urlscan.io logo urlscan.io
SecurityTrails logo

nonton168.online Open in urlscan Pro
142.44.139.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Submission: On November 26 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 10 countries across 120 domains to perform 355 HTTP transactions. The main IP is 142.44.139.105, located in Canada and belongs to OVH, FR. The main domain is nonton168.online.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time nonton168.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 28 142.44.139.105 16276 (OVH)
5 172.253.63.97 15169 (GOOGLE)
2 172.253.62.95 15169 (GOOGLE)
1 2 162.241.252.167 46606 (UNIFIEDLA...)
1 104.243.38.202 23470 (RELIABLESITE)
8 142.251.163.94 15169 (GOOGLE)
8 142.251.16.91 15169 (GOOGLE)
60 104.18.9.47 13335 (CLOUDFLAR...)
4 104.20.79.99 13335 (CLOUDFLAR...)
4 142.251.163.138 15169 (GOOGLE)
2 54.39.128.162 16276 (OVH)
5 141.101.120.11 13335 (CLOUDFLAR...)
1 2 172.253.122.155 15169 (GOOGLE)
1 142.251.179.149 15169 (GOOGLE)
4 142.251.163.95 15169 (GOOGLE)
1 142.251.163.103 15169 (GOOGLE)
1 142.251.16.119 15169 (GOOGLE)
1 142.251.16.132 15169 (GOOGLE)
2 172.253.115.94 15169 (GOOGLE)
6 18.67.76.31 16509 (AMAZON-02)
5 3.141.240.42 16509 (AMAZON-02)
1 104.18.34.83 13335 (CLOUDFLAR...)
2 18.160.10.25 16509 (AMAZON-02)
3 3 104.18.18.166 13335 (CLOUDFLAR...)
3 3 104.21.23.71 13335 (CLOUDFLAR...)
1 67.202.105.32 32748 (STEADFAST)
8 23.212.248.4 20940 (AKAMAI-ASN1)
7 108.138.128.34 16509 (AMAZON-02)
2 104.26.12.60 13335 (CLOUDFLAR...)
7 7 141.94.171.215 16276 (OVH)
2 2 44.238.141.43 16509 (AMAZON-02)
4 18 107.20.214.81 14618 (AMAZON-AES)
4 5 185.167.164.39 198622 (ADFORM)
13 14 15.197.193.217 16509 (AMAZON-02)
1 67.202.105.34 32748 (STEADFAST)
2 18.160.41.58 16509 (AMAZON-02)
3 3 67.202.105.23 32748 (STEADFAST)
5 10 23.220.112.236 16625 (AKAMAI-AS)
1 172.64.152.89 13335 (CLOUDFLAR...)
2 3 44.218.222.11 14618 (AMAZON-AES)
13 14 68.67.160.186 29990 (ASN-APPNEX)
7 9 34.111.113.62 396982 (GOOGLE-CL...)
1 1 44.197.32.198 14618 (AMAZON-AES)
1 3.211.41.66 14618 (AMAZON-AES)
3 6 35.244.154.8 15169 (GOOGLE)
4 10 52.55.144.0 14618 (AMAZON-AES)
3 28 63.251.114.182 32475 (SINGLEHOP...)
1 6 3.130.50.49 16509 (AMAZON-02)
2 3 52.0.156.250 14618 (AMAZON-AES)
1 3 34.111.234.236 396982 (GOOGLE-CL...)
1 104.86.160.58 16625 (AKAMAI-AS)
2 31.13.66.19 32934 (FACEBOOK)
2 8 44.193.54.186 14618 (AMAZON-AES)
1 157.240.244.35 32934 (FACEBOOK)
2 108.138.64.122 16509 (AMAZON-02)
1 2 104.22.24.87 13335 (CLOUDFLAR...)
14 19 172.253.63.155 15169 (GOOGLE)
5 7 52.0.143.253 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
1 2 104.19.131.76 13335 (CLOUDFLAR...)
1 1 52.5.231.5 14618 (AMAZON-AES)
1 2 15.235.42.103 16276 (OVH)
1 2 216.22.16.9 30633 (LEASEWEB-...)
2 5 8.28.7.81 62713 (AS-PUBMATIC)
1 1 104.17.216.204 13335 (CLOUDFLAR...)
1 40.71.11.141 8075 (MICROSOFT...)
1 1 69.169.85.6 29838 (AMC)
1 64.58.232.180 13649 (ASN-FLEXE...)
1 1 52.87.28.41 14618 (AMAZON-AES)
6 6 3.225.218.10 14618 (AMAZON-AES)
4 4 207.198.113.86 13768 (COGECO-PEER1)
1 2 13.249.39.83 16509 (AMAZON-02)
1 1 50.116.194.23 6336 (TURN-US-ASN)
1 3 13.107.42.14 8068 (MICROSOFT...)
4 4 35.236.220.17 396982 (GOOGLE-CL...)
1 34.197.239.24 14618 (AMAZON-AES)
5 8 151.101.194.49 54113 (FASTLY)
2 99.83.181.31 16509 (AMAZON-02)
1 172.64.128.21 13335 (CLOUDFLAR...)
4 4 52.54.159.197 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 172.253.122.149 15169 (GOOGLE)
7 7 54.164.228.62 14618 (AMAZON-AES)
2 2 192.184.69.252 16509 (AMAZON-02)
1 1 213.19.162.90 26667 (RUBICONPR...)
1 5 52.46.143.56 16509 (AMAZON-02)
5 5 199.127.204.171 26120 (RHYTHMONE)
2 2 50.116.194.21 6336 (TURN-US-ASN)
2 2 199.127.204.147 26120 (RHYTHMONE)
2 2 198.148.27.131 19189 (PULSEPOINT)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2 35.207.24.140 15169 (GOOGLE)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 8 35.244.159.8 396982 (GOOGLE-CL...)
3 23.221.241.11 16625 (AKAMAI-AS)
5 6 54.197.133.126 14618 (AMAZON-AES)
4 4 18.160.10.22 16509 (AMAZON-02)
2 2 18.67.76.108 16509 (AMAZON-02)
1 2 34.232.140.51 14618 (AMAZON-AES)
2 3 107.178.240.89 15169 (GOOGLE)
7 7 162.19.138.118 16276 (OVH)
1 3 3.228.65.117 14618 (AMAZON-AES)
1 18.165.98.25 16509 (AMAZON-02)
6 6 34.235.18.139 14618 (AMAZON-AES)
1 8.43.72.98 26667 (RUBICONPR...)
2 52.0.52.210 14618 (AMAZON-AES)
19 104.36.113.107 62713 (AS-PUBMATIC)
1 1 216.22.16.57 30633 (LEASEWEB-...)
2 2 150.136.156.92 31898 (ORACLE-BM...)
2 2 104.18.36.155 13335 (CLOUDFLAR...)
1 8.18.47.7 398989 (DEEPINTENT)
3 4 64.74.236.223 22075 (AS-OUTBRAIN)
1 40.76.134.238 8075 (MICROSOFT...)
1 2 35.71.139.29 16509 (AMAZON-02)
2 2 159.127.43.140 25751 (VALUECLICK)
1 104.36.113.111 62713 (AS-PUBMATIC)
1 1 35.214.253.210 15169 (GOOGLE)
1 35.186.193.173 ()
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 195.5.165.20 ()
1 162.55.120.196 ()
2 2 23.205.128.218 ()
1 34.225.68.212 14618 (AMAZON-AES)
1 52.5.176.145 ()
1 1 134.122.57.34 ()
1 3.248.28.79 ()
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 ()
355 90
28    142.44.139.105 (Canada)

