cf-nel","max_age":604800}
CF-RAY: 8eebefc33f381821-EWR
server-timing: cfL4;desc="?proto=TCP&rtt=16319&min_rtt=16226&rtt_var=3484&sent=10&recv=10&lost=0&retrans=0&sent_bytes=5533&recv_bytes=2805&delivery_rate=333333&cwnd=257&unsent_bytes=0&cid=bd4db7a6dec2e31a&ts=240&x=0"
Date: Sun, 08 Dec 2024 10:05:21 GMT
Last-Modified: Fri, 22 Nov 2024 16:59:35 GMT
Vary: Accept-Encoding
Server: cloudflare

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 63 B
463 B 144ms
129ms XHR
application/json 54.90.133.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.90.133.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-133-190.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4635db29c944b529b5e4be981ceec661522c3fd984b7c17fb4faf23be9e5f30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 88
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
server: istio-envoy
x-reason: path does not match the SaaS type
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
562 B 126ms
125ms XHR
application/json 51.222.39.187
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 adreq Show response
ads.servenobid.com/ 1 KB
927 B 192ms
191ms XHR
application/json 206.189.255.194
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=7516

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.255.194 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

9cf4bfb7172ad7442157b4bb5b4212e111d57df39bc0a665f36b66aa5c1aeb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
vary: accept-encoding

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pb...
https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F1...

69 B
541 B

109ms
108ms

XHR
application/json

172.98.26.245
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=7.22.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vctx=1&vv=3
Requested by: Host: tonerrefillsnow.tripod.com
URL: https://tonerrefillsnow.tripod.com/samsung/176.html
Protocol: H2
Server: 172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2d4abbfeba3a010eb6337d59705ff0ec737d1cd67864ca8418e6c822e9d03b70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, no-cache
accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials: true
expires: Sun, 08 Dec 2024 10:05:21 GMT
x-sid: IAD-1222
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 69
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
server: openresty

Redirect headers

location: /hb/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?ct=1&r=pbjs&rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=7.22.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vctx=1&vv=3
access-control-allow-credentials: true
x-sid: IAD-1222
access-control-allow-origin: https://tonerrefillsnow.tripod.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/html; charset=iso-8859-1
server: openresty

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 337 B
774 B 238ms
237ms XHR
application/json 18.154.227.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-93.iad55.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 3520bd7fc1bf18b5f7fa6388863beffd1ec34085c0c15ad73f5d14a0739b106f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 105
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 1103f2f4fcd4848a1668ac878932c20a.cloudfront.net (CloudFront)
access-control-allow-origin: https://tonerrefillsnow.tripod.com
x-cache: Miss from cloudfront
content-length: 249
x-amz-cf-id: OD-1HoRs0dU7008xSi9O3ygrVERJm3BgE7S9iXliPRqG_QKfX33Kdw==
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json
x-amz-cf-pop: IAD55-P5
server: istio-envoy
x-reason: auction result is empty
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 124ms
123ms XHR
application/json 147.75.195.55
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: c487816b40548598891f6ee368b37f3de5c24187386884e7e2a37ee15caf078c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 547
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
vary: origin, accept-encoding
server: envoy

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 761 B
1 KB 61ms
61ms XHR
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214bd5b7a0799676%22%3A%225465b266e2999e452003%7C%7Cgpid%3Dpurpleads-video%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&s=479218ee-1c34-4574-a16d-40f207fef886&pv=d2f57497-7a26-486c-911b-2ff84cb0ce0a&vp=desktop&lib_name=prebid&lib_v=7.22.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html%22%2C%22domain%22%3A%22tonerrefillsnow.tripod.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22tripod.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&coppa=0

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

16fcdfdadf70ff61b0c8b35dfe37ca33043c294321bee5c95100af7f26523ea4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 443
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:21 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 61 KB
0 242ms
241ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bc72811f208b5c16bc07739eab6e7aca69b1f191d1b83a38ac924154bdf2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

Cache-Control: public, max-age=1800
Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: MISS
ETag: W/"10a01d2a2318722bba6213f0fa7cdfc3"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVCzTX6i0c8s3pj%2FrHHgI4UPuvCQaDlC8efpqpWyFWigIf%2B9A7MnggGy90QQAGHEG4JTja00YN%2FEZPHCv1pCL9S8jShM1OH7EE2ve55cuKfw5tTcIMF%2BI23xwCYisvHu2ZDG%2BCjJHi3zVtXX"}],"group":"cf-nel","max_age":604800}
CF-RAY: 8eebefc3ef214223-EWR
Access-Control-Allow-Origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=15914&min_rtt=15913&rtt_var=5970&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3470&recv_bytes=2258&delivery_rate=256200&cwnd=253&unsent_bytes=0&cid=464e50e524c6ec04&ts=230&x=0"
Date: Sun, 08 Dec 2024 10:05:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Nov 2024 16:59:32 GMT
Vary: Origin, Accept-Encoding
Server: cloudflare

GET
H2 200 3_media.bin Show response
vid.connatix.com/pid-f1975345-7ef0-48cb-a838-46ad001ecf3e/26c34590-bcfd-4c31-b08f-59904b41093b/ Frame D494 289 B
673 B 244ms
66ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f1975345-7ef0-48cb-a838-46ad001ecf3e/26c34590-bcfd-4c31-b08f-59904b41093b/3_media.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85aa813e79b8e5e6831804ddb6344aca108c515be47f25ca54b64c336626ad61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"cfc21b9ea28d42cc1d2d513c2cc262d2"
xpid: f1975345-7ef0-48cb-a838-46ad001ecf3e
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:22 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/x-protobuf
last-modified: Mon, 23 May 2022 08:08:09 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-headers: range
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc4afe8ab51-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 player.iframe.integration.destroy.682481608db14d79e150.js Show response
cds.connatix.com/a/ 748 B
794 B 46ms
46ms Script
text/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/a/player.iframe.integration.destroy.682481608db14d79e150.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0da6c7becd850ff32ede65108b925f97c88514b82a390d353f1d220e59abdfc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "7100ab88d0b202d2a2e27592ae585b2e"
x-amz-version-id: VuDRJMD.n441nZb4MhdhIdEDfoCXYxYj
access-control-allow-methods: *
expires: Mon, 08 Dec 2025 10:05:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 08:40:47 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc38e22ab75-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 378
server: cloudflare

