aznews.vip Open in urlscan Pro
103.118.29.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aznews.vip/
Submission: On January 21 via api (January 21st 2024, 6:57:37 pm UTC) from US — Scanned from US

Summary HTTP 129 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 11 countries across 55 domains to perform 129 HTTP transactions. The main IP is 103.118.29.139, located in Bac Giang, Viet Nam and belongs to IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN. The main domain is aznews.vip.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.

This is the only time aznews.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	103.118.29.139 103.118.29.139	150834 (IDATA-VN ...) (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.58.91.123 23.58.91.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 16	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
2 2	23.192.31.127 23.192.31.127	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.56.163.106 23.56.163.106	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1 1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2 3	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	147.135.71.24 147.135.71.24	16276 (OVH) (OVH)
6 6	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	23.56.162.28 23.56.162.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
13	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1	2606:4700::68... 2606:4700::6813:9722	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.172.162.55 35.172.162.55	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
9 12	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 2	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
7 7	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 7	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
4 5	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	63.251.86.49 63.251.86.49	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	131.153.242.59 131.153.242.59	19437 (SS-ASH) (SS-ASH)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 1	2606:4700:303... 2606:4700:3035::ac43:bfac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	80.77.87.162 80.77.87.162	46636 (NATCOWEB) (NATCOWEB)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1 1	63.251.28.233 63.251.28.233	26558 (FREEWHEEL) (FREEWHEEL)
14 21	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	216.22.16.5 216.22.16.5	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 5	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
4 4	2606:ae80:147... 2606:ae80:1471:15::440	25751 (VALUECLICK) (VALUECLICK)
6 6	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
4 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.211.118.13 35.211.118.13	15169 (GOOGLE) (GOOGLE)
4 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:c26c:7486:c467:5b58	14618 (AMAZON-AES) (AMAZON-AES)
3 3	54.147.37.155 54.147.37.155	14618 (AMAZON-AES) (AMAZON-AES)
1 2	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	104.117.182.139 104.117.182.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:266... 2600:9000:266a:9000:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:251... 2600:9000:2510:aa00:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.113 18.164.96.113	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
8 10	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 1	52.44.173.38 52.44.173.38	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
129	36

37 103.118.29.139 (Bac Giang, Viet Nam)

ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN)

aznews.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.91.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-91-123.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 51.222.239.232 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.31.127 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.202.105.22 (Chicago, United States) 8 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

hde.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.71.24 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns105611.ip-147-135-71.us

tracker.direct.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (North Charleston, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9722 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.26.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.172.162.55 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-162-55.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.41.2 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.248.18.32 (United States) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.37 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.84 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.28.129.37 (Ashburn, United States) 6 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.184 (Jersey City, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.49 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.242.59 (United States) 1 redirects

ASN19437 (SS-ASH, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:bfac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.77.87.162 (Clifton, United States) 2 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 8.43.72.97 (United States) 14 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.5 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1471:15::440 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
33across-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.218.10 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.118.13 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com

r.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:c26c:7486:c467:5b58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.147.37.155 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-37-155.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.51 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.139 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-139.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:9000:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:aa00:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-113.jfk50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.19.138.116 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.173.38 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-173-38.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	aznews.vip aznews.vip	1 MB
30	rubiconproject.com 19 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967 eus.rubiconproject.com — Cisco Umbrella Rank: 579 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 token.rubiconproject.com — Cisco Umbrella Rank: 477 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4763 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274	43 KB
21	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8715 c.mgid.com — Cisco Umbrella Rank: 6378 servicer.mgid.com — Cisco Umbrella Rank: 8793 s-img.mgid.com — Cisco Umbrella Rank: 8695 cm.mgid.com — Cisco Umbrella Rank: 1347	113 KB
16	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	7 KB
14	33across.com 8 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 901 events-ssc.33across.com — Cisco Umbrella Rank: 1615	5 KB
14	pubmatic.com 13 redirects ads.pubmatic.com — Cisco Umbrella Rank: 535 image8.pubmatic.com — Cisco Umbrella Rank: 664 image2.pubmatic.com — Cisco Umbrella Rank: 912 image4.pubmatic.com — Cisco Umbrella Rank: 1237 image6.pubmatic.com — Cisco Umbrella Rank: 805	67 KB
12	doubleclick.net 9 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
11	id5-sync.com 8 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	42 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801	5 KB
7	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	2 KB
7	a-mo.net 6 redirects prebid.a-mo.net — Cisco Umbrella Rank: 740	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 373 r.bidswitch.net — Cisco Umbrella Rank: 6571	3 KB
5	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859	3 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	2 KB
4	dotomi.com 4 redirects prebid-match.dotomi.com — Cisco Umbrella Rank: 1917 33across-match.dotomi.com — Cisco Umbrella Rank: 3423	1 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	2 KB
3	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 698 ice.360yield.com — Cisco Umbrella Rank: 1892	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 738 idsync.rlcdn.com — Cisco Umbrella Rank: 451	1 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 880 sync1.intentiq.com — Cisco Umbrella Rank: 3054	2 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1105	527 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	746 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	1 KB
2	admanmedia.com 2 redirects cs.admanmedia.com — Cisco Umbrella Rank: 973	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1252	1 KB
2	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1217	949 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 6423	790 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 564	936 B
2	tynt.com 1 redirects de.tynt.com — Cisco Umbrella Rank: 1526 hde.tynt.com — Cisco Umbrella Rank: 3986	3 KB
2	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 4709 sync-eu.connectad.io — Cisco Umbrella Rank: 4898	855 B
2	gstatic.com fonts.gstatic.com	16 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	7 KB
1	criteo.com 1 redirects dis.eu.criteo.com — Cisco Umbrella Rank: 7526	534 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	485 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	270 B
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1495	557 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	650 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	761 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	727 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724	252 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	515 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	634 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 4008	776 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1147	106 B
1	a-mx.com 1 redirects id.a-mx.com — Cisco Umbrella Rank: 1489	645 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 9286	158 B
1	krushmedia.com 1 redirects cs.krushmedia.com — Cisco Umbrella Rank: 3182	548 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	655 B
1	e-volution.ai 1 redirects tracker.direct.e-volution.ai — Cisco Umbrella Rank: 7313	537 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
0	ck-ie.com Failed eu.ck-ie.com Failed
129	55

	Domain	Requested by
37	aznews.vip	aznews.vip
16	onetag-sys.com	2 redirects cm.mgid.com onetag-sys.com
15	cm.mgid.com	jsc.mgid.com aznews.vip onetag-sys.com hde.tynt.com
14	pixel.rubiconproject.com	9 redirects onetag-sys.com aznews.vip
12	cm.g.doubleclick.net	9 redirects onetag-sys.com aznews.vip
10	id5-sync.com	8 redirects cdn.id5-sync.com aznews.vip
8	ssc-cms.33across.com	8 redirects
7	token.rubiconproject.com	5 redirects eus.rubiconproject.com
7	prebid.a-mo.net	6 redirects aznews.vip
7	image8.pubmatic.com	7 redirects
6	events-ssc.33across.com	hde.tynt.com
6	ups.analytics.yahoo.com	6 redirects
6	x.bidswitch.net	6 redirects
5	s.amazon-adsystem.com	2 redirects onetag-sys.com aznews.vip
5	ib.adnxs.com	4 redirects aznews.vip
4	pixel.tapad.com	4 redirects
4	match.adsrvr.org	4 redirects
4	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com hde.tynt.com
3	match.prod.bidr.io	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects aznews.vip
3	px.ads.linkedin.com	1 redirects aznews.vip
3	ap.lijit.com	3 redirects
3	image4.pubmatic.com	3 redirects
2	capi.connatix.com	1 redirects aznews.vip
2	ce.lijit.com	1 redirects aznews.vip
2	eb2.3lift.com	2 redirects
2	33across-match.dotomi.com	2 redirects
2	prebid-match.dotomi.com	2 redirects
2	sync.mathtag.com	2 redirects
2	cs.admanmedia.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	t.adx.opera.com	1 redirects aznews.vip
2	rtb-usw.mfadsrvr.com	2 redirects
2	ad.360yield.com	2 redirects
2	ps.eyeota.net	1 redirects aznews.vip
2	creativecdn.com	2 redirects
2	id.rlcdn.com	1 redirects aznews.vip
2	secure-assets.rubiconproject.com	2 redirects
2	c.mgid.com	aznews.vip
2	fonts.gstatic.com	fonts.googleapis.com
2	jsc.mgid.com	aznews.vip jsc.mgid.com
1	ice.360yield.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	dis.eu.criteo.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync1.intentiq.com	aznews.vip
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	hb.yahoo.net	aznews.vip
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	r.bidswitch.net	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	p.rfihub.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	cm.rtbsystem.com	1 redirects
1	cm.adform.net	aznews.vip
1	id.a-mx.com	1 redirects
1	cm.idealmedia.io	aznews.vip
1	cs.krushmedia.com	1 redirects
1	contextual.media.net	aznews.vip
1	tracker.direct.e-volution.ai	1 redirects
1	hde.tynt.com	cm.mgid.com
1	de.tynt.com	1 redirects
1	cdn.connectad.io	cm.mgid.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	s-img.mgid.com	aznews.vip
1	servicer.mgid.com	jsc.mgid.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	aznews.vip
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	aznews.vip
0	eu.ck-ie.com Failed	aznews.vip
129	82

This site contains links to these domains. Also see Links.

Domain
tielabs.com

Subject Issuer	Validity	Valid
aznews.vip R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://aznews.vip/
Frame ID: 3F58C0D13221EF701B3C3765506764EE
Requests: 77 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: 9D3D2AAFD4BBF9A25EE6C18B9F5FA4C0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: D457BD90BBEF713BC5DE727B7D352261
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 44FC7B271AECB727C0527F7DFF6A89C3
Requests: 20 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Frame ID: FF1192C6B882C2629CD8604EF0E115BB
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: A6090D33F2C7F50370A325BD8D3FFA45
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: B08C417D9A3B8F18A0826BACB5765B7E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AZ NEWS -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

129
Requests

53 %
HTTPS

23 %
IPv6

55
Domains

82
Subdomains

36
IPs

11
Countries

1485 kB
Transfer

2790 kB
Size

118
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tielabs.com/go/jannah-sites-footer
Title: Jannah News Theme by TieLabs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 57

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X HTTP 302
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X HTTP 307
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1

Request Chain 58

https://id.rlcdn.com/712056.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJnSta0GEgUI6AcQAEIASgA

Request Chain 59

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=737576&c=e52953b8-af27-5203-37a9-969c72b4f8a1

Request Chain 60

https://x.bidswitch.net/sync?dsp_id=303&user_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 61

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=Aw2HJkzaFEAVCXWpNc8j6BvNL4N230CW7lDmH6wIHyk&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 62

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=827026&c=0f3607b9-9ce6-5236-a5d7-cffc499b1b67

Request Chain 64

https://ps.eyeota.net/match?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=

Request Chain 65

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=222d2970-d841-40e2-9eff-1177561a87d1

Request Chain 66

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=8e447b40-85c9-4c5f-a58d-7cd9472e9be8

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bzBsdC1Icmh3alZh&muidn=o0lt-HrhwjVa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bzBsdC1Icmh3alZh&muidn=o0lt-HrhwjVa&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=o0lt-HrhwjVa&google_ula={guid},5&google_gid=CAESEA32omuiUkFbzUP3HnIAPGo&google_cver=1