ASN16276 (OVH, FR)
PTR: ns552665.ip-142-44-139.net
nonton168.online
nonton168.tv
5    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
2    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
fonts.googleapis.com
2    162.241.252.167 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5726.bluehost.com
bioskop888.org
bioskop888.tv
1    104.243.38.202 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
i.ibb.co
8    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
8    142.251.16.91 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f91.1e100.net
www.youtube.com
60    104.18.9.47 (None, )

ASN13335 (CLOUDFLARENET, US)
s1.dunialk21.id
4    104.20.79.99 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
4    142.251.163.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f138.1e100.net
www.google-analytics.com
2    54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net
s4.histats.com
5    141.101.120.11 (None, )

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
2    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
googleads.g.doubleclick.net
1    142.251.179.149 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f149.1e100.net
static.doubleclick.net
4    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
jnn-pa.googleapis.com
1    142.251.163.103 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net
www.google.com
1    142.251.16.119 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f119.1e100.net
i.ytimg.com
1    142.251.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
yt3.ggpht.com
2    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
www.gstatic.com
6    18.67.76.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-31.iad89.r.cloudfront.net
get.s-onetag.com
5    3.141.240.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-240-42.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
2    18.160.10.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-25.iad12.r.cloudfront.net
onetag-geo.s-onetag.com
3    104.18.18.166 (None, )

ASN13335 (CLOUDFLARENET, US)
dunialk21.com
3    104.21.23.71 (None, )

ASN13335 (CLOUDFLARENET, US)
dunialk21.net
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
8    23.212.248.4 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-4.deploy.static.akamaitechnologies.com
t.sharethis.com
7    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    104.26.12.60 (None, )

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
7    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
2    44.238.141.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-141-43.us-west-2.compute.amazonaws.com
loada.exelator.com
18    107.20.214.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-214-81.compute-1.amazonaws.com
sync.crwdcntrl.net
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
14    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
2    18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net
data-beacons.s-onetag.com
3    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
dp2.33across.com
dp1.33across.com
10    23.220.112.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-112-236.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
3    44.218.222.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-222-11.compute-1.amazonaws.com
map.go.affec.tv
14    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
9    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    44.197.32.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-32-198.compute-1.amazonaws.com
usermatch.krxd.net
1    3.211.41.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-41-66.compute-1.amazonaws.com
beacon.krxd.net
6    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
10    52.55.144.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com
ps.eyeota.net
28    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
6    3.130.50.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-50-49.us-east-2.compute.amazonaws.com
sync.sharethis.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
3    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    104.86.160.58 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-160-58.deploy.static.akamaitechnologies.com
tags.bkrtx.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
8    44.193.54.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-54-186.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com
2    108.138.64.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-122.iad12.r.cloudfront.net
api.intentiq.com
2    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
19    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
cm.g.doubleclick.net
7    52.0.143.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-143-253.compute-1.amazonaws.com
i.liadm.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    104.19.131.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
1    52.5.231.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-231-5.compute-1.amazonaws.com
sync.ipredictive.com
2    15.235.42.103 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
wt.rqtrk.eu
ws.rqtrk.eu
2    216.22.16.9 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    104.17.216.204 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    69.169.85.6 (Commack, United States)