GET
H3 200 insights.bin Show response
ins.connatix.com/308563af39ca73249cac84453c604043/ Frame D494 252 B
526 B 369ms
65ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/308563af39ca73249cac84453c604043/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/547758/connatix.player.js?cid=4bcef86c-92b1-4ed2-bc85-fc3b60a697d7&pid=f1975345-7ef0-48cb-a838-46ad001ecf3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aad744c0e854b267791b1f83c3581afbf6cb2a5b1e62c15e113a9d3106eb75d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"49733e307200837306a6915cf48768e9"
access-control-allow-methods: GET, HEAD
expires: Mon, 08 Dec 2025 10:05:22 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/x-protobuf
last-modified: Sat, 07 Dec 2024 14:39:36 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 8eebefc5f829ab64-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ 69 B
541 B 61ms
60ms XHR
application/json 172.98.26.245
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5e1fd/1/tonerrefillsnow.tripod.com/ROS?rnd=0.25590678051817317&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&pbv=7.22.0&ncb=1&vs=F&crs=windows-1252&fr=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html&vctx=2&vv=3
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2d4abbfeba3a010eb6337d59705ff0ec737d1cd67864ca8418e6c822e9d03b70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, no-cache
accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-credentials: true
expires: Sun, 08 Dec 2024 10:05:22 GMT
x-sid: IAD-1222
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 69
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/json
server: openresty

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 63 B
463 B 83ms
81ms XHR
application/json 54.90.133.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.90.133.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-133-190.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 46a45bdd73523177f99e9c1af4605997feb9dd721fbe3515888380a6218f3593

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 88
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/json
server: istio-envoy
x-reason: path does not match the SaaS type
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
562 B 135ms
133ms XHR
application/json 51.222.39.187
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 prebid Show response
mp.4dex.io/ 0
285 B 311ms
125ms XHR
text/plain 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

x-version: 3.0.0-gcp-las
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
pragma: no-cache
x-err: Parsing the Prebid Request. parseadrequest org/site not found
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8eebefc6198e5e78-EWR
expires: 0
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:22 GMT
vary: Origin, Accept-Encoding
server: cloudflare

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
699 B 181ms
179ms XHR
application/json 147.75.195.55
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 503675256ebedcc5d43a14c2b7e2852cb5454bcf45404f88ae9c31942025dd47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
x-envoy-upstream-service-time: 75
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 549
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/json; charset=utf-8
vary: origin, accept-encoding
server: envoy

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 337 B
773 B 189ms
187ms XHR
application/json 18.154.227.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-video-2024-05-26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-93.iad55.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 26c1ecccad95035f4c0ba0de1aa47d345edee838623043b6663e925eac5774b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 80
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 1103f2f4fcd4848a1668ac878932c20a.cloudfront.net (CloudFront)
access-control-allow-origin: https://tonerrefillsnow.tripod.com
x-cache: Miss from cloudfront
content-length: 248
x-amz-cf-id: Hz9VWB4-Dce89lm_Ah6fJ7gu1y8KgYOnkoE7qTHTbiN8KRmRCKue6g==
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/json
x-amz-cf-pop: IAD55-P5
server: istio-envoy
x-reason: auction result is empty
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftonerrefillsnow.tripod.com%2F&domain=tonerrefillsnow.tripod.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=nUD_qHxhMUxicnprTlZvTWFKTllEVll6OUdFdWtRLzE4c2xEalFTZzNhRjJ4S3NPbVE3dkR3eVllUHR1MGxISHl1SmFtTzFxb3Ivd3RMRm1pZTBUcnM2OGJrMnh0ZFcrV0JDUGZVNFBqdHJrRlRoTTJIeGJYdk1GTnB6VW...

359 B
937 B

358ms
136ms

XHR
application/json

74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nUD_qHxhMUxicnprTlZvTWFKTllEVll6OUdFdWtRLzE4c2xEalFTZzNhRjJ4S3NPbVE3dkR3eVllUHR1MGxISHl1SmFtTzFxb3Ivd3RMRm1pZTBUcnM2OGJrMnh0ZFcrV0JDUGZVNFBqdHJrRlRoTTJIeGJYdk1GTnB6VWZMVWxNWndvR3JyZjZwN0tmQjJFSHpWaVhtdnFZdXE0YzBOWlZjS2QweERiTzVod1ROMGVYdEo2WnpWTVcxRHFjN0ZwSlZHcVBTR0QrNXRldW1jdXRQQnhYZk5keGptWURrTDlEMWQ3SkJ2cGUrY1lXQ2ZMUGZ5ajlxMXp0SzYwVEh3TVpUMndlaitGdDRSTjVIbllDQkdrZlltMU51UT09fA&cppv=2

Requested by

Host: blank
URL: about:blank

Protocol

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

374a25c69d5519f8e2a53a4c75506cbf9c4f8172f508b9c18a0c430b0ad546bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 482505
expires: 0
access-control-allow-origin: null
date: Sun, 08 Dec 2024 10:05:23 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=nUD_qHxhMUxicnprTlZvTWFKTllEVll6OUdFdWtRLzE4c2xEalFTZzNhRjJ4S3NPbVE3dkR3eVllUHR1MGxISHl1SmFtTzFxb3Ivd3RMRm1pZTBUcnM2OGJrMnh0ZFcrV0JDUGZVNFBqdHJrRlRoTTJIeGJYdk1GTnB6VWZMVWxNWndvR3JyZjZwN0tmQjJFSHpWaVhtdnFZdXE0YzBOWlZjS2QweERiTzVod1ROMGVYdEo2WnpWTVcxRHFjN0ZwSlZHcVBTR0QrNXRldW1jdXRQQnhYZk5keGptWURrTDlEMWQ3SkJ2cGUrY1lXQ2ZMUGZ5ajlxMXp0SzYwVEh3TVpUMndlaitGdDRSTjVIbllDQkdrZlltMU51UT09fA&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 283413
expires: 0
access-control-allow-origin: https://tonerrefillsnow.tripod.com
content-length: 0
date: Sun, 08 Dec 2024 10:05:22 GMT
server: Kestrel