Request Chain 68

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&ccpa_consent= HTTP 302
https://eu.ck-ie.com/mtp236.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&redir=https%3A%2F%2Fsync.e-volution.ai%2Ff2ee84aa02d6bdbd811eca8a4368e40c.gif%3Fpuid%3D%7B%24PARTNER_UID%7D

Request Chain 70

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNUY2MTctNUUyMC00MzBCLThDOUItQ0FEQUZEMTBFNEQ1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

Request Chain 71

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=3260914407063291663 HTTP 302
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://prebid.a-mo.net/cchain/1/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=IB6RhLZHiYyLg5XZS4GOwoZF HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F219%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=1--- HTTP 302
https://prebid.a-mo.net/cchain/2/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=4F05F617-5E20-430B-8C9B-CADAFD10E4D5 HTTP 302
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/3/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=98e2d5af-e15a-4fd8-a03d-e82f7269ced5 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F219%3Fus_privacy%3D1---%26gpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
https://prebid.a-mo.net/cchain/4/219?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Za1pGzAwAII8SU9LrNz3jwAA%263552 HTTP 302
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID

Request Chain 72

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true HTTP 307
https://cm.mgid.com/m?cdsp=709070&c=IB6RhLZHiYyLg5XZS4GOwoZF

Request Chain 73

https://cm.rtbsystem.com/mgid?c=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
https://cm.mgid.com/m?cdsp=556372&c=d4f76eec-dd4c-5df1-819c-621bba2cd27c

Request Chain 74

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=675043&c=08194e27-8fb1-4dc1-9d87-a7fd93463592

Request Chain 75

https://idsync.rlcdn.com/712107.gif?partner_uid=o0lt-HrhwjVa& HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442&expected_cookie=2fd1daa5-1f6d-4a4a-a96c-d603975f55be

Request Chain 76

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=19ec65ad-691a-4c00-935d-2a887adcf91b&gdpr=0&gdpr_consent=

Request Chain 77

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LRNV1YG1-J-MAFK&gdpr=0

Request Chain 78

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3260914407063291663

Request Chain 79

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=9c88a465d1437ce81502a726e33eec&gdpr_consent=&gdpr=0

Request Chain 81

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=df10a999-689e-4946-8a94-878eddf7a666

Request Chain 82

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU5f44ebd3c79445b3a1026209f2c98a8d

Request Chain 83

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ&google_tc=

Request Chain 84

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=2391074174732800461

Request Chain 85

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI

Request Chain 86

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkI0ODlCQzUtRkI1Qy00MTExLUEzQ0UtM0QwQjJGMkI3OUI3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC59zivcJTE5P277lKWZbWU&google_cver=1

Request Chain 88

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=Y04irmNTLiQO&ev=1&us_privacy=&pid=562985

Request Chain 89

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=750d5c12afbf05dc&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABZW3nLA-3jgMdrh8mAAAAAAA&expiration=1705949850

Request Chain 90

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-40ldO6dE2uFZoFLTmhDg3eGNsTx0H1Mu0s08YZw-~A

Request Chain 91

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=

Request Chain 92

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=2810316570262142694&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=&gdpr_consent=&us_privacy=

Request Chain 97

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 98

https://ssc-cms.33across.com/ps/?_=1705863450472.&ri=0013300001hSPhhAAG&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X HTTP 302
https://cm.mgid.com/m?cdsp=796887&c=212428766416142

Request Chain 99

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=the33across&bsw_custom_parameter=d907b300-3215-4b4e-b524-0559fa5cd41c HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=d907b300-3215-4b4e-b524-0559fa5cd41c&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dthe33across%26bsw_param%3Dd907b300-3215-4b4e-b524-0559fa5cd41c HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=d907b300-3215-4b4e-b524-0559fa5cd41c&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dthe33across%26bsw_param%3Dd907b300-3215-4b4e-b524-0559fa5cd41c HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10a8dc1a-dfed-49d1-b283-a61357596488%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dthe33across%252526bsw_param%25253Dd907b300-3215-4b4e-b524-0559fa5cd41c%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&ttd_puid=10a8dc1a-dfed-49d1-b283-a61357596488%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dthe33across%2526bsw_param%253Dd907b300-3215-4b4e-b524-0559fa5cd41c%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=the33across&bsw_param=d907b300-3215-4b4e-b524-0559fa5cd41c HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=d907b300-3215-4b4e-b524-0559fa5cd41c HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=d907b300-3215-4b4e-b524-0559fa5cd41c&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 100

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1705863450472.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=19ec65ad-691a-4c00-935d-2a887adcf91b

Request Chain 101

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true HTTP 302
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS~A HTTP 302
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS%7EA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 102

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1f907f73e31b03ee&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
https://ssc-cms.33across.com/ps?xi=64&xu=AAABZRL0Gs80dgNE5S4yAAAAAAA&expiration=1705949850&is_secure=true&us_privacy= HTTP 302
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABZRL0Gs80dgNE5S4yAAAAAAA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 103

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=801852153427027854391 HTTP 302
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=801852153427027854391&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 104

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LRNV1YC1-24-GXOJ HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LRNV1YC1-24-GXOJ&gdpr=0

Request Chain 108

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-oXOiHrHQtiCrztCotKeeg&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-oXOiHrHQtiCrztCotKeeg&gdpr=0

Request Chain 109

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJOVjFZRzEtSi1NQUZL&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEHPEqepHfs0WcQhuYw17oHs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOVjFZRzEtSi1NQUZL&google_push=&gdpr=0

Request Chain 110

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ptc16yvNTku0e_PEM5A0Gg&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptc16yvNTku0e_PEM5A0Gg&gdpr=0

Request Chain 111

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=&expires=30

Request Chain 112

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/mTz_zJmsBn0qVTfFbtaIJw?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l.YTGEZE2oLYwcqxwCgWh95UsQSgGT7LwItE2g--~A

Request Chain 113

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ0ZDVhNTNjYjY3ZTFjZWFiMDEyYmY3NzM1M2ViYzJjMzliM2M5Yg&gdpr=0

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDJfyl1ipV54AaFaCx8Qg9I&google_cver=1

Request Chain 115

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRNV1YG1-J-MAFK&gdpr=0

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LRNV1YG1-J-MAFK&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 117

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFDG07LWtIAABMEeIf3cw&expires=30&gdpr=0

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LRNV1YG1-J-MAFK&gdpr=0

Request Chain 119

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRNV1YG1-J-MAFK&gdpr=0

Request Chain 120

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRNV1YG1-J-MAFK&redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRNV1YG1-J-MAFK&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ1Z2XzloRTJ1R3lla0tJRDR0aFMyOHJUc2lnZlI4bn5B&gdpr=0&ovsid=LRNV1YG1-J-MAFK&dpid=58160

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LRNV1YG1-J-MAFK&gdpr=0

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRNV1YG1-J-MAFK&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK&ckls=true&ci=XKecrrGwtM&nc=false&trid=-1276761109

Request Chain 124

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRNV1YG1-J-MAFK HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LRNV1YG1-J-MAFK HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRNV1YG1-J-MAFK&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 127

https://id5-sync.com/i/231/8.gif?id5id=ID5*WPO4HVnxKY4dhT5TPSAZVReEQ-aoa1CXyQVpVv2-37x-L2vT5puDo-hb_MnO-knafjHGLF0kjqo8x3q8gxK7qg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/2/7/2.gif?puid=3260914407063291663&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/796/6/3.gif?puid=0ec5a4f2-091f-4854-acf2-a49a7ce74bf5&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/231/203/5/4.gif?puid=f1766ae9-78e7-4bf8-80db-c924066b47b1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/108/4/5.gif?puid=10a8dc1a-dfed-49d1-b283-a61357596488&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/231/429/3/6.gif?puid=4F05F617-5E20-430B-8C9B-CADAFD10E4D5&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=58&3pid=4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F1242%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/231/1242/2/7.gif?puid=IB6RhLZHiYyLg5XZS4GOwoZF&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-963fODSi9XxAtShc5ZIudkHIncmu2-yowOItnHtUxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F1%2F8.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/231/124/1/8.gif?puid=222d2970-d841-40e2-9eff-1177561a87d1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AAFDG07LWtIAABMEeIf3cw&id5AccountNum=155&numCascadesAllowed=9

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aznews.vip/ 71 KB
16 KB 1228ms
597ms Document
text/html 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

3073c8039ce24032bde836c698f2bec8d8237cb41dca18b3e3f9ca449f688f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 18:57:25 GMT
link: <https://aznews.vip/wp-json/>; rel="https://api.w.org/"
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-powered-by: WPTangTocOLS
x-xss-protection: 1;mode=block

GET
H2 200 style.min.css
aznews.vip/wp-includes/css/dist/block-library/ 107 KB
13 KB 303ms
298ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13280
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: LiteSpeed
etag: "1add3-6547efb0-100576;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 base.min.css
aznews.vip/wp-content/themes/jannah/assets/css/ 43 KB
8 KB 304ms
299ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/css/base.min.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

f023e794d34f1a6587b34eeed9e12f2aa134c010860c98e9f32a528e912452ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8313
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 19 Nov 2023 12:00:30 GMT
server: LiteSpeed
etag: "ab63-6559f8de-61359;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 style.min.css
aznews.vip/wp-content/themes/jannah/assets/css/ 153 KB
24 KB 304ms
300ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/css/style.min.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

1ca0680c88a40021340bacf76fe43ce39d7943184fe189f12986e734b4407d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 23981
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 12:16:44 GMT
server: LiteSpeed
etag: "26400-654b7c2c-6157b;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 widgets.min.css
aznews.vip/wp-content/themes/jannah/assets/css/ 46 KB
8 KB 601ms
596ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/css/widgets.min.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

b164963a8c9343cf6c2f7dab172aa7ea7e0deeead44f488e35eeb899c0fd1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8163
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 05:24:48 GMT
server: LiteSpeed
etag: "b973-65238ea0-6157d;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 helpers.min.css
aznews.vip/wp-content/themes/jannah/assets/css/ 38 KB
7 KB 602ms
598ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/css/helpers.min.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

c6469912dbc49c4b446b40704454592d3f7ba04bb5497b4360a4a489aaf3244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7256
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Oct 2023 07:15:56 GMT
server: LiteSpeed
etag: "9966-65264bac-6135d;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 fontawesome.css
aznews.vip/wp-content/themes/jannah/assets/css/ 57 KB
12 KB 602ms
599ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/css/fontawesome.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12040
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 04 Jul 2020 06:01:46 GMT
server: LiteSpeed
etag: "e526-5f001b4a-6135b;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 skin.css
aznews.vip/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 603ms
599ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2039
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 14 Nov 2020 14:20:14 GMT
server: LiteSpeed
etag: "2ef2-5fafe79e-1003f7;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 style.css
aznews.vip/wp-content/themes/jannah-child/ 602 B
394 B 604ms
600ms Stylesheet
text/css 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah-child/style.css?ver=6.4.2