ASN29838 (AMC, US)
global.ib-ibi.com
1    64.58.232.180 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
ib.mookie1.com
1    52.87.28.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-28-41.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
4    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    13.249.39.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-83.iad89.r.cloudfront.net
aa.agkn.com
1    50.116.194.23 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com
d.turn.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    34.197.239.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-239-24.compute-1.amazonaws.com
i6.liadm.com
8    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
1    172.64.128.21 (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
4    52.54.159.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-159-197.compute-1.amazonaws.com
aorta.clickagy.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    172.253.122.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f149.1e100.net
s0.2mdn.net
7    54.164.228.62 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-228-62.compute-1.amazonaws.com
match.prod.bidr.io
2    192.184.69.252 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
2    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    23.221.241.11 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-241-11.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    54.197.133.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-133-126.compute-1.amazonaws.com
partner.mediawallahscript.com
4    18.160.10.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-22.iad12.r.cloudfront.net
cm.smadex.com
2    18.67.76.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-108.iad89.r.cloudfront.net
s.ad.smaato.net
2    34.232.140.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com
tag.crsspxl.com
3    107.178.240.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com
fei.pro-market.net
pbid.pro-market.net
7    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
3    3.228.65.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-65-117.compute-1.amazonaws.com
thrtle.com
1    18.165.98.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-25.iad55.r.cloudfront.net
audex.userreport.com
6    34.235.18.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-18-139.compute-1.amazonaws.com
dpm.demdex.net
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.0.52.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-52-210.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
19    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    216.22.16.57 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
2    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    159.127.43.140 (Los Angeles, United States)

ASN25751 (VALUECLICK, US)
PTR: iad07-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    35.214.253.210 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 210.253.214.35.bc.googleusercontent.com
csync.loopme.me
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    23.205.128.218 (None, )

ASN- ()
px.owneriq.net
1    34.225.68.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-68-212.compute-1.amazonaws.com
crb.kargo.com
1    52.5.176.145 (None, )