POST 532.json
id5-sync.com/g/v2/ 0
0

GET css
fonts.googleapis.com/ Frame A512 0
0

GET
H2 200 prebid-2024-08-21.js Show response
cdn.prplads.com/ Frame A512 356 KB
0 1ms
0ms Script
application/javascript 2606:4700:20::681a:233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prplads.com/prebid-2024-08-21.js
Requested by: Host: cdn.prplads.com
URL: https://cdn.prplads.com/load.js?publisherId=3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tonerrefillsnow.tripod.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "d5648f1f2569f1aeebd08c555505249b"
age: 861467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5neG92jH0rumJcSwoaniHmozm2esLIAg%2B14T35WdbzxD4ZyLXaJjIt0nvh4pBJRFjfKw8tbSljKfxnXUepJlmeFThxLLoSTbZ%2Fo5ed66t1sc01MqPTJEjtminfbYRyOFFyqpD7Uzrqx%2BL%2BSqHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=21148&min_rtt=18847&rtt_var=3697&sent=104&recv=24&lost=0&retrans=0&sent_bytes=124593&recv_bytes=2688&delivery_rate=4357470&cwnd=276&unsent_bytes=0&cid=65132f25fb40d18b&ts=1163&x=0"
date: Sun, 08 Dec 2024 10:05:21 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 08:17:43 GMT
vary: Accept-Encoding
x-amz-id-2: V9mGiCXqzwJZgWj5Q2H/DUhL0qwX83wQslaDVhTvA4ryUkpoU6JIz8wZF8X28HzCE1TiTqY40/U=
cache-control: max-age=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RF5MGM4FA1MC8RF9
cf-ray: 8eebefc07ae8447a-EWR
accept-ranges: bytes
content-length: 117692
server: cloudflare

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
470 B 260ms
104ms XHR
text/plain 2620:100:a00b::30
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=34107777150

Requested by

Host: adxbid.info
URL: https://adxbid.info/tripodcom_sticky.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://tonerrefillsnow.tripod.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:22 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 252ms
92ms Preflight
application/json 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftonerrefillsnow.tripod.com%2F&domain=tonerrefillsnow.tripod.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://tonerrefillsnow.tripod.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 Dec 2024 10:05:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 188955
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET player.floating.js
cds.connatix.com/p/547758/ Frame D494 0
0

GET
H2 200 v Show response
api.purpleads.io/x/v2/ 26 KB
3 KB 180ms
179ms Fetch
application/json 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/v?demand=unifiedPb&pid=e6082256dd674ccd9c742d7479145be4&ts=1733652322354
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/video-agent.js?publisherId=baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash: 1c5303a0021a63d2b1b34e92fcefca2606a56ab24ab896d14b17431ef1a6d8eb

Request headers

Authorization: Bearer baa118f88597f78a9da433cfc284ae13:62f5b7fb63a45a5cb18f0f1f46aeab87502d89635f75a80d1d870d1b20d72f0e1ce0119b83feb1a1eebb642d3c7bff478f181e00d56a49a12d903d3eb9df4454
Referer
x-request-url: YWJvdXQ6Ymxhbms=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
pa-user-id: 830eee69-1530-41a8-b1c9-44815aa72bbb
x-purpleads-version: 3.1.2

Response headers

access-control-expose-headers: pa-user-id
content-encoding: br
etag: W/"687b-X41K6TKBel56VQyLoGrdQ0pvoyY"
access-control-allow-credentials: true
access-control-allow-origin: https://tonerrefillsnow.tripod.com
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 200 v
api.purpleads.io/x/v2/ Frame 0
0 56ms
55ms Preflight 34.203.84.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/v?demand=unifiedPb&pid=e6082256dd674ccd9c742d7479145be4&ts=1733652322354
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.84.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-84-81.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin: https://tonerrefillsnow.tripod.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sun, 08 Dec 2024 10:05:22 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 408ms
133ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 08 Dec 2024 10:05:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 193273
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 370ms
96ms Image
image/svg+xml 23.62.165.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.92 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-92.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=2592000
timing-allow-origin: *, *
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Tue, 07 Jan 2025 10:05:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 990
date: Sun, 08 Dec 2024 10:05:22 GMT
content-type: image/svg+xml
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage

POST
H/1.1 200
OK graphql Show response
s3.adxpremium.services/ 16 B
297 B 288ms
286ms XHR
application/json 185.106.140.19
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/tripodcom_sticky.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.19 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 32c85ed2ff0fd6c8f590d3a0fa370cf854a0fed8c5f96d0bb51e5b7258a91ecd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

Access-Control-Expose-Headers: Content-Length
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 16
Date: Sun, 08 Dec 2024 10:05:25 GMT
Content-Type: application/json; charset=utf-8
Server: nginx

OPTIONS
H/1.1 204
No Content graphql
s3.adxpremium.services/ Frame 0
0 577ms
208ms Preflight 185.106.140.19
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.adxpremium.services/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.19 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tonerrefillsnow.tripod.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin,Content-Type,Authorization,Accept,User-Agent,Cache-Control,Pragma
Access-Control-Allow-Methods: GET,POST,PUT,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 43200
Connection: keep-alive
Date: Sun, 08 Dec 2024 10:05:24 GMT
Server: nginx

GET
H2 200 sync
x.bidswitch.net/ 43 B
183 B 765ms
97ms Image
image/gif 35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sun, 08 Dec 2024 10:05:25 GMT
content-type: image/gif