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

d020600f12c7f01e28904df701750c46c4f005f10ed07f0852a4bc33d7854165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 299
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Nov 2019 18:40:19 GMT
server: LiteSpeed
etag: "25a-5de01493-61351;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 jquery.min.js Show response
aznews.vip/wp-includes/js/jquery/ 86 KB
29 KB 604ms
601ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 29597
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: LiteSpeed
etag: "15601-64ecd5ef-100c60;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
aznews.vip/wp-includes/js/jquery/ 13 KB
5 KB 896ms
893ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4679
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: LiteSpeed
etag: "3509-6482bd64-100c58;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 109ms
47ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0FM7NMYDZT

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71ae40966266246002a8634c2e938cff7a1ed036831a1f44d3dd5f71957fa61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 18:57:27 GMT

GET
H2 200 aznews.vip.1576239.js Show response
jsc.mgid.com/a/z/ 4 KB
2 KB 178ms
96ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/a/z/aznews.vip.1576239.js

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eedf6eb1e4265839257f494457433fb36037a1f41554fc185ed2258dfec72d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-amz-version-id: eM0EZpdPikT_AXIJ7pm3ZFSTUPhHzzJs
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7PXHKBRHZ1J0DY78
cf-polished: origSize=3743
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aCIRFcMvX2RfnSAqXw59yC21w37gaYkVd4QoIP0ak/QDmXJ5lNFy2f8P7dVF/6BMtLZFHx0NoGg=
cf-bgj: minify
last-modified: Sat, 20 Jan 2024 15:57:17 GMT
server: cloudflare
etag: W/"ec411a88a87d842f538663858aa7330e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8491c87518094bc0-BUF
expires: Sun, 21 Jan 2024 21:57:27 GMT

GET
H2 200 LOGO.png
aznews.vip/wp-content/uploads/2024/01/ 4 KB
5 KB 604ms
601ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/LOGO.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

475da16463289cc74220bc98e8d08c8336f60ea4276c0a1f4832ca652e3c856f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4561
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 20 Jan 2024 03:18:59 GMT
server: LiteSpeed
etag: "11d1-65ab3ba3-6019;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 Nicki-Minaj-17-scaled-1-390x220.jpg
aznews.vip/wp-content/uploads/2024/01/ 14 KB
14 KB 897ms
895ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/Nicki-Minaj-17-scaled-1-390x220.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

8fdc0815d8729a1bd04e0cd23578885bcbf26be1ef876807606fd7ce268394a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 14041
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:54:08 GMT
server: LiteSpeed
etag: "36d9-65ad6850-1013ca;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H2 200 chrome_YTvYC7xyiV-390x220.png
aznews.vip/wp-content/uploads/2024/01/ 143 KB
144 KB 605ms
603ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/chrome_YTvYC7xyiV-390x220.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

bf0a8556dc6fa4f9eda69f406f43f63a2f57978525bd4fbd1f82f66b2b1da154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:26 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 146917
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:26:25 GMT
server: LiteSpeed
etag: "23de5-65ad61d1-1013c0;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:26 GMT

GET
H3 200 scripts.min.js Show response
aznews.vip/wp-content/themes/jannah/assets/js/ 23 KB
7 KB 293ms
293ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/js/scripts.min.js?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

8b58887660dca72c67a2ddc08f2ef9e1ee892069a712b287038821f04a31a2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6952
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 12:49:52 GMT
server: LiteSpeed
etag: "5c6a-650aea70-100e2a;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 lightbox.js Show response
aznews.vip/wp-content/themes/jannah/assets/ilightbox/ 80 KB
24 KB 291ms
289ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24147
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Feb 2022 06:29:32 GMT
server: LiteSpeed
etag: "13e34-6209f6cc-1003fb;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 desktop.min.js Show response
aznews.vip/wp-content/themes/jannah/assets/js/ 18 KB
6 KB 322ms
320ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/js/desktop.min.js?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

b66fc18fef504d695b9c3dd1596d4fce5f282ac0fa71709302ed647c76292a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5578
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Oct 2023 06:55:14 GMT
server: LiteSpeed
etag: "4721-6528e9d2-100e1a;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 live-search.js Show response
aznews.vip/wp-content/themes/jannah/assets/js/ 14 KB
4 KB 333ms
331ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/js/live-search.js?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4469
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Jul 2020 13:48:28 GMT
server: LiteSpeed
etag: "3909-5f0f092c-100e27;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 br-news.js Show response
aznews.vip/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 347ms
345ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/js/br-news.js?ver=7.0.6

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1792
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Feb 2021 13:24:28 GMT
server: LiteSpeed
etag: "15da-6035020c-100e17;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
BLOB 200
OK 159763c4-4ef7-403a-9e48-d35f85eefb97
https://aznews.vip/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aznews.vip/159763c4-4ef7-403a-9e48-d35f85eefb97
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 tielabs-fonticon.ttf
aznews.vip/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
24 KB 333ms
332ms Font
application/x-font-ttf 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf?ciufdj

Requested by

Host: aznews.vip
URL: https://aznews.vip/wp-content/themes/jannah/assets/css/helpers.min.css?ver=7.0.6

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

af1b202f16299aa05efb9d5c07aeadea3171ae3530ca5873c8e100c46cfacec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://aznews.vip/wp-content/themes/jannah/assets/css/helpers.min.css?ver=7.0.6
Origin: https://aznews.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 23959
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 15:19:00 GMT
server: LiteSpeed
etag: "9f88-650b0d64-1003e1;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 maxresdefault-15-390x220.jpg
aznews.vip/wp-content/uploads/2024/01/ 15 KB
15 KB 1779ms
1778ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/maxresdefault-15-390x220.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

89fdffd15336c36e35139778245c7ec7fcd91b867bb90c824b25711bd54dcc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15473
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:08:28 GMT
server: LiteSpeed
etag: "3c71-65ad5d9c-1013a7;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 disturbed-taylor-swift-390x220.jpg
aznews.vip/wp-content/uploads/2024/01/ 16 KB
17 KB 567ms
563ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/disturbed-taylor-swift-390x220.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

16ee60ffe5ed2841a04fa05e023ac3586e9d668fff3dd6d89c592e1d5debeb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 16790
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:32:22 GMT
server: LiteSpeed
etag: "4196-65ad5526-10139f;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-3-1-390x220.png
aznews.vip/wp-content/uploads/2024/01/ 140 KB
140 KB 570ms
565ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-3-1-390x220.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

1571d61fe546ed39d705bb8bc17b65506bd566f671fafb4061ee017b3c6e03c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 143175
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:29:08 GMT
server: LiteSpeed
etag: "22f47-65ad5464-101398;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 0_gf-390x220.jpg
aznews.vip/wp-content/uploads/2024/01/ 16 KB
16 KB 575ms
572ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/0_gf-390x220.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

d4cced439e4051398865f9f3441d7ab12b79cb9ce3168d7a6a66a87f39c3b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 16432
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:22:45 GMT
server: LiteSpeed
etag: "4030-65ad52e5-101391;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 usatsi_14383873_168389536_lowres-390x220.jpg
aznews.vip/wp-content/uploads/2024/01/ 18 KB
18 KB 578ms
575ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/usatsi_14383873_168389536_lowres-390x220.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

2326d054f6592918d0f4a49fd11e4dac6d9a8c6b7c491c2d2c35fcff0481b124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 17938
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:16:04 GMT
server: LiteSpeed
etag: "4612-65ad5154-10138a;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-3-390x220.png
aznews.vip/wp-content/uploads/2024/01/ 133 KB
133 KB 582ms
579ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-3-390x220.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

2d5dee3056fb4d7691680429196d99e945d901270ca90b21f65df193783e4e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 136000
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:10:12 GMT
server: LiteSpeed
etag: "21340-65ad4ff4-101383;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-2-390x220.png
aznews.vip/wp-content/uploads/2024/01/ 141 KB
141 KB 602ms
599ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-2-390x220.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

5fd17e79a229038725b50601c6999b255798ebb75ab676b0eb3085d469b576ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 144304
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 15:53:50 GMT
server: LiteSpeed
etag: "233b0-65ad3e0e-101375;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 Nicki-Minaj-17-scaled-1-220x150.jpg
aznews.vip/wp-content/uploads/2024/01/ 6 KB
6 KB 603ms
600ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/Nicki-Minaj-17-scaled-1-220x150.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

7c3c27729a25ea557c816a8b6570dd77edc76d15ab8170f0f3f538732cceb1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6508
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:54:07 GMT
server: LiteSpeed
etag: "196c-65ad684f-1013c9;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 chrome_YTvYC7xyiV-220x150.png
aznews.vip/wp-content/uploads/2024/01/ 63 KB
63 KB 607ms
604ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/chrome_YTvYC7xyiV-220x150.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

b8da6b4dd8808a841292aee4a27fb3935dc309489374ad3a10950c2318866a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 64756
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:26:25 GMT
server: LiteSpeed
etag: "fcf4-65ad61d1-1013bf;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 maxresdefault-15-220x150.jpg
aznews.vip/wp-content/uploads/2024/01/ 7 KB
7 KB 611ms
608ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/maxresdefault-15-220x150.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

fbc914af59a356c910efaa15ef99e91e19a69d7eab59192ad4b2177640bb3238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7435
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 18:08:27 GMT
server: LiteSpeed
etag: "1d0b-65ad5d9b-1013a6;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 disturbed-taylor-swift-220x150.jpg
aznews.vip/wp-content/uploads/2024/01/ 8 KB
9 KB 614ms
611ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/disturbed-taylor-swift-220x150.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

c54463859b86bcfe01382ad46175381c6ab830ab62cadc581980ed8f16734ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8671
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:32:22 GMT
server: LiteSpeed
etag: "21df-65ad5526-10139e;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-3-1-220x150.png
aznews.vip/wp-content/uploads/2024/01/ 57 KB
58 KB 618ms
615ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-3-1-220x150.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

15b465473799d5c641e84c426f074cec84eb1c6c1b316b7c819bb564afaa44d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 58746
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:29:08 GMT
server: LiteSpeed
etag: "e57a-65ad5464-101397;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 0_gf-220x150.jpg
aznews.vip/wp-content/uploads/2024/01/ 8 KB
8 KB 622ms
619ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/0_gf-220x150.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

5c225159973dbdaaace6fb86605be7d0b2b19aa8285cdfc3b9c7e49f53798642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7848
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:22:45 GMT
server: LiteSpeed
etag: "1ea8-65ad52e5-101390;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 usatsi_14383873_168389536_lowres-220x150.jpg
aznews.vip/wp-content/uploads/2024/01/ 8 KB
8 KB 624ms
622ms Image
image/jpeg 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/usatsi_14383873_168389536_lowres-220x150.jpg

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

a0d5939513ba5f911fbbdb6e5c4f1cf764a72bc211e8e64b7ef1f03b44ea3d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8390
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:16:04 GMT
server: LiteSpeed
etag: "20c6-65ad5154-101389;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-3-220x150.png
aznews.vip/wp-content/uploads/2024/01/ 57 KB
57 KB 629ms
627ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-3-220x150.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

8e1dea1498f143bea957b0a99a7385f162697261178cc0a788e3e21c9dad15fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 58134
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 17:10:12 GMT
server: LiteSpeed
etag: "e316-65ad4ff4-101382;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H3 200 image-2-220x150.png
aznews.vip/wp-content/uploads/2024/01/ 62 KB
62 KB 632ms
630ms Image
image/png 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aznews.vip/wp-content/uploads/2024/01/image-2-220x150.png