ASN- ()
sync.bfmio.com
1    134.122.57.34 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    3.248.28.79 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
Apex Domain
Subdomains		 Transfer
60 dunialk21.id
s1.dunialk21.id
1 MB
33 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
69 KB
28 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
ads.pubmatic.com — Cisco Umbrella Rank: 534
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
43 KB
28 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
60 KB
23 nonton168.online
nonton168.online
2 MB
22 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 255
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
3 KB
19 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 13053
t.sharethis.com — Cisco Umbrella Rank: 6925
sync.sharethis.com — Cisco Umbrella Rank: 3042
33 KB
14 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
11 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
data.adsrvr.org — Cisco Umbrella Rank: 5710
5 KB
12 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4376
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5421
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14208
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 4465
31 KB
10 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
6 KB
10 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
stags.bluekai.com — Cisco Umbrella Rank: 921
3 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
137 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
8 openx.net
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
rtd-tm.everesttech.net — Cisco Umbrella Rank: 3005
2 KB
8 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
3 KB
8 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
4 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
998 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
9 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3239
3 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
4 KB
6 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2780
4 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 KB
6 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
25 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
jnn-pa.googleapis.com — Cisco Umbrella Rank: 207
34 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
3 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
3 KB
5 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 31419
loadus.exelator.com — Cisco Umbrella Rank: 1596
4 KB
5 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 16443
t.dtscout.com — Cisco Umbrella Rank: 13562
9 KB
5 nonton168.tv
nonton168.tv
652 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
352 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2636
2 KB
4 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2013
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
4 33across.com
dp2.33across.com — Cisco Umbrella Rank: 12902
cdn-tc.33across.com — Cisco Umbrella Rank: 25468
dp1.33across.com — Cisco Umbrella Rank: 8156
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
969 B
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2436
pbid.pro-market.net — Cisco Umbrella Rank: 7860
1 KB
3 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
token.rubiconproject.com — Cisco Umbrella Rank: 458
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
1 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1384
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1330
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
612 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 8594
2 KB
3 dunialk21.net
dunialk21.net
1006 B
3 dunialk21.com
dunialk21.com
287 B
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 12815
ic.tynt.com — Cisco Umbrella Rank: 5525
de.tynt.com — Cisco Umbrella Rank: 1605
9 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 988
884 B
2 owneriq.net
px.owneriq.net
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
744 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
733 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
2 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
2 KB
2 crsspxl.com
tag.crsspxl.com — Cisco Umbrella Rank: 5554
702 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
804 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
917 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
1 KB
2 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1674
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
649 B
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1536
740 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
725 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3274
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
912 B
2 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1400
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1979
beacon.krxd.net — Cisco Umbrella Rank: 758
500 B
2 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 14519
1010 B
1 linksynergy.com
tags.rd.linksynergy.com
407 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
363 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
361 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
279 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
739 B
1 ctnsnet.com
ipac.ctnsnet.com
370 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
227 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
339 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 4449
433 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
491 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 22617
433 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2882
983 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1962
512 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 9083
543 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2553
551 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
480 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
186 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5990
16 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
45 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11551
128 KB
1 bioskop888.tv
bioskop888.tv
2 MB
1 bioskop888.org
bioskop888.org
166 B
0 appier.net Failed
gocm.c.appier.net Failed
0 mxptint.net Failed
pmp.mxptint.net Failed
0 adentifi.com Failed
rtb.adentifi.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 shareaholic.com Failed
pixel.shareaholic.com Failed
0 taboola.com Failed
trc.taboola.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 serverbid.com Failed
e.serverbid.com Failed
355 120
Domain Requested by
60 s1.dunialk21.id nonton168.online
s1.dunialk21.id
23 nonton168.online nonton168.online
22 ce.lijit.com nonton168.online
ap.lijit.com
ce.lijit.com
us-u.openx.net
ads.pubmatic.com
19 cm.g.doubleclick.net 14 redirects bcp.crwdcntrl.net
ce.lijit.com
us-u.openx.net
18 sync.crwdcntrl.net 4 redirects bcp.crwdcntrl.net
13 match.adsrvr.org 12 redirects nonton168.online
12 simage2.pubmatic.com ads.pubmatic.com
ce.lijit.com
10 ps.eyeota.net 4 redirects nonton168.online
data-beacons.s-onetag.com
bcp.crwdcntrl.net
10 secure.adnxs.com 9 redirects nonton168.online
9 pixel.tapad.com 7 redirects ads.pubmatic.com
8 us-u.openx.net 2 redirects ce.lijit.com
bcp.crwdcntrl.net
us-u.openx.net
8 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
ads.pubmatic.com
8 tags.bluekai.com 3 redirects de.tynt.com
tags.bkrtx.com
bcp.crwdcntrl.net
nonton168.online
8 t.sharethis.com pd.sharethis.com
t.sharethis.com
nonton168.online
8 www.youtube.com nonton168.online
www.youtube.com
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
7 image2.pubmatic.com ads.pubmatic.com
7 id5-sync.com 7 redirects
7 match.prod.bidr.io 7 redirects
7 sync-tm.everesttech.net 4 redirects nonton168.online
bcp.crwdcntrl.net
ads.pubmatic.com
7 i.liadm.com 5 redirects nonton168.online
bcp.crwdcntrl.net
7 pixel.onaudience.com 7 redirects
7 tags.crwdcntrl.net e.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
6 dpm.demdex.net 6 redirects
6 partner.mediawallahscript.com 5 redirects bcp.crwdcntrl.net
6 sync.sharethis.com 1 redirects nonton168.online
bcp.crwdcntrl.net
6 ap.lijit.com 3 redirects nonton168.online
get.s-onetag.com
data-beacons.s-onetag.com
6 idsync.rlcdn.com 3 redirects nonton168.online
bcp.crwdcntrl.net
ads.pubmatic.com
6 get.s-onetag.com e.dtscout.com
get.s-onetag.com
5 sync.1rx.io 5 redirects
5 s.amazon-adsystem.com 1 redirects ce.lijit.com
bcp.crwdcntrl.net
us-u.openx.net
ads.pubmatic.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 c1.adform.net 4 redirects bcp.crwdcntrl.net
5 pd.sharethis.com e.dtscout.com
nonton168.online
t.sharethis.com
5 nonton168.tv 5 redirects
5 www.googletagmanager.com nonton168.online
www.googletagmanager.com
s1.dunialk21.id
4 b1sync.zemanta.com 3 redirects ads.pubmatic.com
4 cm.smadex.com 4 redirects
4 aorta.clickagy.com 4 redirects
4 ib.adnxs.com 4 redirects
4 um.simpli.fi 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 jnn-pa.googleapis.com www.youtube.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 s10.histats.com nonton168.online
s10.histats.com
3 thrtle.com 1 redirects bcp.crwdcntrl.net
ce.lijit.com
3 ads.pubmatic.com ce.lijit.com
ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects nonton168.online
3 ups.analytics.yahoo.com 3 redirects
3 cms.analytics.yahoo.com 3 redirects
3 ml314.com 1 redirects nonton168.online
bcp.crwdcntrl.net
3 loadus.exelator.com 2 redirects bcp.crwdcntrl.net
3 map.go.affec.tv 2 redirects nonton168.online
3 dunialk21.net 3 redirects
3 dunialk21.com 3 redirects
3 t.dtscout.com e.dtscout.com
2 pippio.com 2 redirects
2 px.owneriq.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 eb2.3lift.com 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 pr-bh.ybp.yahoo.com us-u.openx.net
ads.pubmatic.com
2 fei.pro-market.net 2 redirects
2 tag.crsspxl.com 1 redirects bcp.crwdcntrl.net
2 s.ad.smaato.net 2 redirects
2 ums.acuityplatform.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 t.adx.opera.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 cms.quantserve.com 2 redirects
2 creativecdn.com 2 redirects
2 connect-metrics-collector.s-onetag.com get.s-onetag.com
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 dis.criteo.com nonton168.online
ads.pubmatic.com
2 api.intentiq.com data-beacons.s-onetag.com
2 stags.bluekai.com 2 redirects
2 connect.facebook.net nonton168.online
connect.facebook.net
2 dp2.33across.com 2 redirects
2 data-beacons.s-onetag.com get.s-onetag.com
2 loada.exelator.com 2 redirects
2 t.dtscdn.com e.dtscout.com
2 onetag-geo.s-onetag.com get.s-onetag.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 e.dtscout.com s4.histats.com
2 s4.histats.com s10.histats.com
2 fonts.googleapis.com nonton168.online
s1.dunialk21.id
1 tags.rd.linksynergy.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 sync.bfmio.com ce.lijit.com
1 crb.kargo.com ce.lijit.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 token.rubiconproject.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 rtd-tm.everesttech.net 1 redirects
1 pbid.pro-market.net bcp.crwdcntrl.net
1 ws.rqtrk.eu 1 redirects
1 data.adsrvr.org 1 redirects
1 tr.blismedia.com ce.lijit.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 s0.2mdn.net ce.lijit.com
1 a.dtssrv.com e.dtscout.com
1 i6.liadm.com nonton168.online
1 d.turn.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects ads.pubmatic.com
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 c.cintnetworks.com bcp.crwdcntrl.net
1 dmp.truoptik.com 1 redirects
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 sync.ipredictive.com 1 redirects ads.pubmatic.com
1 mwzeom.zeotap.com nonton168.online
1 spl.zeotap.com 1 redirects
1 www.facebook.com nonton168.online
1 tags.bkrtx.com pd.sharethis.com
1 dp1.33across.com 1 redirects
1 beacon.krxd.net nonton168.online
1 usermatch.krxd.net 1 redirects
1 cdn-tc.33across.com de.tynt.com
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com nonton168.online
1 cdn.tynt.com e.dtscout.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 i.ibb.co nonton168.online
1 bioskop888.tv nonton168.online
1 bioskop888.org 1 redirects
0 gocm.c.appier.net Failed ads.pubmatic.com
0 pmp.mxptint.net Failed ads.pubmatic.com
0 rtb.adentifi.com Failed ads.pubmatic.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 beacon.lynx.cognitivlabs.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 pm.w55c.net Failed ads.pubmatic.com
0 p.rfihub.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 pixel.shareaholic.com Failed bcp.crwdcntrl.net
0 trc.taboola.com Failed bcp.crwdcntrl.net
0 sync.search.spotxchange.com Failed bcp.crwdcntrl.net
0 ad.mrtnsvr.com Failed bcp.crwdcntrl.net
ads.pubmatic.com
0 x.bidswitch.net Failed ce.lijit.com
ads.pubmatic.com
0 e.serverbid.com Failed ce.lijit.com
355 159
Subject Issuer Validity Valid
nonton168.online
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ibb.co
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
dunialk21.id
GTS CA 1P5		 2023-11-06 -
2024-02-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2023-11-15 -
2024-02-13		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-01-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1		 2023-06-01 -
2024-05-31		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-08-08 -
2024-02-08		 6 months crt.sh
ml314.com
GTS CA 1D4		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
dtssrv.com
GTS CA 1P5		 2023-11-25 -
2024-02-23		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 54 frames:

Primary Page: https://nonton168.online/tv/gadis-kretek-2023-completed/
Frame ID: 98E3D0B77989AF046C7550001ED929BC
Requests: 80 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ejRQzHh8gLI
Frame ID: 2BB65D050A6D8DE07E0159376D1DF3ED
Requests: 20 HTTP requests in this frame

Frame: https://s1.dunialk21.id/
Frame ID: 5617DDAB79542FDD5FFE45E873E1D152
Requests: 92 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A017010239200F513BAB960BCDED15
Frame ID: FB520E528C0D2D9EF26DBEEC6D554D68
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: CDC2DD448DF4518AFB0FA765C170F528
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212358413774302&ret=html&random=1701023921
Frame ID: 144949B978AF96FE17CD09F629D69433
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: A66F75BE67117FFF391CDB2D2065CDD2
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/CA/t_.js?cid=c010&cls=C
Frame ID: 83E06C8179210641124A19C3543E8AB0
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 8B7EFC71DF61CDB7BAF380735B6FA4FD
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Frame ID: 17C7C94C4D834314C77C5B555AF011AA
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=36467
Frame ID: AB04762D48B198FE329892B15E028C4F
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Frame ID: 2A1B365240463699F836A0D3DE176FFE
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1258.23363/a/CA/t_.js?cid=c010&cls=C
Frame ID: E8606CD1A37FB7BF83E8A81057CD0CCE
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 2211A7C0A3C414DBF57ABADD763A4294
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: AA72662555E46C59E6CD658B26761DB6
Requests: 24 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=92719
Frame ID: 386F5639E92B50FE66FC49A60AE47B93
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 2C7BF12902AA30F6C749D0987DE5E615
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 63A019923BA08B899B72E74BB83B3494
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 35EA9B9002C96E8174E3FE33230A7239
Requests: 21 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 777E65D593CB481433E27CF5D1A0C90A
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: A22E93DF3BEF7F366DBA92D5B7C029B5
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 68CA5C95106DE997050BEC01CA1B7CE6
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: B287D7B506D088F768470293AAAA2FE4
Requests: 25 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 6800B4C82FC5DDE8F19513D20FE2DA57
Requests: 24 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2B244806-A0BC-4F9E-8896-17D65D0B30D3&redir=true&gdpr=0&gdpr_consent=
Frame ID: 830BF9F1C8BE6E5EF626CAC5C66D6CF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9148969588917863460&gdpr=0&gdpr_consent=
Frame ID: 98C442CC1D01889A6BFD72AB23C660DB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAPU7KxyIAABXTqiZl9w&gdpr=0&gdpr_consent=
Frame ID: 5840669D0ABA753A1A6D413EA99E1313
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 01705CB8364598FF296870D45A691A1B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWOQxQACjgkjzABd
Frame ID: D673695B78D47039B176EA8A46C36C69
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
Frame ID: 1F0F48A78CCF0D98AA0DDBBC7E1588B4
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A8AB041DF0454C6A32C21259464CB7B6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9C99E89F22800B9D85DA293B08468AEE
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: F561256C7DDC74DFFF3CF02F95E47F62
Requests: 1 HTTP requests in this frame