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26n...
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=

49 B
783 B

44ms
43ms

Image
image/gif

2607:f350:3:2569:0:10:0:d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=

Requested by

Host: blank
URL: about:blank

Protocol

Server

2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 49
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:26 GMT
tcn: Choice
content-type: image/gif
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

Redirect headers

strict-transport-security: max-age=31536000
location: https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553&gdpr=0&gdpr_consent=
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Sun, 08 Dec 2024 10:05:26 GMT
server: Jetty(11.0.13)

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=d6b69711-ed2f-4c2b-b31a-f5b78b38431e&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=YVdqQjkyNWdxTU5UN3JfRHhsNUlSdw&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGxbDDNlQS0zzLGbCsGrc-w&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=JM5SDxIL0U8e

49 B
820 B

125ms
64ms

Image
image/gif

2607:f350:3:2569:0:10:0:d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=JM5SDxIL0U8e

Requested by

Host: blank
URL: about:blank

Protocol

Server

2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 49
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:26 GMT
tcn: Choice
content-type: image/gif
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=JM5SDxIL0U8e
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-9775cb85-6bnjc
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
server: Jetty(10.0.14)

GET
H2

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=2fc5fedd37&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=2fc5fedd37&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=242bc87b-9a33-4cdf-89ca-f595f1495b08&pubid=2fc5fedd37
https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=d6b69711-ed2f-4c2b-b31a-f5b78b38431e
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=d6b69711-ed2f-4c2b-b31a-f5b78b38431e
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=242bc87b-9a33-4cdf-89ca-f595f1495b08&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%2C%2C

95 B
433 B

80ms
79ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=242bc87b-9a33-4cdf-89ca-f595f1495b08&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%2C%2C

Requested by

Host: blank
URL: about:blank

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Sun, 08 Dec 2024 10:05:26 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=242bc87b-9a33-4cdf-89ca-f595f1495b08&ttd_puid=a344ddcb-e74c-4cd6-b895-27080cfe996a%2C%2C
content-length: 359
date: Sun, 08 Dec 2024 10:05:26 GMT
server: Kestrel

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808927863420247

49 B
828 B

192ms
64ms

Image
image/gif

2607:f350:3:2569:0:10:0:d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808927863420247

Requested by

Host: blank
URL: about:blank

Protocol

Server

2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 49
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 08 Dec 2024 10:05:26 GMT
tcn: Choice
content-type: image/gif
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-197
x-xss-protection: 0

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018808927863420247
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Sun, 08 Dec 2024 10:05:25 GMT
Server: Jetty(9.4.51.v20230217)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tonerrefillsnow.com
URL: https://www.tonerrefillsnow.com/images/header.jpg

Domain: www.tonerrefillsnow.com
URL: https://www.tonerrefillsnow.com/samsung/images/176.jpg

Domain: www.tonerrefillsnow.com
URL: https://www.tonerrefillsnow.com/images/footer.jpg

Domain: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.4.3.js

Domain: heirem-art.de
URL: http://heirem-art.de/crpzw3bh.php?id=26646934

Domain: api.popin.cc
URL: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery

Domain: ghb.adtelligent.com
URL: https://ghb.adtelligent.com/v2/auction/

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/532.json

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/547758/player.floating.js

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tripod.com/	1970-01-21 10:19:48	Name: CookieStatus Value: COOKIE_OK
.tripod.com/	1969-12-31 23:59:59	Name: MEMBER_PAGE Value: tonerrefillsnow/samsung/176.html
.tripod.com/	1969-12-31 23:59:59	Name: REFERRER Value: (null)
.tripod.com/	1970-01-21 11:10:12	Name: __utma Value: 31113466.2109589721.1733652319.1733652319.1733652319.1
.tripod.com/	1969-12-31 23:59:59	Name: __utmc Value: 31113466
.tripod.com/	1970-01-21 05:57:00	Name: __utmz Value: 31113466.1733652319.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.tripod.com/	1970-01-21 01:34:12	Name: __utmt Value: 1
.tripod.com/	1970-01-21 01:34:14	Name: __utmb Value: 31113466.1.10.1733652319
.udmserve.net/	1970-01-21 10:19:48	Name: dt Value: 099FFE0A-6FFC-36F8-91DB-355B18E3B39C
.go.sonobi.com/	1970-01-21 10:19:48	Name: __uis Value: d6b69711-ed2f-4c2b-b31a-f5b78b38431e
.adnxs.com/	1970-01-21 03:43:48	Name: XANDR_PANID Value: ol3RwHH03yIY1wQcMiq9s7nrg5vjZq9I8wpjbq8WiaNV89592ki3cshkKFizXnNtbNUPYIPXvGyZa_sMGri04kLN8piSWM8RPosoOG-zGDE.
.adnxs.com/	1970-01-21 11:10:12	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:43:48	Name: uuid2 Value: 4103286286238624210
.pubmatic.com/	1970-01-21 01:35:38	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-21 10:19:48	Name: CMID Value: Z1VvYEt3uUcAAHQ4Aw.xXAAA
.casalemedia.com/	1970-01-21 03:43:48	Name: CMPS Value: 054
.casalemedia.com/	1970-01-21 03:43:48	Name: CMPRO Value: 054
.pubmatic.com/	1970-01-21 03:43:48	Name: SyncRTB4 Value: 1734825600%3A220
.pubmatic.com/	1970-01-21 10:19:48	Name: KADUSERCOOKIE Value: 042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57
.udmserve.net/	1970-01-21 03:43:48	Name: sono Value: d6b69711-ed2f-4c2b-b31a-f5b78b38431e
.udmserve.net/	1970-01-21 03:43:48	Name: apnid Value: 4103286286238624210
.rubiconproject.com/	1970-01-21 10:19:48	Name: audit_p Value: 1\|orfUJYKYFivF6HXLCxvkQxkNY2kk9bwiqDc2BWQIR3wQ1nTWsk2hDf6iexLvQSEawMBwCrty49ckEa5N2k7U1SEEFoCDRlfYgOeV7TJonsRCE8+DzHOiDbxISKHyyA0Rsp6eNvz6lrw95nUVy/R1gA==
.rubiconproject.com/	1970-01-21 10:19:48	Name: khaos Value: M4FFTVW9-21-3DOA
.rubiconproject.com/	1970-01-21 10:19:48	Name: khaos_p Value: M4FFTVW9-21-3DOA
.rubiconproject.com/	1970-01-21 10:19:48	Name: audit Value: 1\|orfUJYKYFivF6HXLCxvkQxkNY2kk9bwiqDc2BWQIR3wQ1nTWsk2hDf6iexLvQSEawMBwCrty49ckEa5N2k7U1SEEFoCDRlfYgOeV7TJonsRCE8+DzHOiDbxISKHyyA0Rsp6eNvz6lrw95nUVy/R1gA==
.rubiconproject.com/	1970-01-21 03:43:48	Name: receive-cookie-deprecation Value: 1
.udmserve.net/	1970-01-21 03:43:48	Name: magid Value: M4FFTVW9-21-3DOA
.tripod.com/	1970-01-21 10:55:48	Name: __gads Value: ID=7f3329e8386b7d73:T=1733652320:RT=1733652320:S=ALNI_MZyU5EfXpeztjuRz84WF6Ng8CPnLg
.tripod.com/	1970-01-21 10:55:48	Name: __gpi Value: UID=00000f7dc025c677:T=1733652320:RT=1733652320:S=ALNI_MY0iIRRh0doegpImUwN00gSAyfQag
.tripod.com/	1970-01-21 05:53:24	Name: __eoi Value: ID=72f99014906e6997:T=1733652320:RT=1733652320:S=AA-AfjZilHEradiMX6o7wV6fe61L
.quantserve.com/	1970-01-21 11:04:26	Name: mc Value: 67556f61-2839e-c4cd3-51ab0
.tripod.com/	1970-01-21 10:58:41	Name: __qca Value: P0-601452801-1733652321137
.doubleclick.net/	1970-01-21 11:10:12	Name: IDE Value: AHWqTUnG2r-_Pfamu0Sr9kQ9zQFvDTNuIB5q3IHWSWKlvG_mQCZwYhGjoDr6Ue-eSWg
.pubmatic.com/	1970-01-21 03:43:48	Name: KRTBCOOKIE_80 Value: 22987-CAESEANBUkciUSnWhdKKUwsCWsE&KRTB&16514-CAESEANBUkciUSnWhdKKUwsCWsE&KRTB&23025-CAESEANBUkciUSnWhdKKUwsCWsE&KRTB&23386-CAESEANBUkciUSnWhdKKUwsCWsE
.pubmatic.com/	1970-01-21 02:17:24	Name: PugT Value: 1733652240
.pubmatic.com/	1970-01-21 01:35:38	Name: pi Value: 156505:3
.pubmatic.com/	1970-01-21 03:43:48	Name: chkChromeAb67Sec Value: 2
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.go.sonobi.com/	1970-01-21 01:34:12	Name: __uih Value: 1
.connatix.com/	1970-01-21 01:54:21	Name: cnx_userId Value: 3a692a06c79e404a9bcd1ad0d5767803
.go.sonobi.com/	1970-01-21 01:35:38	Name: _usd_tonerrefillsnow.tripod.com Value: d2f57497-7a26-486c-911b-2ff84cb0ce0a
.onetag-sys.com/	1970-01-21 11:03:59	Name: OTP Value: phlYsoElryqLFbNrr2Ig2rGgnUvFrXuhxpalQUy2pZI