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

f32f6a762680eb944ea8397fc3033827ef482c8132adfff2469aec254e1a3b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 63484
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 15:53:50 GMT
server: LiteSpeed
etag: "f7fc-65ad3e0e-101374;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 97ms
37ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0FM7NMYDZT&gtm=45je41h0v9175722916&_p=1705863447756&gcd=11l1l1l1l1&dma=0&cid=1115762551.1705863448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705863447&sct=1&seg=0&dl=https%3A%2F%2Faznews.vip%2F&dt=AZ%20NEWS%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2367
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0FM7NMYDZT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aznews.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aznews.vip.1576239.es6.js Show response
jsc.mgid.com/a/z/ 312 KB
96 KB 264ms
232ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffddd249f6a700c6a8a97ef0dc80497347d4b7ab6c390de479e0665647a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://aznews.vip/
Origin: https://aznews.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:28 GMT
x-amz-version-id: 6mxwThxrAuFgjp.ACfrKqqw5cyqjCN2X
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: K5GDV5BWT4EQ2QF5
cf-polished: origSize=319428
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3OG+Tc0ORIryJeW0w4bz2sy+UbbFvi3XIXfuC7Qlv6fzwyCgVMRiyTIL7BMNpzkHZ4nahglAc0A=
cf-bgj: minify
last-modified: Sat, 20 Jan 2024 15:57:17 GMT
server: cloudflare
etag: W/"5a36e39a6a7b70cda928b6e5ba97d086"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8491c8761dc24bcd-BUF
expires: Sun, 21 Jan 2024 21:57:28 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 83ms
24ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:30:03 GMT

GET
H3 200 wp-emoji-release.min.js Show response
aznews.vip/wp-includes/js/ 18 KB
5 KB 294ms
293ms Script
application/x-javascript 103.118.29.139
IDATA-VN IDATA TE...

General

Check archive.org

Show headers Download Go to

Full URL

https://aznews.vip/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

103.118.29.139 Bac Giang, Viet Nam, ASN150834 (IDATA-VN IDATA TECHNOLOGY SOLUTIONS COMPANY LIMITED, VN),

Reverse DNS

Software

LiteSpeed / WPTangTocOLS

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4611
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: LiteSpeed
etag: "4904-63db0985-100cf8;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
expires: Mon, 20 Jan 2025 18:57:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
902 B 96ms
40ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 18:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 18:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 18:57:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 709ms
24ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aznews.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:09:10 GMT
x-content-type-options: nosniff
age: 193698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:09:10 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 711ms
27ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aznews.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:40:01 GMT
x-content-type-options: nosniff
age: 191847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:40:01 GMT

GET
BLOB 200
OK 60ff5ded-c4dd-4ddc-bdcd-700ee3c81156
https://aznews.vip/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aznews.vip/60ff5ded-c4dd-4ddc-bdcd-700ee3c81156
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 42744938-774c-424a-987e-4245c2284295
https://aznews.vip/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aznews.vip/42744938-774c-424a-987e-4245c2284295
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 80ms
58ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Faznews.vip%2F&cbuster=1705863449068671044430&pvid=18d2d6289ec81abf066&implVersion=11&cxurl=https%3A%2F%2Faznews.vip%2F&site=936826&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8491c87cedad4bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
BLOB 206
Partial Content d95fd7ea-c590-437f-b3d2-e404f91bd558
https://aznews.vip/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aznews.vip/d95fd7ea-c590-437f-b3d2-e404f91bd558
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.mgid.com/1576239/ 2 KB
1 KB 136ms
114ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1576239/1?mp4=1&ap=1&w=1600&h=0&wrongImageSize=1&cols=1&sessionId=65ad6919-03d47&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Faznews.vip%2F&cbuster=1705863449261759720703&pvid=18d2d6289ec81abf066&implVersion=11&cxurl=https%3A%2F%2Faznews.vip%2F&scum=%3F0&scuw=%3F0&consentStrLen=0&uniqId=12855&niet=4g&nisd=false&pv=5&lct=1705708800&jsv=es6&pageView=1&dpr=1&ref=&tfre=2427

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7496ec50754fbdb174ea8696bc144c9b8ce5c49d9be0c3dd2199c01c6eb1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8491c87e1e6d4bc0-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU4MCx5XzMyNi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8zN...
s-img.mgid.com/g/16789107/200x200/-/ 5 KB
5 KB 442ms
94ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16789107/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzU4MCx5XzMyNi9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8zNjY5MDQvMDE4MDRhNTViZDM0ZWQ1Mzg4MjNjNjRmZDgyNTYxMWIucG5n.webp?v=1705863449-_0n8FCMj6FOxUJ0fjg-G6YvmXdwGYoeYLFykgL6hFno

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb285b60b982be3eae5d15e68c7db94aebcf045662042ba7a8c23c7aa9e67a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://aznews.vip/
Origin: https://aznews.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 13:44:36 GMT
x-mg-request-uuid: 3588efbc-da82-4af1-b247-fe4c62e427cd
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8491c8810a184bcf-BUF
content-length: 4846
alt-svc: h3=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 4 KB
2 KB 57ms
56ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?muid=o0lt-HrhwjVa&cbuster=1705863449412229682312

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72a391ad730c07c212af47ef8a92e8d9ef970886b8af6fe898890fae52c5869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c87eeef54bc0-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 379ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: FPKVXHKK6PS05GEB
age: 3160
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8491c8810ba94bbd-BUF
x-amz-id-2: alIa9OIJKxeEOeFr0rREGsyn3fTT85NhF1L9ygj38iHUeWLp3bzmORRA1OIKOo0KdgwZC6bnxp4=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 366ms
27ms Script
application/javascript 23.58.91.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.58.91.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-91-123.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109218
accept-ranges: bytes
content-length: 63913
expires: Tue, 23 Jan 2024 01:17:47 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 9D3D 1 KB
855 B 136ms
45ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=o0lt-HrhwjVa&cbuster=1705863449412229682312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://aznews.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1946
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 8491c881be0d4bc9-BUF
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 18:57:29 GMT
last-modified: Sun, 21 Jan 2024 18:25:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D457 5 KB
2 KB 82ms
26ms Document
text/html 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=o0lt-HrhwjVa&cbuster=1705863449412229682312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

692c38382dbf4ada5e12d0cc3fc3eca6cdbe54abe14a40a63d0448fb5ec07bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://aznews.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1663
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 44FC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

281 B
555 B

507ms
35ms

Document
text/html

23.56.163.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=o0lt-HrhwjVa&cbuster=1705863449412229682312
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-106.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://aznews.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 18:57:30 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 21 Jan 2024 18:57:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
server: AkamaiGHost

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame FF11
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1

2 KB
2 KB

99ms
30ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=o0lt-HrhwjVa&cbuster=1705863449412229682312
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 0c31e353eede990e0ade70686675c885704410dca8db101b186d8fb21fbae4f5

Request headers

Referer: https://aznews.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1570
content-type: text/html
date: Sun, 21 Jan 2024 18:57:29 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Sun, 21 Jan 2024 18:57:29 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

GET
H2

200

1000.gif
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712056.gif?
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJnSta0GEgUI6AcQAEIASgA

42 B
302 B

61ms
59ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJnSta0GEgUI6AcQAEIASgA
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 21 Jan 2024 18:57:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJnSta0GEgUI6AcQAEIASgA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D
https://cm.mgid.com/m?cdsp=737576&c=e52953b8-af27-5203-37a9-969c72b4f8a1

43 B
286 B

55ms
55ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=737576&c=e52953b8-af27-5203-37a9-969c72b4f8a1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c881f9784bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

access-control-max-age: 3600
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type: text/plain; charset=utf-8
location: https://cm.mgid.com/m?cdsp=737576&c=e52953b8-af27-5203-37a9-969c72b4f8a1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 88

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=0&gdpr_consent=&gdpr_pd=

57 B
655 B

426ms
52ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 18:57:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Sun, 21 Jan 2024 18:57:30 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=0&gdpr_consent=&gdpr_pd=
Date: Sun, 21 Jan 2024 18:57:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://cm.mgid.com/m?cdsp=501037&c=Aw2HJkzaFEAVCXWpNc8j6BvNL4N230CW7lDmH6wIHyk&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

43 B
543 B

61ms
59ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=501037&c=Aw2HJkzaFEAVCXWpNc8j6BvNL4N230CW7lDmH6wIHyk&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c8863da44bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=Aw2HJkzaFEAVCXWpNc8j6BvNL4N230CW7lDmH6wIHyk&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT, Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=827026&c=0f3607b9-9ce6-5236-a5d7-cffc499b1b67

43 B
531 B

62ms
62ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=827026&c=0f3607b9-9ce6-5236-a5d7-cffc499b1b67

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c88239334bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:29 GMT
Server: nginx
Location: https://cm.mgid.com/m?cdsp=827026&c=0f3607b9-9ce6-5236-a5d7-cffc499b1b67
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
158 B 145ms
61ms Image
image/gif 2606:4700::6813:9722
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.idealmedia.io/setmuidn/?muidf=o0lt-HrhwjVa

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8491c881bab64bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/match?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=

70 B
440 B

40ms
40ms

Image
image/gif

54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 18:57:30 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=dn2m51u&uid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=
Date: Sun, 21 Jan 2024 18:57:29 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=222d2970-d841-40e2-9eff-1177561a87d1

43 B
512 B

68ms
64ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=665953&c=222d2970-d841-40e2-9eff-1177561a87d1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c88289914bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=222d2970-d841-40e2-9eff-1177561a87d1
access-control-allow-origin: *
date: Sun, 21 Jan 2024 18:57:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=8e447b40-85c9-4c5f-a58d-7cd9472e9be8

43 B
543 B

55ms
54ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=287839&c=8e447b40-85c9-4c5f-a58d-7cd9472e9be8

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c885fd5d4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=8e447b40-85c9-4c5f-a58d-7cd9472e9be8
date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bzBsdC1Icmh3alZh&muidn=o0lt-HrhwjVa
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bzBsdC1Icmh3alZh&muidn=o0lt-HrhwjVa&google_tc=
https://cm.mgid.com/google?muidn=o0lt-HrhwjVa&google_ula={guid},5&google_gid=CAESEA32omuiUkFbzUP3HnIAPGo&google_cver=1

0
137 B

56ms
54ms

Image
text/plain

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/google?muidn=o0lt-HrhwjVa&google_ula={guid},5&google_gid=CAESEA32omuiUkFbzUP3HnIAPGo&google_cver=1

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cf-ray: 8491c882fa024bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=o0lt-HrhwjVa&google_ula={guid},5&google_gid=CAESEA32omuiUkFbzUP3HnIAPGo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

mtp236.gif
eu.ck-ie.com/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&ccpa_consent=
https://eu.ck-ie.com/mtp236.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&redir=https%3A%2F%2Fsync.e-volution.ai%2Ff2ee84aa02d6bdbd811eca8a4368e40c.gif%3Fpuid%3D%7B%24PARTNER_UID%7D

0
0

GET
H2 400 sync
t.adx.opera.com/pub/ 0
412 B 511ms
103ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy=
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNUY2MTctNUUyMC00MzBCLThDOUItQ0FEQUZEMTBFNEQ1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=%24%7BUS_PRIVACY%7D
https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

43 B
559 B

56ms
55ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c8878ee84bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5
date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cookie
cm.adform.net/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3...
https://prebid.a-mo.net/cchain/0/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=3...
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8...
https://prebid.a-mo.net/cchain/1/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=IB6R...
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af...
https://prebid.a-mo.net/cchain/2/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=4...
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e8...
https://prebid.a-mo.net/cchain/3/219?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=98...
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F219%3Fus_privacy%3D1---%26gpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af...
https://prebid.a-mo.net/cchain/4/219?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=98e2d5af-e15a-4fd8-a03d-e82f7269ced5&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9N...
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-...