Frame: https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Frame ID: 9AF82D7E06D58E0D9A7E56FE6C88A780
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 630D01C8902F5170B52F0F2209257179
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 65F926A6E5D38CDD295CBB127093FFE5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 362C3A20D9DD00DB54077488C9702866
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 625424049C861BF96157B2E5D6CC7F8E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
Frame ID: E821CB0F336F69E4C942B958944B3F78
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Frame ID: 876EFBFD6D9B3F6F64409017A2CBFE72
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: B68CF5E26951FB87D043310C56B1E949
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Frame ID: B754B17E13DDD75B7B126E779581EAED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=856854897523
Frame ID: D94165FB5C771C9F31CC16FFC5AEAC58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7DFF88DAC07665C0C905E4B9393329A1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 86353D34A53B7CBAA690C140154CB369
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: B17C898DA1AA158CB3EFD4E5934975A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Frame ID: D635D72D44B8DCB6F0501DDAA537A4B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cae66563-90c9-4f00-9ee6-120931253519&gdpr=0&gdpr_consent=
Frame ID: D77D1CC9ABF2294F5961D980FE1456E1
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D871A980B5BEF1225CBC35D46CB030B1
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 178791DE679145795145B7372EF58EA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7543103451458500149
Frame ID: 3590460C483BD2113865B3E517BC5365
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337&gdpr=0&gdpr_consent=
Frame ID: 1ABC19E640FFA2B7107C38C75AE14311
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Frame ID: FC99DC9F4E7CD034387093D7B2AD3EFA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Frame ID: C1112526FD4C0F751EE18F3E6F3DCF48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gadis Kretek (2023) Completed - Nonton Film Bioskop Online Kualitas Full HD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