.a-mo.net/	1970-01-21 10:19:48	Name: amuid2 Value: 54046c0c-801a-4e74-8b5d-57256abf5195
.a-mo.net/	1970-01-21 10:19:48	Name: pamuid2 Value: 54046c0c-801a-4e74-8b5d-57256abf5195
.prebid.a-mo.net/	1970-01-21 10:19:48	Name: psd_amuid2 Value: 54046c0c-801a-4e74-8b5d-57256abf5195
.prebid.a-mo.net/	1970-01-21 10:19:48	Name: sd_amuid2 Value: 54046c0c-801a-4e74-8b5d-57256abf5195
.omnitagjs.com/	1970-01-21 02:17:24	Name: ayl_visitor Value: 28a7ff589e96c889748df8f16f62eb1f
.pubmatic.com/	1970-01-21 02:17:24	Name: SPugT Value: 1733652321
.udmserve.net/	1970-01-21 10:19:48	Name: udmts Value: 1733652322.0
.udmserve.net/	1970-01-21 03:43:48	Name: pmid Value: 042BAF0A-7E0F-4C22-8C6C-14CC2A2FFE57
tonerrefillsnow.tripod.com/	1970-01-21 02:17:24	Name: _DABPlus5375_userid_consent_data Value: 3524755945110770
.tripod.com/	1970-01-21 10:19:48	Name: _sharedID Value: 7a61f029-b52f-4fb8-aed4-58c868d0eee6
.prebid.a-mo.net/	1970-01-21 10:19:48	Name: __amc Value: 2_1733652321_1733652322
.criteo.com/	1970-01-21 10:55:48	Name: cto_bundle Value: gGtqTF9MaW5VcnZUSlVJYiUyQmQ2eHBSQmVnQmpabWxkVk1qUGR0MHRvSFRqMVVVTkw4NUpGN2I4YndmR3c0N2ZEM1VyZW9XMyUyRnoweDQ5ZDdtaURVUXd2a2ROWlVpMTI0b0FyNDFvVmJ6MEVOa0VzNHclM0Q
.tripod.com/	1970-01-21 10:55:19	Name: cto_bundle Value: Md9KP19pNEpJTXZZZkhEalVyTzZ0ZzVidDRleUk2aFpKalI1M2t6Zmo1cXlaNHEzd29DNFJZZGM4bEg4bHZ5UnQ3TDdmZWglMkY3elJzSjFKb0xVNjJpNWkzRUlTdlVweEg1eVpXQXUyVzlISDdxNWd1aHd5bTA4MjFpTSUyRnRSSG55aFBvenA
.tripod.com/	1970-01-21 10:55:19	Name: cto_bidid Value: R_vmQF94d1I5RlNuSWQlMkYlMkJBQWxYUFk5dkVONXhCTVppYzM3dWZLaTVuOGZKVTI4bElQWmxPOVF2VFl4RWo3VVkzTE1HVmVWazNMY3FPJTJGZzRoWiUyQldzaTl5NkRRJTNEJTNE
.sitescout.com/	1970-01-21 10:19:48	Name: ssi Value: 5468ccc2-2fa8-40bc-b1cf-accee96e5c61#1733652325732
.contextweb.com/	1970-01-21 10:12:36	Name: V Value: JM5SDxIL0U8e
.contextweb.com/	1970-01-21 10:12:36	Name: VP Value: part_JM5SDxIL0U8e
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e81c2e9a743388d3
.adsrvr.org/	1970-01-21 10:19:48	Name: TDID Value: 242bc87b-9a33-4cdf-89ca-f595f1495b08
.sitescout.com/	1970-01-21 02:17:24	Name: _ssuma Value: eyIzOSI6MTczMzY1MjMyNTgwNSwiNyI6MTczMzY1MjMyNTgwNX0
.rfihub.com/	1970-01-21 10:55:48	Name: rud Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MrcwMzYxMjAyMRfiM9T1Cw7x90_29vQoDMkEAGu8XU8lAAAA
.rfihub.com/	1970-01-21 10:55:48	Name: eud Value: H4sIAAAAAAAA_1slymtobmxsZmpkbGRqYWgEAD7tNQ4QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MrcwMzYxMjAyMRfiM9T1Cw7x90_29vQoDMkEAGu8XU8lAAAA
.contextweb.com/	1970-01-21 10:19:48	Name: pb_rtb_ev Value: 3-1v7h\|7LJ.0.d6b69711-ed2f-4c2b-b31a-f5b78b38431e\|4is.0.CAESEGxbDDNlQS0zzLGbCsGrc-w
.contextweb.com/	1970-01-21 10:19:48	Name: pb_rtb_ev_part Value: 3-1v7h\|7LJ.0.d6b69711-ed2f-4c2b-b31a-f5b78b38431e\|4is.0.CAESEGxbDDNlQS0zzLGbCsGrc-w
.go.sonobi.com/	1970-01-21 02:21:00	Name: __uir_zt Value: 262497771148579925
.go.sonobi.com/	1970-01-21 10:19:48	Name: __uin_zt Value: 2018808927863420247
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86197\|Z1Vva
.go.sonobi.com/	1970-01-21 01:34:26	Name: __uir_pp Value: 262497771148579925
.go.sonobi.com/	1970-01-21 10:19:48	Name: __uin_pp Value: JM5SDxIL0U8e
.go.sonobi.com/	1970-01-21 03:43:48	Name: __uir_td Value: 262497771148579925
.go.sonobi.com/	1970-01-21 10:19:48	Name: __uin_td Value: 242bc87b-9a33-4cdf-89ca-f595f1495b08
.crwdcntrl.net/	1970-01-21 08:03:00	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:03:00	Name: _cc_id Value: 39906822a2bd411cd11f3cf836e6f9ac
.crwdcntrl.net/	1970-01-21 08:03:00	Name: _cc_cc Value: "ACZ4nGNQMLa0NDCzMDJKNEpKMTE0TE4xNEwzTk6zMDZLNUuzTExmAIL00Pw0BgQAAEixCnI%3D"
.crwdcntrl.net/	1970-01-21 08:03:00	Name: _cc_aud Value: "ABR4nGNgYGBID81PY4ADABObAZI%3D"
.adsrvr.org/	1970-01-21 10:19:48	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi44qrtu97LPRAFGAEgASgCMgsI_titmtLeyz0QBTgBWgV0YXBhZGAC
.go.sonobi.com/	1970-01-21 02:21:00	Name: __uir_bs Value: 262497771148579925
.go.sonobi.com/	1970-01-21 10:19:48	Name: __uin_bs Value: 5468ccc2-2fa8-40bc-b1cf-accee96e5c61-67556f65-5553
.tapad.com/	1970-01-21 03:00:36	Name: TapAd_TS Value: 1733652326546
.tapad.com/	1970-01-21 03:00:36	Name: TapAd_DID Value: 242bc87b-9a33-4cdf-89ca-f595f1495b08
.tapad.com/	1970-01-21 03:00:36	Name: TapAd_3WAY_SYNCS Value: 1!8242