43 B
106 B

414ms
113ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:31 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F219%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D98e2d5af-e15a-4fd8-a03d-e82f7269ced5%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true
https://cm.mgid.com/m?cdsp=709070&c=IB6RhLZHiYyLg5XZS4GOwoZF

43 B
527 B

66ms
66ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=709070&c=IB6RhLZHiYyLg5XZS4GOwoZF

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c8855cab4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Date: Sun, 21 Jan 2024 18:57:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.mgid.com/m?cdsp=709070&c=IB6RhLZHiYyLg5XZS4GOwoZF
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.rtbsystem.com/mgid?c=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
https://cm.mgid.com/m?cdsp=556372&c=d4f76eec-dd4c-5df1-819c-621bba2cd27c

43 B
528 B

58ms
57ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=556372&c=d4f76eec-dd4c-5df1-819c-621bba2cd27c

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c885ad0c4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVytnRWDl9TCImw8%2FprNQLgBhdHZAvjug%2Bf1fJJtk0R9w1hx%2FUVCW%2Bl5Yxi4%2BW%2BoLzpc7hz1rll9VBbpZE5QxEeKfrMxuAEiXvFuRX9EeLomS6s%2FcZuOqrDdoDAGoZY6cayVj5YgAgqeinQh4CDh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
location: https://cm.mgid.com/m?cdsp=556372&c=d4f76eec-dd4c-5df1-819c-621bba2cd27c
cf-ray: 8491c884efd94bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=675043&c=08194e27-8fb1-4dc1-9d87-a7fd93463592

43 B
528 B

54ms
54ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=675043&c=08194e27-8fb1-4dc1-9d87-a7fd93463592

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c8857cc14bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Server: nginx
Location: https://cm.mgid.com/m?cdsp=675043&c=08194e27-8fb1-4dc1-9d87-a7fd93463592
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=o0lt-HrhwjVa&
https://pippio.com/api/sync?pid=5324&it=1&iv=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442&expected_cookie=2fd1daa5-1f6d-4a4a-a96c-d603975f55be

0
142 B

129ms
128ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442&expected_cookie=2fd1daa5-1f6d-4a4a-a96c-d603975f55be
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 896825D57DA64D34A64D814CA923CF6B Ref B: NYCEDGE1408 Ref C: 2024-01-21T18:57:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPeUkIHozPIA/JWwxBJA==

Redirect headers

date: Sun, 21 Jan 2024 18:57:30 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6848C937B9B54B59A941C0D732DCB0D0 Ref B: NYCEDGE1408 Ref C: 2024-01-21T18:57:30Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=3132a3452ad61a427da0deb778bde902bd88cbbaea95d4227e224dad797b9ce4791426b5417dce21&rand=01787442&expected_cookie=2fd1daa5-1f6d-4a4a-a96c-d603975f55be
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPeUkFcekTHeTVhnn2Ew==

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=19ec65ad-691a-4c00-935d-2a887adcf91b&gdpr=0&gdpr_consent=

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=19ec65ad-691a-4c00-935d-2a887adcf91b&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sun, 21 Jan 2024 18:57:30 GMT
Server: MT3 1237 600843f master ord ord-pixel-x6 config_version:"2538"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=19ec65ad-691a-4c00-935d-2a887adcf91b&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Jan 2024 18:57:29 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LRNV1YG1-J-MAFK&gdpr=0

0
340 B

27ms
23ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LRNV1YG1-J-MAFK&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LRNV1YG1-J-MAFK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3260914407063291663

0
340 B

43ms
24ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3260914407063291663

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
an-x-request-uuid: a0a7564d-de2b-426f-837e-2f6663512076
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3260914407063291663
x-proxy-origin: 96.9.249.37; 96.9.249.37; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=9c88a465d1437ce81502a726e33eec&gdpr_consent=&gdpr=0

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=9c88a465d1437ce81502a726e33eec&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=9c88a465d1437ce81502a726e33eec&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1705863450357077-1160

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame D457 42 B
928 B 515ms
30ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=df10a999-689e-4946-8a94-878eddf7a666

0
340 B

26ms
24ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=df10a999-689e-4946-8a94-878eddf7a666

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=df10a999-689e-4946-8a94-878eddf7a666
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU5f44ebd3c79445b3a1026209f2c98a8d

0
340 B

28ms
28ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU5f44ebd3c79445b3a1026209f2c98a8d

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU5f44ebd3c79445b3a1026209f2c98a8d
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D457
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ&google_tc=

170 B
243 B

61ms
60ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjS1ijU1DRcV8bcCU7Mm7IKUyJMXVZ3DxWQ&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=2391074174732800461

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=2391074174732800461

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=2391074174732800461
date: Sun, 21 Jan 2024 18:57:30 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D457
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI

43 B
479 B

456ms
33ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GQJBRRC5N44HDM0KECQ6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

m
cm.mgid.com/ Frame D457
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkI0ODlCQzUtRkI1Qy00MTExLUEzQ0UtM0QwQjJGMkI3OUI3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=%24%7BUS_PRIVACY%7D
https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

43 B
559 B

57ms
56ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c8878eed4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=4F05F617-5E20-430B-8C9B-CADAFD10E4D5
date: Sun, 21 Jan 2024 07:37:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC59zivcJTE5P277lKWZbWU&google_cver=1

0
340 B

28ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC59zivcJTE5P277lKWZbWU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEC59zivcJTE5P277lKWZbWU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=Y04irmNTLiQO&ev=1&us_privacy=&pid=562985

0
340 B

27ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=Y04irmNTLiQO&ev=1&us_privacy=&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=Y04irmNTLiQO&ev=1&us_privacy=&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6658dc8946-j8j82
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=750d5c12afbf05dc&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABZW3nLA-3jgMdrh8mAAAAAAA&expiration=1705949850

0
340 B

26ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABZW3nLA-3jgMdrh8mAAAAAAA&expiration=1705949850

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAABZW3nLA-3jgMdrh8mAAAAAAA&expiration=1705949850
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-40ldO6dE2uFZoFLTmhDg3eGNsTx0H1Mu0s08YZw-~A

0
340 B

27ms
24ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-40ldO6dE2uFZoFLTmhDg3eGNsTx0H1Mu0s08YZw-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-40ldO6dE2uFZoFLTmhDg3eGNsTx0H1Mu0s08YZw-~A
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=

0
340 B

28ms
28ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=
date: Sun, 21 Jan 2024 18:57:30 GMT
server: Kestrel
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame D457
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=2810316570262142694&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=&gdpr_consent=&us_privacy=

0
340 B

29ms
28ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=d907b300-3215-4b4e-b524-0559fa5cd41c&gdpr=&gdpr_consent=&us_privacy=
Date: Sun, 21 Jan 2024 18:57:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 m
cm.mgid.com/ Frame D457 43 B
286 B 63ms
50ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=834098&c=ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI&gdpr=0&consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=o0lt-HrhwjVa&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c881e9724bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame A609 0
0 2409ms
2374ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8491c8828ee64bc9-BUF
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 18:57:32 GMT
server: cloudflare
vary: Accept-Encoding Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 44FC 40 KB
11 KB 31ms
31ms Script
text/html 23.56.163.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-106.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 592527b75a0ebc892d4f4bd1af4deeb16a28a9177557c1de633c749765673635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 18:57:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Jan 2024 17:16:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80318
Connection: keep-alive
Content-Length: 10962
Expires: Mon, 22 Jan 2024 17:16:08 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 44FC 7 B
862 B 97ms
32ms XHR
application/json 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B08C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
555 B

28ms
27ms

Document
text/html

23.56.163.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-106.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 18:57:30 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 21 Jan 2024 18:57:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H3

200

m
cm.mgid.com/ Frame FF11
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1705863450472.&ri=0013300001hSPhhAAG&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
https://cm.mgid.com/m?cdsp=796887&c=212428766416142

43 B
544 B

55ms
54ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=796887&c=212428766416142

Requested by

Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c885fd594bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP013
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cm.mgid.com/m?cdsp=796887&c=212428766416142
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame FF11
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://r.bidswitch.net/sync?bidswitch_ssp_id=the33across&bsw_custom_parameter=d907b300-3215-4b4e-b524-0559fa5cd41c
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=d907b300-3215-4b4e-b524-0559fa5cd41c&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=d907b300-3215-4b4e-b524-0559fa5cd41c&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=10a8dc1a-dfed-49d1-b283-a61357596488%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&ttd_puid=10a8dc1a-dfed-49d1-b283-a61357596488%2Chttps%253A%252F%252Fx.bidswitch.net%...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=the33across&bsw_param=d907b300-3215-4b4e-b524-0559fa5cd41c
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=d907b300-3215-4b4e-b524-0559fa5cd41c
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=d907b300-3215-4b4e-b524-0559fa5cd41c&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

36ms
36ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=d907b300-3215-4b4e-b524-0559fa5cd41c&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:31 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP012
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=d907b300-3215-4b4e-b524-0559fa5cd41c&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame FF11
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1705863450472.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=19ec65ad-691a-4c00-935d-2a887adcf91b

68 B
117 B

219ms
35ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=19ec65ad-691a-4c00-935d-2a887adcf91b
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Sun, 21 Jan 2024 18:57:30 GMT
Server: MT3 1237 600843f master ord ord-pixel-x1 config_version:"2538"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=19ec65ad-691a-4c00-935d-2a887adcf91b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 21 Jan 2024 18:57:29 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame FF11
Redirect Chain

https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true
https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS~A
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS%7EA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
216 B

178ms
33ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS%7EA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-tRdbuBJE2uGxuIdMiEfGqbFT.zE279xS%7EA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame FF11
Redirect Chain

https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1f907f73e31b03ee&is_secure=true&networkId=78390&version=1&us_privacy=
https://ssc-cms.33across.com/ps?xi=64&xu=AAABZRL0Gs80dgNE5S4yAAAAAAA&expiration=1705949850&is_secure=true&us_privacy=
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABZRL0Gs80dgNE5S4yAAAAAAA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
117 B

112ms
36ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABZRL0Gs80dgNE5S4yAAAAAAA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP014
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABZRL0Gs80dgNE5S4yAAAAAAA&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame FF11
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=801852153427027854391
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=801852153427027854391&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
117 B

116ms
34ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=33&external_user_id=801852153427027854391&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=33&external_user_id=801852153427027854391&ts=1705863450&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3

200

m
cm.mgid.com/ Frame 44FC
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LRNV1YC1-24-GXOJ
https://cm.mgid.com/m?cdsp=43070&c=LRNV1YC1-24-GXOJ&gdpr=0