355
Requests

67 %
HTTPS

0 %
IPv6

120
Domains

159
Subdomains

90
IPs

10
Countries

7326 kB
Transfer

11958 kB
Size

222
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png HTTP 301
  • https://nonton168.online/wp-content/uploads/2021/04/LOGO-03.png
Request Chain 10
  • https://bioskop888.org/wp-content/uploads/2023/02/Naga888-920x250-2.gif HTTP 301
  • https://bioskop888.tv/wp-content/uploads/2023/02/Naga888-920x250-2.gif
Request Chain 11
  • https://nonton168.tv/wp-content/uploads/2023/05/banner-gif-720x90-2.gif HTTP 301
  • https://nonton168.online/wp-content/uploads/2023/05/banner-gif-720x90-2.gif
Request Chain 12
  • https://nonton168.tv/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif HTTP 301
  • https://nonton168.online/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif
Request Chain 17
  • https://nonton168.tv/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg HTTP 301
  • https://nonton168.online/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg
Request Chain 33
  • https://nonton168.tv/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif HTTP 301
  • https://nonton168.online/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif
Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 77
  • https://dunialk21.com/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png HTTP 301
  • https://dunialk21.net/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png HTTP 301
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
Request Chain 96
  • https://dunialk21.com/wp-content/uploads/2023/10/BG.png HTTP 301
  • https://dunialk21.net/wp-content/uploads/2023/10/BG.png HTTP 301
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/BG.png
Request Chain 102
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A017010239200F513BAB960BCDED15 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=df39384ca529cbfb2f7eb54fda4ed188&gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1b2791c5ff55bea8/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=94209156248832839&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 135
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1701023921516.4 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212358413774302&ret=html&random=1701023921
Request Chain 137
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&ts=1701023921516.1 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D656390b137cba0000114d219%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D656390b137cba0000114d219%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/9013900497429387277?ch=656390b137cba0000114d219&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/a88b0dbe-40d8-479c-993a-bf072bb26049?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 138
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=23d56d0e-e5ab-4972-a650-5aad8061e8d8%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 139
  • https://dp2.33across.com/ps/?pid=1205&rand=1701023921516.3 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212358400474000
Request Chain 140
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&33random=1701023921516.5&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&33random=1701023921516.5&cat=33across HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&bid=1e2n4ou
Request Chain 141
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.7&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212273564415514&seg_code=33x&random=1701023921 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212273564415514%26seg_code%3D33x%26random%3D1701023921
Request Chain 144
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Request Chain 147
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=ae391f1942a10fdc0a80995cd6adfbca
Request Chain 148
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2eccFjBiFtcQQK0HasY4f8kSG1EN_UGWKz-D12RRhKYw&gdpr=0&gdpr_consent=
Request Chain 149
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640214972407480320 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDIxNDk3MjQwNzQ4MDMyMBAAGg0IsqGOqwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=fa6cf01e7d03b2205529df8b70e688f2bba9a111af2161337ecb125936ec74e6f4cb09cee1a4f8eb&person_id=3640214972407480320&eid=50082
Request Chain 150
  • https://tags.bluekai.com/site/59574?id=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 165
  • https://dunialk21.com/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png HTTP 301
  • https://dunialk21.net/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png HTTP 301
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
Request Chain 167
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZH4ACGVjkLEAAAAIA6wzAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=75348630 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Request Chain 175
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A017010239200F513BAB960BCDED15 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=1b2791c5ff55bea8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zcluid=1b2791c5ff55bea8&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zcluid=1b2791c5ff55bea8&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHGNoNkfucGAEk8aBgUbjYQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zcluid=1b2791c5ff55bea8&zdid=1332
Request Chain 191
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=453 HTTP 303
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=453&_li_chk=true&previous_uuid=3716ffe759d342c9bd3adb97be39fcd6 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 193
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=f7e797d6a7cf29af4304b67135844b8d HTTP 307
  • https://cm.mgid.com/m?c=f7e797d6a7cf29af4304b67135844b8d&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 194
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=40e13e20-9280-446a-80b7-b98e740a64a1&gdpr=0
Request Chain 196
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 197
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6774825355793358841/gdpr=/gdpr_consent=
Request Chain 198
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0
Request Chain 199
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a88b0dbe-40d8-479c-993a-bf072bb26049/gdpr=0/gdpr_consent=
Request Chain 200
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D23d56d0e-e5ab-4972-a650-5aad8061e8d8%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D23d56d0e-e5ab-4972-a650-5aad8061e8d8%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fpixel.tapad.com%252Fidsync%252Fex%252Freceive%253Fpartner_id%253DAPPNEXUS%2526partner_device_id%253D%2524UID%2526pt%253D23d56d0e-e5ab-4972-a650-5aad8061e8d8%25252Chttps%2525253A%2525252F%2525252Fsync.crwdcntrl.net%2525252Fmap%2525252Fc%2525253D10158%2525252Ftp%2525253DTPAD%2525252Ftpid%2525253D23d56d0e-e5ab-4972-a650-5aad8061e8d8%25252C%2525257B%25252522fullVersionList%25252522%2525253A%2525255B%2525255D%2525252C%25252522mobile%25252522%2525253Afalse%2525252C%25252522model%25252522%2525253A%25252522%25252522%2525252C%25252522platform%25252522%2525253A%25252522%25252522%2525252C%25252522platformVersion%25252522%2525253A%25252522%25252522%2525257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9148969588917863460&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D23d56d0e-e5ab-4972-a650-5aad8061e8d8%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=23d56d0e-e5ab-4972-a650-5aad8061e8d8
Request Chain 201
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=d98b02765a5a429d32c10cc71757c813
Request Chain 205
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d
Request Chain 207
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-872418fa-7803-5f03-510b-f7497780782c$ip$185.213.80.46&gdpr=0&gdpr_consent=
Request Chain 208
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-alQ_cU5E2pybteJALGNNVr9GvXD3apUUt_k-~A&gdpr=0
Request Chain 209
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553/gdpr=0
Request Chain 214
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f7e797d6a7cf29af4304b67135844b8d/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3809824949511121677/gdpr=0
Request Chain 215
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=413173715 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D413173715 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9013900497429387277/gdpr=0/rand=413173715
Request Chain 217
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu=&expected_cookie=3c058bbe-0356-4e6f-b761-b318647b5d00
Request Chain 219
  • https://um.simpli.fi/lj_match?r=76193 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
Request Chain 220
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=90091 HTTP 303
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=90091&_li_chk=true&previous_uuid=527f1f4bd2df4b9a81ad39d741fdf97e HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 221
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717 HTTP 303
  • https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717
Request Chain 226
  • https://um.simpli.fi/lj_match?r=47982 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
Request Chain 227
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HuN-fSZHZPbi87sTQYOsy8Ke/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=f7e797d6a7cf29af4304b67135844b8d
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkl4eDljZ2pJdDRCQktPdHFBbWwzdlBrRFphMzdtdGxuZDFXaHdIRTBreFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEHhTg1z-INiYBD-1J1g7BG4&google_cver=1
Request Chain 233
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-grqXgatE2pVwpkHsNjOSHmnpQu8kgOYchA4-~A
Request Chain 235
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=9148969588917863460&bid=2cr76e1&referrer_pid=51md42u
Request Chain 236
  • https://tags.bluekai.com/site/29539?limit=1&id=2HmvbUe3z6O2VabLyiQA-REiq-Z_VXfkl2QZpVd-cB3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=S2lPMXZCb1E5OTlEWnRCaw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEABxXgM_xihW04ls4KePy9w&google_cver=1
Request Chain 245
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fcs.krushmedia.com%2F0674638529195b597475a5faaba7eee8.gif%3Fpuid%3D%5Bsas_uid%5D&gdpr_consent=[consent_string]&nwid=4478 HTTP 302