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/images/header.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/samsung/images/176.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/images/footer.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.tonerrefillsnow.com/samsung/images/176.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.tonerrefillsnow.com/images/header.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.tonerrefillsnow.com/images/footer.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://scripts.lycos.com/catman/init.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://scripts.lycos.com/catman/init.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://scripts.lycos.com/catman/init.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://scripts.lycos.com/catman/init.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=16&zoneid=7361 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.prplads.com/load.js?publisherId=3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?zoneid=7361&domainid=6586&sizeid=16&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.prplads.com/load.js?publisherId=3105e1fb6246bd5aca2a3ecb52bb4e6c:572bb2b7841c9515200fe3d0cd80bf01eb806025eda7d4c63ee5cd8dff72e7bdd97cc17139ab92ab97f13ddcbd23656bea647abfe2ae7dc7923fd32a9fa8211c, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 431) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 431) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 431) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7638&domainid=6586&sizeid=9&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=2&zoneid=7638 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7638&domainid=6586&sizeid=9&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7226&domainid=6586&sizeid=2&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://platform.bidgear.com/ads.php?domainid=6586&sizeid=28&zoneid=7226 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://platform.bidgear.com/ads.php?zoneid=7226&domainid=6586&sizeid=2&wu=https%3A%2F%2Ftonerrefillsnow.tripod.com%2Fsamsung%2F176.html, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 468) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/images/header.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://tonerrefillsnow.tripod.com/samsung/176.html Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure script 'http://heirem-art.de/crpzw3bh.php?id=26646934'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 539) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 598) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 609) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 621) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 633) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 657) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ewebcart.com/cgi-bin/cart.pl'. This endpoint should be made available over a secure connection.
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 698) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/samsung/images/176.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://tonerrefillsnow.tripod.com/samsung/176.html(Line 698) Message: Mixed Content: The page at 'https://tonerrefillsnow.tripod.com/samsung/176.html' was loaded over HTTPS, but requested an insecure element 'http://www.tonerrefillsnow.com/images/footer.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://id5-sync.com/g/v2/532.json' from origin 'https://tonerrefillsnow.tripod.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://id5-sync.com/g/v2/532.json Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