43 B
575 B

57ms
56ms

Image
image/gif

2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=43070&c=LRNV1YC1-24-GXOJ&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8491c888e8504bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LRNV1YC1-24-GXOJ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B08C 40 KB
11 KB 32ms
31ms Script
text/html 23.56.163.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-106.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 592527b75a0ebc892d4f4bd1af4deeb16a28a9177557c1de633c749765673635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 18:57:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Jan 2024 17:16:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80318
Connection: keep-alive
Content-Length: 10962
Expires: Mon, 22 Jan 2024 17:16:08 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B08C 7 B
829 B 31ms
31ms XHR
application/json 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LRNV1YC1-24-GXOJ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H3 200 c
c.mgid.com/ 43 B
229 B 57ms
57ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?v=324|112|28|-AdEXyjsPPRzl9C1jiCm2hJLLBk6-vtn-YF3V3Kond4pk1ddrdt3x0b8WaekVgGyFENmF5Xfk86jMN6qADDJcg**&fw=1&f=1&cid=1576239&cbuster=1705863450639292774820&pageImp=1&pvid=18d2d6289ec81abf066&pv=3&h2=aHiBFlkmhgWQShAV2Kk0QngVEO8xYFhEN9Ohe1amdyn92i9qXJsHR2FuKv840ELe&rid=ecd38766-b88e-11ee-8a28-c84bd684dfc2&tt=Direct&iv=11&completion=1,1&muidn=o0lt-HrhwjVa

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: 427ccec2-f711-4770-8d64-8de9b915ff6c
server: cloudflare
content-type: image/gif
cf-ray: 8491c8869e0e4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 44FC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-oXOiHrHQtiCrztCotKeeg&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-oXOiHrHQtiCrztCotKeeg&gdpr=0

43 B
479 B

44ms
43ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-oXOiHrHQtiCrztCotKeeg&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BT3HF63SSW9WMA46FTJR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-oXOiHrHQtiCrztCotKeeg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44FC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJOVjFZRzEtSi1NQUZL&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEHPEqepHfs0WcQhuYw17oHs&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOVjFZRzEtSi1NQUZL&google_push=&gdpr=0

170 B
188 B

42ms
41ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOVjFZRzEtSi1NQUZL&google_push=&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOVjFZRzEtSi1NQUZL&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 44FC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ptc16yvNTku0e_PEM5A0Gg&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptc16yvNTku0e_PEM5A0Gg&gdpr=0

43 B
479 B

112ms
112ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptc16yvNTku0e_PEM5A0Gg&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T2AHP2RESXAN1HGH45B4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptc16yvNTku0e_PEM5A0Gg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 44FC
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=&expires=30

42 B
895 B

51ms
35ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9acbf35-1eda-41f4-9d90-9f5fd5201b9a&gdpr=0&gdpr_consent=&expires=30
date: Sun, 21 Jan 2024 18:57:30 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 44FC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/mTz_zJmsBn0qVTfFbtaIJw?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l.YTGEZE2oLYwcqxwCgWh95UsQSgGT7LwItE2g--~A

42 B
895 B

32ms
31ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l.YTGEZE2oLYwcqxwCgWh95UsQSgGT7LwItE2g--~A
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l.YTGEZE2oLYwcqxwCgWh95UsQSgGT7LwItE2g--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44FC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ0ZDVhNTNjYjY3ZTFjZWFiMDEyYmY3NzM1M2ViYzJjMzliM2M5Yg&gdpr=0

170 B
188 B

42ms
41ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ0ZDVhNTNjYjY3ZTFjZWFiMDEyYmY3NzM1M2ViYzJjMzliM2M5Yg&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ0ZDVhNTNjYjY3ZTFjZWFiMDEyYmY3NzM1M2ViYzJjMzliM2M5Yg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 44FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDJfyl1ipV54AaFaCx8Qg9I&google_cver=1

42 B
895 B

45ms
32ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDJfyl1ipV54AaFaCx8Qg9I&google_cver=1
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDJfyl1ipV54AaFaCx8Qg9I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 44FC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRNV1YG1-J-MAFK&gdpr=0

0
513 B

98ms
97ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRNV1YG1-J-MAFK&gdpr=0
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 07F1732CC4AC4AC7B55A0C4FC13385B7 Ref B: NYCEDGE1408 Ref C: 2024-01-21T18:57:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPeUkFPfaLEEnUfU4sPQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRNV1YG1-J-MAFK&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LRNV1YG1-J-MAFK&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
720 B

87ms
40ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LRNV1YG1-J-MAFK&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AAGHG348GQ92ZDY2JJWJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LRNV1YG1-J-MAFK&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 44FC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFDG07LWtIAABMEeIf3cw&expires=30&gdpr=0

42 B
895 B

31ms
31ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFDG07LWtIAABMEeIf3cw&expires=30&gdpr=0
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFDG07LWtIAABMEeIf3cw&expires=30&gdpr=0
Date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LRNV1YG1-J-MAFK&gdpr=0

43 B
663 B

104ms
34ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LRNV1YG1-J-MAFK&gdpr=0
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 18:57:30 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LRNV1YG1-J-MAFK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Expires: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRNV1YG1-J-MAFK&gdpr=0

43 B
1 KB

33ms
32ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRNV1YG1-J-MAFK&gdpr=0

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

68.67.160.184 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
an-x-request-uuid: 0c2a0e17-afe4-4fa1-85d1-ecb636c23e89
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.37; 96.9.249.37; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRNV1YG1-J-MAFK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 44FC
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRNV1YG1-J-MAFK&redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRNV1YG1-J-MAFK&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ1Z2XzloRTJ1R3lla0tJRDR0aFMyOHJUc2lnZlI4bn5B&gdpr=0&ovsid=LRNV1YG1-J-MAFK&dpid=58160

57 B
650 B

144ms
50ms

Image
image/gif

104.117.182.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ1Z2XzloRTJ1R3lla0tJRDR0aFMyOHJUc2lnZlI4bn5B&gdpr=0&ovsid=LRNV1YG1-J-MAFK&dpid=58160

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

104.117.182.139 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-139.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 21 Jan 2024 18:57:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 21 Jan 2024 18:57:31 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ1Z2XzloRTJ1R3lla0tJRDR0aFMyOHJUc2lnZlI4bn5B&gdpr=0&ovsid=LRNV1YG1-J-MAFK&dpid=58160
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
https://prebid.a-mo.net/setuid/magnite?uid=LRNV1YG1-J-MAFK&gdpr=0

0
124 B

32ms
32ms

Image
text/plain

147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LRNV1YG1-J-MAFK&gdpr=0
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LRNV1YG1-J-MAFK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

82 B
82 B

65ms
63ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8491c888ddd23a06-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 21 Jan 2024 18:57:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LRNV1YG1-J-MAFK&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8491c8887d123a06-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 44FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRNV1YG1-J-MAFK&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK&ckls=true&ci=XKecrrGwtM&nc=false&trid=-1276761109

43 B
1 KB

106ms
38ms

Image
image/gif

18.164.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK&ckls=true&ci=XKecrrGwtM&nc=false&trid=-1276761109
Requested by: Host: aznews.vip
URL: https://aznews.vip/
Protocol: H2
Server: 18.164.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-113.jfk50.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:31 GMT
via: 1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: DvgCfURDzRb40H-tlwmv-iMsJrrvWar3k9iFM-dqfdSjfZxXticqFw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:31 GMT
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRNV1YG1-J-MAFK&ckls=true&ci=XKecrrGwtM&nc=false&trid=-1276761109
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: B9gxGSZCUgaacYoXX-9RUmdFA6VFYPo0Nj3Ma1qCyIeE_LfBCXlpNQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame B08C
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LRNV1YG1-J-MAFK
https://ssc-cms.33across.com/ps/?xi=1&xu=LRNV1YG1-J-MAFK
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRNV1YG1-J-MAFK&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
117 B

34ms
33ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRNV1YG1-J-MAFK&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:57:31 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 18:57:30 GMT
referrer-policy: unsafe-url
server: 33XP007
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LRNV1YG1-J-MAFK&ts=1705863451&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
270 B 349ms
107ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

8e5127da4906d0eeaf141e54318045b1163d042d38b6d51dd898bf87f9fe5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://aznews.vip
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 696 B
1 KB 342ms
110ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

8b297fea041c70f0ef392dff6e5defcbae352f20f21f2cb888ccfae870220b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://aznews.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://aznews.vip
date: Sun, 21 Jan 2024 18:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

155.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/231/8.gif?id5id=ID5*WPO4HVnxKY4dhT5TPSAZVReEQ-aoa1CXyQVpVv2-37x-L2vT5puDo-hb_MnO-knafjHGLF0kjqo8x3q8gxK7qg&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/231/2/7/2.gif?puid=3260914407063291663&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/231/796/6/3.gif?puid=0ec5a4f2-091f-4854-acf2-a49a7ce74bf5&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/231/203/5/4.gif?puid=f1766ae9-78e7-4bf8-80db-c924066b47b1&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/231/108/4/5.gif?puid=10a8dc1a-dfed-49d1-b283-a61357596488&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F3%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/231/429/3/6.gif?puid=4F05F617-5E20-430B-8C9B-CADAFD10E4D5&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=58&3pid=4F05F617-5E20-430B-8C9B-CADAFD10E4D5&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F1242%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%...
https://id5-sync.com/c/231/1242/2/7.gif?puid=IB6RhLZHiYyLg5XZS4GOwoZF&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-963fODSi9XxAtShc5ZIudkHIncmu2-yowOItnHtUxw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F1%2F8.gif%3Fpuid%3D...
https://id5-sync.com/cq/231/124/1/8.gif?puid=222d2970-d841-40e2-9eff-1177561a87d1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AAFDG07LWtIAABMEeIf3cw&id5AccountNum=155&numCascadesAllowed=9

43 B
1 KB

108ms
108ms

Image
image/gif

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/155.gif?puid=AAFDG07LWtIAABMEeIf3cw&id5AccountNum=155&numCascadesAllowed=9

Requested by

Host: aznews.vip
URL: https://aznews.vip/

Protocol

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aznews.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 21 Jan 2024 18:57:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/k/155.gif?puid=AAFDG07LWtIAABMEeIf3cw&id5AccountNum=155&numCascadesAllowed=9
Date: Sun, 21 Jan 2024 18:57:33 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eu.ck-ie.com
URL: https://eu.ck-ie.com/mtp236.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&redir=https%3A%2F%2Fsync.e-volution.ai%2Ff2ee84aa02d6bdbd811eca8a4368e40c.gif%3Fpuid%3D%7B%24PARTNER_UID%7D

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

118 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 17:51:05	Name: __cf_bm Value: 4eCuURJvBOyfzAQ1U077zYQHSm9CHacGDqn4yoxLWys-1705863447-1-Ac2YAaQoJ7V5hnPTlVRXrcfgsnt/AvxVxV/zdWU1j4VLWFBH4+AjY2JbrgWcs6swtte8Ow0p+BmBM5/T+PrxO0Q=
.aznews.vip/	1970-01-21 03:27:03	Name: _ga_0FM7NMYDZT Value: GS1.1.1705863447.1.0.1705863447.0.0.0
.aznews.vip/	1970-01-21 03:27:03	Name: _ga Value: GA1.1.1115762551.1705863448
.mgid.com/	1970-01-21 02:36:39	Name: muidn Value: o0lt-HrhwjVa
aznews.vip/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1576239%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221705863449404%22%7D%7D
.onetag-sys.com/	1970-01-21 03:20:50	Name: OTP Value: ANuHAGR8Pt38626a6CtsIwDhYN3M63ONCbauJ8hocGI
aznews.vip/	1970-01-20 18:34:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
.33across.com/	1970-01-21 02:36:39	Name: 33x_ps Value: u%3D212428766416142%3As1%3D1705863449874%3Ats%3D1705863449874
.e-volution.ai/	1970-01-20 18:34:15	Name: lluid Value: e52953b8-af27-5203-37a9-969c72b4f8a1
.krushmedia.com/	1970-01-20 18:11:13	Name: krm_usr Value: 0f3607b9-9ce6-5236-a5d7-cffc499b1b67
.krushmedia.com/	1970-01-20 18:11:13	Name: krm_r Value: 574
.360yield.com/	1970-01-20 20:00:39	Name: tuuid Value: 222d2970-d841-40e2-9eff-1177561a87d1
.360yield.com/	1970-01-20 20:00:39	Name: tuuid_lu Value: 1705863449
.bidswitch.net/	1970-01-21 02:36:39	Name: tuuid Value: d907b300-3215-4b4e-b524-0559fa5cd41c
.bidswitch.net/	1970-01-21 02:36:39	Name: c Value: 1705863449
.bidswitch.net/	1970-01-21 02:36:39	Name: tuuid_lu Value: 1705863449
.eyeota.net/	1970-01-21 02:38:05	Name: mako_uid Value: 18d2d628d67-61670000010a4d6e
.eyeota.net/	1970-01-20 17:51:04	Name: SERVERID Value: 19822~DM
.adnxs.com/	1970-01-20 20:00:39	Name: uuid2 Value: 3260914407063291663
.doubleclick.net/	1970-01-21 03:27:03	Name: IDE Value: AHWqTUkiFJA4VvfRvi5t_bJTKS9HROKhtEVNh-XGTlndX-psWo98zWFgYcz2sswml1Q
.contextweb.com/	1970-01-21 02:29:27	Name: V Value: Y04irmNTLiQO
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f95747798b132fcd
.tynt.com/	1970-01-21 02:36:39	Name: uid Value: 64DgdmWtaRrrDlAxNpVwjg==
.pubmatic.com/	1970-01-20 17:52:29	Name: KTPCACOOKIE Value: YES
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-21 02:36:39	Name: amuid2 Value: 98e2d5af-e15a-4fd8-a03d-e82f7269ced5
.prebid.a-mo.net/	1970-01-21 02:36:39	Name: sd_amuid2 Value: 98e2d5af-e15a-4fd8-a03d-e82f7269ced5
pixel.rubiconproject.com/	1970-01-20 20:00:39	Name: receive-cookie-deprecation Value: 1
.ads.stickyadstv.com/	1970-01-20 18:34:15	Name: UID Value: 9c88a465d1437ce81502a726e33eec
.smartadserver.com/	1970-01-21 03:21:17	Name: pid Value: 2391074174732800461
.mathtag.com/	1970-01-21 03:16:58	Name: uuid Value: 19ec65ad-691a-4c00-935d-2a887adcf91b
.lijit.com/	1970-01-21 02:36:39	Name: ljt_reader Value: IB6RhLZHiYyLg5XZS4GOwoZF
.pubmatic.com/	1970-01-20 20:00:39	Name: SyncRTB3 Value: 1707004800%3A220
.pubmatic.com/	1970-01-21 02:36:39	Name: KADUSERCOOKIE Value: 4F05F617-5E20-430B-8C9B-CADAFD10E4D5
.media.net/	1970-01-21 02:36:39	Name: visitor-id Value: 3488650506634101000V10
.media.net/	1970-01-21 02:35:13	Name: data-bs Value: d907b300-3215-4b4e-b524-0559fa5cd41c~~1
.mfadsrvr.com/	1970-01-21 03:27:03	Name: tuuid Value: 8e447b40-85c9-4c5f-a58d-7cd9472e9be8
.mfadsrvr.com/	1970-01-21 03:27:03	Name: c Value: 1705863450
.mfadsrvr.com/	1970-01-21 03:27:03	Name: tuuid_lu Value: 1705863450
.admanmedia.com/	1970-01-20 18:11:12	Name: admtr Value: 08194e27-8fb1-4dc1-9d87-a7fd93463592
.admanmedia.com/	1970-01-20 18:11:12	Name: ac_r Value: CS77
.adx.opera.com/	1970-01-21 02:36:39	Name: UID Value: OPUe8e4013fa22644e586bbe14f1c99c355
.creativecdn.com/	1970-01-21 02:36:39	Name: u Value: 5TMtLPCXGm80bpKCbC9Q
.creativecdn.com/	1970-01-21 02:36:39	Name: g Value: 5TMtLPCXGm80bpKCbC9Q_1705863450421
.creativecdn.com/	1970-01-21 02:36:39	Name: ts Value: 1705863450
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_3 Value: 1
.tynt.com/	1970-01-20 20:00:39	Name: pids Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1705863450472%7D%5D
.e-volution.ai/	1970-01-20 18:11:13	Name: v_usr Value: f233f86c-d8ab-4f18-8265-a6c41e18ce3a
.e-volution.ai/	1970-01-20 18:11:13	Name: v_red Value: 4
.rlcdn.com/	1970-01-21 02:36:39	Name: rlas3 Value: TqLYKeuyaw2WC1KY84hJC47lrSj9YIbUIx7LKCJV4jY=
.rlcdn.com/	1970-01-20 19:17:27	Name: pxrc Value: CJnSta0GEgUI6AcQABIFCOhHEAE=
.rtbsystem.com/	1970-01-21 02:36:39	Name: ut-0 Value: d4f76eec-dd4c-5df1-819c-621bba2cd27c
.rtbsystem.com/	1970-01-21 02:36:39	Name: ut-28 Value: 6300444863592
.rtbsystem.com/	1970-01-21 02:36:39	Name: ut-15 Value: BE18E5B3C970602AEB846F17DE957455ED5857DE2D2CD8665088AECB1D1B136C
.mfadsrvr.com/	1970-01-21 03:27:03	Name: ssh Value: !mgid,1705863450
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_4 Value: 1
.adsrvr.org/	1970-01-21 02:38:05	Name: TDID Value: c9acbf35-1eda-41f4-9d90-9f5fd5201b9a
pixel-eu.rubiconproject.com/	1970-01-20 20:00:39	Name: receive-cookie-deprecation Value: 1
.pubmatic.com/	1970-01-20 20:00:39	Name: chkChromeAb67Sec Value: 2
.yahoo.com/	1970-01-21 02:37:01	Name: A3 Value: d=AQABBBpprWUCEGcvAcpLNZX__o-czRYEpqUFEgEBAQG6rmW3ZdxH0iMA_eMAAA&S=AQAAAkYe9GMIvRBRmNGaVu2FPrk
.pubmatic.com/	1970-01-20 17:52:29	Name: pi Value: 161673:3
.3lift.com/	1970-01-20 20:00:39	Name: tluid Value: 801852153427027854391
.dotomi.com/	1970-01-20 17:51:03	Name: DotomiTest Value: 1f907f73e31b03ee
.pippio.com/	1970-01-21 02:36:39	Name: did Value: Z1Ve-zPknN_nvHJk
.pippio.com/	1970-01-21 02:36:39	Name: didts Value: 1705863450
.pippio.com/	1970-01-20 19:17:27	Name: nnls Value:
.pippio.com/	1970-01-20 19:17:27	Name: pxrc Value: CJrSta0GEgYIgr0rEAA=
.amazon-adsystem.com/	1970-01-21 03:27:03	Name: ad-privacy Value: 0
.rfihub.com/	1970-01-21 03:12:39	Name: eud Value: H4sIAAAAAAAA_1vFwmtobmBqYWZsYmpgbm4CAA4x9KsQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1NzAyMzI0MTKzNBHiM9Q1ys8vKg2sDKjMDqoAAOgGidclAAAA
.rfihub.com/	1970-01-21 03:12:39	Name: rud Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1NzAyMzI0MTKzNBHiM9Q1ys8vKg2sDKjMDqoAAOgGidclAAAA
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_14 Value: 1
.lijit.com/	1970-01-21 02:36:39	Name: _ljtrtb_80 Value: LRNV1YG1-J-MAFK
.adnxs.com/	1970-01-20 20:00:39	Name: anj Value: dTM7k!M40DF7/.XF']wIg2GTwfr61s!]tbP6j2F-.aDyjByG0>mcCNzgZ:O%>yNDqkCvnMD.Q3ZG^=xQQEVk`!$)5b*)#A:
.adnxs.com/	1970-01-20 20:00:39	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSTlYxWUcxLUotTUFGSyIsImV4cGlyZXMiOiIyMDI0LTA0LTIwVDE4OjU3OjMwWiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTIxVDE4OjU3OjMwWiJ9
.bidr.io/	1970-01-21 03:19:33	Name: bito Value: AAFDG07LWtIAABMEeIf3cw
.bidr.io/	1970-01-21 03:19:33	Name: bitoIsSecure Value: ok
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_7 Value: 1
.tapad.com/	1970-01-20 19:17:27	Name: TapAd_TS Value: 1705863450894
.tapad.com/	1970-01-20 19:17:27	Name: TapAd_DID Value: 10a8dc1a-dfed-49d1-b283-a61357596488
.analytics.yahoo.com/	1970-01-21 02:36:39	Name: IDSYNC Value: "190u~2gb6:18vk~2gb6:19e0~2gb6"
.linkedin.com/	1970-01-20 20:00:39	Name: li_sugr Value: 2fd1daa5-1f6d-4a4a-a96c-d603975f55be
.linkedin.com/	1970-01-21 02:36:39	Name: bcookie Value: "v=2&27e74dbf-a2bd-4390-85a4-428d7cda1d75"
.linkedin.com/	1970-01-20 17:52:29	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3119:u=1:x=1:i=1705863450:t=1705949850:v=2:sig=AQGyy2vnCZL68bRG8I8jAQG7NYbKHPGx"
.a-mx.com/	1970-01-21 02:36:39	Name: amdt_t Value: p::1705863450966
.a-mx.com/	1970-01-21 02:36:39	Name: amuid2 Value: 98e2d5af-e15a-4fd8-a03d-e82f7269ced5
.connatix.com/	1970-01-20 18:34:15	Name: cnx_userId Value: 4e876680922442b9885f14bb1d2ac9a7
pixel-us-west.rubiconproject.com/	1970-01-20 20:00:39	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 02:38:05	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJ66paKbr808EAUSFAoFdGFwYWQSCwiQ5Ialm6_NPBAFGAEgASgCMgsI-tmJ0rGvzTwQBTgBWgV0YXBhZGAC
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_2 Value: 1
.rubiconproject.com/	1970-01-21 02:36:39	Name: khaos Value: LRNV1YG1-J-MAFK
pixel-us-east.rubiconproject.com/	1970-01-20 20:00:39	Name: receive-cookie-deprecation Value: 1
.primis.tech/	1970-01-20 18:27:03	Name: csuuid Value: 65ad691b04b7f
.tapad.com/	1970-01-20 19:17:27	Name: TapAd_3WAY_SYNCS Value: 1!522
.hb.yahoo.net/	1970-01-20 22:10:15	Name: visitor-id Value: 3488650516634181000V10
.hb.yahoo.net/	1970-01-21 02:36:39	Name: data-mag Value: LRNV1YG1-J-MAFK~~63
cm.mgid.com/	1970-01-20 18:34:15	Name: mg_sync Value: {"265689":1705863449,"363887":1705863449,"363888":1705863449,"43070":1705863451,"433146":1705863449,"501037":1705863450,"516418":1705863449,"556372":1705863450,"665953":1705863450,"709071":1705863449,"712807":1705863450,"720798":1705863449,"737576":1705863449}
.casalemedia.com/	1970-01-21 02:36:39	Name: CMID Value: Za1pGzAwAII8SU9LrNz3jwAA
.casalemedia.com/	1970-01-20 20:00:39	Name: CMPS Value: 3552
.casalemedia.com/	1970-01-20 20:00:39	Name: CMPRO Value: 3552
.intentiq.com/	1970-01-21 03:27:03	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 03:27:03	Name: intentIQ Value: XKecrrGwtM
.prebid.a-mo.net/	1970-01-20 17:52:29	Name: _sv3_8 Value: 1
.intentiq.com/	1970-01-21 03:27:03	Name: IQPData Value: 1611266341#1705863451235#0#1705863451235
.intentiq.com/	1970-01-21 03:27:03	Name: CSDT Value: UEQ6MTUxMDZfMCZVMjFkQ0Ny
.intentiq.com/	1970-01-21 03:27:03	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 03:27:03	Name: intentIQCDate Value: 1705863451236
.amazon-adsystem.com/	1970-01-20 23:56:49	Name: ad-id Value: A07fpsagdk0imhMyroXtS0c
.rubiconproject.com/	1970-01-21 02:36:39	Name: audit Value: 1\|oUS0fh0tj+TdMpKA95iQTgEAtz5fojy52leyvFwXrHt+xL8LlrcUaNDD6+DzVWCDeeep9DKY+d5CqQ3+tQhlLHMDvubSxZCGZ+mZHK3G628OfYviG3bLtKMcNyKzNUHRdNagGyTJzJG4QAAJAquNLfwDR7756vKs
.id5-sync.com/	1970-01-20 20:00:39	Name: id5 Value: ffd3c509-7fb6-7d7a-8203-ea308f35aa5f#1705863451470#2
.adnxs.com/	1970-01-21 03:27:03	Name: XANDR_PANID Value: ELaUlnUgEH5xHTy_v_8Jr7TGatSKG2GdgwdEuQL03hpd73v1uS3Znh8HieZXWR5l0fTtL-JrImvbi3Wz_BeERkNqFiUFiTsy0OkepWD_C1U.
.ipredictive.com/	1970-01-21 02:36:39	Name: cu Value: 0ec5a4f2-091f-4854-acf2-a49a7ce74bf5\|1705863451937
.criteo.com/	1970-01-21 03:12:39	Name: uid Value: f1766ae9-78e7-4bf8-80db-c924066b47b1
.lijit.com/	1970-01-21 02:36:39	Name: ljtrtb Value: eJyrVrIwULJS8gnyCzOMdDfU9dL1dXTzVqoFAErHBio%3D
.lijit.com/	1970-01-21 02:36:39	Name: _ljtrtb_58 Value: 4F05F617-5E20-430B-8C9B-CADAFD10E4D5
.360yield.com/	1970-01-20 20:00:39	Name: um Value: !79,hFvLQhT.Sx.NmxmOHQu4d9TxkSrCcJlHWsHkf5VnpN.lAQBLXuchNNnsWKJX9E2b-KQFOAwGG5Iqpn5n,1713639453
.360yield.com/	1970-01-20 20:00:39	Name: umeh Value: !79,0,1768071453,-1
.id5-sync.com/	1970-01-20 20:00:39	Name: 3pi Value: 2#1705863451728#-335100834#3260914407063291663\|1242#1705863453216#-1672963481\|203#1705863452450#-1867913252#f1766ae9-78e7-4bf8-80db-c924066b47b1\|155#1705863453520#1630470127#AAFDG07LWtIAABMEeIf3cw\|796#1705863452005#-1341115021\|108#1705863452607#1207455014\|124#1705863453370#345148987\|429#1705863453072#-1958053484#4F05F617-5E20-430B-8C9B-CADAFD10E4D5