84faf5ff17b91cae939aecfbbc65f0ea.safeframe.googlesyndication.com
ads.servenobid.com
adxbid.info
apex.go.sonobi.com
api.popin.cc
api.purpleads.io
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
cadmus.script.ac
capi.connatix.com
cd.connatix.com
cdn.jsdelivr.net
cdn.prplads.com
cdn.purpleads.io
cds.connatix.com
cm.g.doubleclick.net
fonts.googleapis.com
ghb.adtelligent.com
gum.criteo.com
hb-api.omnitagjs.com
hb.360yield.com
hb.minutemedia-prebid.com
hb.yellowblue.io
heirem-art.de
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imp9.bidgear.com
ins.connatix.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pa.openx.net
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel-us-west.rubiconproject.com
pixel.quantserve.com
pixel.tapad.com
platform.bidgear.com
prebid-us.creativecdn.com
prebid.a-mo.net
rules.quantcount.com
s3.adxpremium.services
script.4dex.io
scripts.lycos.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sp-log.lycos.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
sync.crwdcntrl.net
sync.go.sonobi.com
tonerrefillsnow.tripod.com
udmserve.net
vid.connatix.com
widgets.outbrain.com
www.googletagservices.com
www.tonerrefillsnow.com
x.bidswitch.net
api.popin.cc
bid.underdog.media
cds.connatix.com
fonts.googleapis.com
ghb.adtelligent.com
heirem-art.de
id5-sync.com
www.tonerrefillsnow.com
104.18.27.193
104.18.41.104
142.251.16.157
147.75.195.55
172.64.146.152
172.98.26.245
18.154.227.93
18.67.76.93
185.106.140.19
185.184.10.30
198.8.71.130
206.189.255.194
207.65.32.82
207.65.37.182
209.202.252.105
209.202.254.12
209.202.254.90
23.62.165.92
2600:9000:201e:ae00:6:44e3:f8c0:93a1
2606:4700:20::681a:233
2606:4700:20::681a:36b
2606:4700:20::681a:8a9
2606:4700:3035::6815:30d7
2606:4700:4400::6812:22b2
2606:4700::6812:1791
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::61
2620:100:a00b::12
2620:100:a00b::30
2620:116:800b:21:b08a:1dc5:659b:4055
2a04:4e42:400::485
3.171.100.22
34.111.113.62
34.203.84.81
34.228.175.96
34.36.214.49
34.36.216.150
35.211.202.130
35.245.40.102
51.222.39.185
51.222.39.187
52.223.40.198
54.90.133.190
68.67.179.87
68.71.249.118
69.173.154.8
74.119.117.17
74.214.194.131
8.28.7.83
018c5fb25a858c19fa7b935dbb2e97ca16b44f65acd7571cf1615eb432b9d49a
06d7140f6f1f14fc2c203b7dc8faecfaa9f626a338f1aaad9dfa00fb2c5de4d1
0af17552baaa71e1bc34e64cb3dfe4c4ea1b09d2d04ec9204d7484942f6d64ae
0b3e2fc1adf27c6815d1de34a30b2621a21d191051d2975f505dfd6b58295f63
0d4cb26bee8a6a46b9d50126c4d11feeb2ad0568b83beea3e0e1d99190e53cea
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14f72e7e564d269047c9ffc9f1a59ecc6fa6543bbd3816196017c3ae4215b8fc
16cc3909bf0a509fd8cfea44faf7f652aeebe20110f82541b9d7534c0bedd7b3
16fcdfdadf70ff61b0c8b35dfe37ca33043c294321bee5c95100af7f26523ea4
17dee119989562177114af49696cc9cedbcd8610efcaf73621ab976d9ee99ee7
1c4bc110433be99a4bd806e403b52a6205fafc2b62b4d0f08921825cc719b8cd
1c5303a0021a63d2b1b34e92fcefca2606a56ab24ab896d14b17431ef1a6d8eb
2630be96403443d46bcc7ee210949d507730143f72bcd5be94d2ccbb465bc028
26c1ecccad95035f4c0ba0de1aa47d345edee838623043b6663e925eac5774b8
28708f9caca156e6a3fa4a253679538739188e2491773c9be4e77d0994879814
28e99116b7e903860c52c8cdf126e9dc973f0429addda202e33c59a2e58365d0
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
2aad744c0e854b267791b1f83c3581afbf6cb2a5b1e62c15e113a9d3106eb75d
2d4abbfeba3a010eb6337d59705ff0ec737d1cd67864ca8418e6c822e9d03b70
2e3fc081e9c8193d3168ac40a20dba0bb0a3024e365e70bd6f4a4c0c824add38
32c85ed2ff0fd6c8f590d3a0fa370cf854a0fed8c5f96d0bb51e5b7258a91ecd
34bc72811f208b5c16bc07739eab6e7aca69b1f191d1b83a38ac924154bdf2f4
3520bd7fc1bf18b5f7fa6388863beffd1ec34085c0c15ad73f5d14a0739b106f
374a25c69d5519f8e2a53a4c75506cbf9c4f8172f508b9c18a0c430b0ad546bf
3850e8661319a5d1804f056b57ca749256fe8225e6c1a1fcf0d611073de12fb5
39020513d97ecd24b78c2779cbc87c3d5331634e5145c23d04f77966fd298bce
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40e3222f4cfdb7889e996f25c3b617419fd8fd52bd548ef30f706c4f4bfa3438
4133815d4895620a9cbf527c3f454055b005eb3b8620e3c0fdee38f4faf094e1
4635db29c944b529b5e4be981ceec661522c3fd984b7c17fb4faf23be9e5f30f
46a45bdd73523177f99e9c1af4605997feb9dd721fbe3515888380a6218f3593
49e3d64cd6a9cef1bfad45fe1411e6ddcab7668793d0df81dc6d842eccb9b03b
4ed59245ad4a4bf53dc71369083c482f098b0532fa902b6e09040d561ea72ab8
503675256ebedcc5d43a14c2b7e2852cb5454bcf45404f88ae9c31942025dd47
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c1369b230a4a69c2f801701bcc49b6d142998be62ccb8d2f724f98bbd7fa91
5f5bd3c191c542f7768d9b2e28a52ee98b7044fe16f90ec1e6def50c16e0c5f9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bb29508f737804c7eb1402a0bb9dba2bebedfaa65f7483edcf27cb53f13a7f
684723a6d2eb89b2d3265238546e86bc086777b456c21bdbc2835ec512dc34f9
69f3fb6150cb6272128e49019845f8d52ba81dfc42d4f267f715f00b28545148
6c6ebeb78a663f1ba7ff056a5e9fd0194ef38bd875413542d1045d1a4b7b875d
6d87484ab05f1583269aa457919e2dc84c4fd1467a4c578c4ab01d85cf12c18a
73beb443988d83fbeec6cc229b84d91cfd61801aaf7ab72f34f7799649dad106
7955a710aed162136e93a9fbd0c44413a569b6d32d6ddbf05f43f9966d6f689f
7a9ed827b2890d3b4b2090bb90064c542a1e2b745c7ec4773795d296657442c9
7f3ad60ea5c6afda6fc5b54d705fb2e283742b42486f8f188c749a99fef09aff
81050f6d27b8db1f30bd1c775a0246d75be78a23ca1342cd6dab3e89c31fcfeb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85aa813e79b8e5e6831804ddb6344aca108c515be47f25ca54b64c336626ad61
8c32af5a125d37e9343effdfddca36e82f6f99034d878bca5ae74dc04006e387
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cf4bfb7172ad7442157b4bb5b4212e111d57df39bc0a665f36b66aa5c1aeb89
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f927d433bf4a4a3459f9d7996ddc34bc2520fcb2fb5d69fa3af4488a7ab8f9
a3daf9c1669356e7b54c0ebc347de8ccea39cce229db4ff81408e4b4f859a71a
a4190a974345a11c73d6a5edaf6c62385049b921bac62cffaaddd3fc577fbea4
a7f115e3ebae1d56ff453b9a0b671233bb984fa6ca6f7b89a15a5e546e7d5ca6
ade1b0e98dc064de5efda19607e67f734023515fd424d91d2215dee8e4ee8d53
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
b2ae0cf13e9e6978c1edbf22aa7dc86a016b81737db2db8378f2e4f8845b9cdb
b86f38fffc7973d220afa405eb55afc60081d9f6add8690af3331e6a8de32778
b93914f0559985baff5a4aaa7c829f941bdc36bef8145a004fb27a0a5d2b9c6b
b98e8352fc26b05104c22c81487fa840da1c576c3d5d408ec9a8d2a59956aaf3
bb4c7217f10a70d2dedfea65574e14e2b6b9acab24e9656506f0381efee4f6cd
c2d2cb5e64e2d1fdbd312d724e5d49359a55a2d90373099d56d83853e2e5385a
c2f87c1056f183e7041f09663ea95a69d0cac918a5a534eb7943519a8749e09d
c487816b40548598891f6ee368b37f3de5c24187386884e7e2a37ee15caf078c
c498bf41492bdc0e59b833b8f373c4e9c38c1934a88eecfd3f57c801a48506ae
e0c6cb57980bad7765cfdab5fab06b8ab917bb9e0b58a137946832358e085ade
e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e
e1d237b53621dac06f907369c704d779fad317fb69feb8674976b299baa60302
e28e6a36e25894e6ca5fbcc89c995db3b034ea81da60f32128a4ea8923c53e92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cdf3511145a634a3a80144cc639c1ad32c53767deeb058eb44a3df58fe8e0e
e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c
e4461299117e924ad25e116f4c510cf6a4835f01351a9895de80c387fe0751be
e6d048e1885c03b626fe98ed7961489f4789e56cc3d28ddff236d78e9daa2d48
f0da6c7becd850ff32ede65108b925f97c88514b82a390d353f1d220e59abdfc
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f4c2f2af474f4b590da7acf9c69ae5d7386d295e1c05ff4c484a70d61326ac8d
f9ce5e7b7f1a91da941608673a1e888f7fd5037a540fed41f3b3b3c837623e78
fbfdce168e67521342feabaae3cc61ad835be09c5c82f92d20c6a76307497926
fcf715959545e1764beeaecfab7657dfe8ea86d8a77ace89c68c5c5bca10efbd
fe4273c31f9bca08be5643cfe57110d6674be644b894142bca4a1aff4b1535b0

tonerrefillsnow.tripod.com Open in urlscan Pro 209.202.252.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

141 Requests

84 %HTTPS

35 %IPv6

49 Domains

65 Subdomains

45 IPs

5 Countries

1543 kBTransfer

5563 kBSize

84 Cookies

0 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

tonerrefillsnow.tripod.com Open in urlscan Pro
209.202.252.105 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

84 %
HTTPS

35 %
IPv6

49
Domains

65
Subdomains

45
IPs

5
Countries

1543 kB
Transfer

5563 kB
Size

84
Cookies

141 HTTP transactions
0 data transactions