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
violation	error	URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js(Line 270) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://jsc.mgid.com/a/z/aznews.vip.1576239.es6.js(Line 270) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://eu.ck-ie.com/mtp236.gif?gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&redir=https%3A%2F%2Fsync.e-volution.ai%2Ff2ee84aa02d6bdbd811eca8a4368e40c.gif%3Fpuid%3D%7B%24PARTNER_UID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
ajax.googleapis.com
ap.lijit.com
aznews.vip
bh.contextweb.com
c.mgid.com
capi.connatix.com
cdn.connectad.io
cdn.id5-sync.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
de.tynt.com
dis.eu.criteo.com
eb2.3lift.com
eu.ck-ie.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
hb.yahoo.net
hde.tynt.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pippio.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
r.bidswitch.net
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync-global.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
sync-eu.connectad.io
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync1.intentiq.com
t.adx.opera.com
token.rubiconproject.com
tracker.direct.e-volution.ai
ups.analytics.yahoo.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
eu.ck-ie.com
103.118.29.139
104.117.182.139
104.18.36.155
107.178.254.65
131.153.242.59
142.251.41.2
147.135.71.24
147.28.129.37
15.197.193.217
162.19.138.116
162.19.138.117
162.248.18.32
162.248.18.37
172.64.146.152
178.250.1.9
18.164.96.113
185.184.8.90
198.148.27.131
199.38.167.131
213.19.162.90
216.200.232.253
216.22.16.5
23.192.31.127
23.56.162.28
23.56.163.106
23.58.91.123
2600:1f18:4e9:5a07:c26c:7486:c467:5b58
2600:9000:2510:aa00:1b:6b7d:2300:93a1
2600:9000:266a:9000:1a:5235:f980:93a1
2606:4700:10::6816:3556
2606:4700:10::ac43:8ae
2606:4700:1::6813:814c
2606:4700:1::6813:824c
2606:4700:1::6813:854c
2606:4700:3035::ac43:bfac
2606:4700::6813:9722
2606:ae80:1471:15::440
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2003
2620:1ec:21::14
3.225.218.10
34.111.113.62
34.117.239.71
35.172.162.55
35.211.118.13
35.211.178.172
35.212.212.222
35.244.154.8
35.71.139.29
37.157.3.26
51.222.239.232
52.44.173.38
52.46.128.147
52.95.115.255
54.147.37.155
54.156.26.12
63.251.28.233
63.251.86.49
63.251.86.51
67.202.105.22
67.202.105.32
67.202.105.33
68.67.160.184
69.173.151.100
8.2.110.134
8.28.7.81
8.28.7.84
8.39.36.142
8.43.72.97
80.77.87.162
82.145.213.8
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c31e353eede990e0ade70686675c885704410dca8db101b186d8fb21fbae4f5
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
1571d61fe546ed39d705bb8bc17b65506bd566f671fafb4061ee017b3c6e03c0
15b465473799d5c641e84c426f074cec84eb1c6c1b316b7c819bb564afaa44d6
16ee60ffe5ed2841a04fa05e023ac3586e9d668fff3dd6d89c592e1d5debeb67
188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564
1ca0680c88a40021340bacf76fe43ce39d7943184fe189f12986e734b4407d51
2326d054f6592918d0f4a49fd11e4dac6d9a8c6b7c491c2d2c35fcff0481b124
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d5dee3056fb4d7691680429196d99e945d901270ca90b21f65df193783e4e95
3073c8039ce24032bde836c698f2bec8d8237cb41dca18b3e3f9ca449f688f07
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
475da16463289cc74220bc98e8d08c8336f60ea4276c0a1f4832ca652e3c856f
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4ffddd249f6a700c6a8a97ef0dc80497347d4b7ab6c390de479e0665647a0086
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
592527b75a0ebc892d4f4bd1af4deeb16a28a9177557c1de633c749765673635
5c225159973dbdaaace6fb86605be7d0b2b19aa8285cdfc3b9c7e49f53798642
5fd17e79a229038725b50601c6999b255798ebb75ab676b0eb3085d469b576ca
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
692c38382dbf4ada5e12d0cc3fc3eca6cdbe54abe14a40a63d0448fb5ec07bde
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
71ae40966266246002a8634c2e938cff7a1ed036831a1f44d3dd5f71957fa61b
7c3c27729a25ea557c816a8b6570dd77edc76d15ab8170f0f3f538732cceb1b1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89fdffd15336c36e35139778245c7ec7fcd91b867bb90c824b25711bd54dcc3e
8b297fea041c70f0ef392dff6e5defcbae352f20f21f2cb888ccfae870220b2a
8b58887660dca72c67a2ddc08f2ef9e1ee892069a712b287038821f04a31a2c2
8e1dea1498f143bea957b0a99a7385f162697261178cc0a788e3e21c9dad15fc
8e5127da4906d0eeaf141e54318045b1163d042d38b6d51dd898bf87f9fe5caa
8fdc0815d8729a1bd04e0cd23578885bcbf26be1ef876807606fd7ce268394a7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d5939513ba5f911fbbdb6e5c4f1cf764a72bc211e8e64b7ef1f03b44ea3d93
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
af1b202f16299aa05efb9d5c07aeadea3171ae3530ca5873c8e100c46cfacec3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b164963a8c9343cf6c2f7dab172aa7ea7e0deeead44f488e35eeb899c0fd1ae2
b66fc18fef504d695b9c3dd1596d4fce5f282ac0fa71709302ed647c76292a15
b8da6b4dd8808a841292aee4a27fb3935dc309489374ad3a10950c2318866a2b
bb285b60b982be3eae5d15e68c7db94aebcf045662042ba7a8c23c7aa9e67a91
bf0a8556dc6fa4f9eda69f406f43f63a2f57978525bd4fbd1f82f66b2b1da154
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c54463859b86bcfe01382ad46175381c6ab830ab62cadc581980ed8f16734ad5
c6469912dbc49c4b446b40704454592d3f7ba04bb5497b4360a4a489aaf3244a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d020600f12c7f01e28904df701750c46c4f005f10ed07f0852a4bc33d7854165
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d4cced439e4051398865f9f3441d7ab12b79cb9ce3168d7a6a66a87f39c3b6ca
d72a391ad730c07c212af47ef8a92e8d9ef970886b8af6fe898890fae52c5869
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7496ec50754fbdb174ea8696bc144c9b8ce5c49d9be0c3dd2199c01c6eb1276
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eedf6eb1e4265839257f494457433fb36037a1f41554fc185ed2258dfec72d61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f023e794d34f1a6587b34eeed9e12f2aa134c010860c98e9f32a528e912452ad
f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae
f32f6a762680eb944ea8397fc3033827ef482c8132adfff2469aec254e1a3b48
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fbc914af59a356c910efaa15ef99e91e19a69d7eab59192ad4b2177640bb3238

aznews.vip Open in urlscan Pro 103.118.29.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

53 %HTTPS

23 %IPv6

55 Domains

82 Subdomains

36 IPs

11 Countries

1485 kBTransfer

2790 kBSize

118 Cookies

1 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aznews.vip Open in urlscan Pro
103.118.29.139 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

53 %
HTTPS

23 %
IPv6

55
Domains

82
Subdomains

36
IPs

11
Countries

1485 kB
Transfer

2790 kB
Size

118
Cookies

129 HTTP transactions
0 data transactions