  • https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=3669561126981729921 HTTP 302
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fcs.krushmedia.com%2F4264a41cc8c08a41961737ab5bcf5b16.gif%3Fpuid%3D
Request Chain 246
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
Request Chain 247
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HuN-fSZHZPbi87sTQYOsy8Ke&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:0b2c3bb7f94bb5675e19943eb71e35c6
Request Chain 248
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=DcrwEvWxdzgYYNfeoV93rSRyYZlKR72GYEq5fuDC-rI&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 249
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 250
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AACAPU7KxyIAABXTqiZl9w&pid=85&gdpr=0
Request Chain 251
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ZnrYtGl_jbJ9LIyzZXjDsmkt3rJ9LY_lZilsqwbm
Request Chain 252
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LPFTQHR3-3-DHGE&gdpr=0
Request Chain 253
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 254
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1701023941698 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8000347103 HTTP 302
  • https://sync.1rx.io/usersync/turn/3809824949511121677?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Request Chain 255
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=GJAV8UWcyUHi&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 256
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU0c25e72e0f75407abc3dd9e69c033034&gdpr=0&gdpr_consent=&pid=102
Request Chain 257
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=8db43e9f-c272-4bbd-b735-7da412be1219
Request Chain 258
  • https://ums.acuityplatform.com/tum?umid=27&uid=HuN-fSZHZPbi87sTQYOsy8Ke&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=856855021793
Request Chain 259
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPFTQK2U-1D-IRUN&gdpr=0
Request Chain 262
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Request Chain 263
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=9148969588917863460&gdpr=0&gdpr_consent=
Request Chain 264
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0
Request Chain 265
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 270
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f7e797d6a7cf29af4304b67135844b8d&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f7e797d6a7cf29af4304b67135844b8d&custom=&tag_format=img&tag_action=sync&final=true&reqid=119a9430-8c8b-11ee-941f-f57ef3c7fbf8&timestamp=2023-11-26T18%3A39%3A01.875Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=9148969588917863460&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=11a123e0-8c8b-11ee-8d32-dd5bdc34d559?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=f7e797d6a7cf29af4304b67135844b8d&tag_format=img&tag_action=sync&cb=380339861 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a88b0dbe-40d8-479c-993a-bf072bb26049&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=11a123e0-8c8b-11ee-8d32-dd5bdc34d559&cb=1701023942148&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1701023942148 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=4005e2a9-5761-46f8-9e74-d0d646bdd902&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1701023942148
Request Chain 271
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0 HTTP 302
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=MXBvcjVuV1RRaml0ajdrUzMzYmFOZz09&sm_p=dc&sm_r=lotame,lotame,smt,rbc,bds,tl HTTP 302
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,smt,rbc,bds,tl HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=d69a2be6-7593-4238-ad8f-b912df76da36&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Csmt%2Crbc%2Cbds%2Ctl HTTP 302
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,smt,rbc,bds,tl HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001024&dspCookie=d69a2be6-7593-4238-ad8f-b912df76da36 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=c30f398150&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=25&amp;redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001213%26dspCookie%3D__ADFUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
Request Chain 272
  • https://tag.crsspxl.com/c.gif?t=57603&gdpr=0 HTTP 302
  • https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Request Chain 275
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=f7e797d6a7cf29af4304b67135844b8d HTTP 302
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=f7e797d6a7cf29af4304b67135844b8d&sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTMxNTczNTI5MjU4OTExMTUzNTY= HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEPUQ57JBuOjMZed36uazR3c&google_cver=1
Request Chain 276
  • https://id5-sync.com/s/19/9.gif?puid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/2/8/2.gif?puid=9148969588917863460&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a88b0dbe-40d8-479c-993a-bf072bb26049&ttl=%%TTL%% HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F6%2F4.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/19/136/6/4.gif?puid=ZWOQxQACjgkjzABd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/id5?uid=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F5%2F5%2Fgif%2F0%2F0%2F HTTP 302
  • https://id5-sync.com/a/19/121/5/5/gif/0/0/ZH4ACGVjkLEAAAAIA6wzAw== HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F4%2F6.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=794b40a8dd774161a092f938498fa75b&redir=https://id5-sync.com/c/19/321/4/6.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/19/321/4/6.gif?puid=peh1vshX99YiCtBk HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q
Request Chain 277
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d HTTP 302
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d&vxii_pid=12&vxii_pid1=10014&vxii_rcid=a79265c5-e1c1-4fa4-baa3-fcd32a620c85
Request Chain 284
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=54077093005570383903678933283824242444/gdpr=0
Request Chain 285
  • https://pixel.onaudience.com/?mapped=f7e797d6a7cf29af4304b67135844b8d&partner=104&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=7c0436aa260667ab HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
  • https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
  • https://tags.bluekai.com/site/19505?id=y-kndRJRVE2pKkUF2R6T73npIB8_nZHt.sd_A-~A
Request Chain 286
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=f7e797d6a7cf29af4304b67135844b8d HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0b2c3bb7f94bb5675e19943eb71e35c6&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:0b2c3bb7f94bb5675e19943eb71e35c6&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=54077093005570383903678933283824242444 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=cf732ce2-3ea6-017b-1ec1-c795a27bb676&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0b2c3bb7f94bb5675e19943eb71e35c6
Request Chain 287
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213260604712009365881&gdpr=0&gdpr_consent=
Request Chain 290
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZWOQxQACjud_awBU
Request Chain 292
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=999977428 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9148969588917863460/gdpr=0/rand=999977428
Request Chain 294
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWOQxQACkMV_uABU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWOQxQACkMV_uABU&_test=ZWOQxQACkMV_uABU
Request Chain 297
  • https://match.adsrvr.org/track/cmf/openx?oxid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0&gdpr_consent=
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGxq6ltWlmfRrE7KELzj6zY&google_cver=1
Request Chain 301
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9148969588917863460&gdpr=0&gdpr_consent=
Request Chain 302
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQVBVN0t4eUlBQUJYVHFpWmw5dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACAPU7KxyIAABXTqiZl9w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACAPU7KxyIAABXTqiZl9w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACAPU7KxyIAABXTqiZl9w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3669561126981729921&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACAPU7KxyIAABXTqiZl9w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D3669561126981729921%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0345378B94D9495CA1AECF8ACCEB3788%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526userid%253D3669561126981729921%2526gdpr%253D0%2526gdpr_consent%253D%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0345378B94D9495CA1AECF8ACCEB3788%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526userid%253D3669561126981729921%2526gdpr%253D0%2526gdpr_consent%253D%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D&s=191740&C=1 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=0345378B94D9495CA1AECF8ACCEB3788&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D3669561126981729921%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&uid=ZWOQxtjR1BRn-rkraSd73AAA%263546 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=3669561126981729921&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAPU7KxyIAABXTqiZl9w&gdpr=0&gdpr_consent=
Request Chain 304
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWOQxQACjgkjzABd
Request Chain 305
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
Request Chain 314
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
Request Chain 315
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2?gdpr=0 HTTP 301
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KyRIBqC8T56IlhfWXQsw0w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 319
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2B244806-A0BC-4F9E-8896-17D65D0B30D3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=23d56d0e-e5ab-4972-a650-5aad8061e8d8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D23d56d0e-e5ab-4972-a650-5aad8061e8d8%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=23d56d0e-e5ab-4972-a650-5aad8061e8d8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D23d56d0e-e5ab-4972-a650-5aad8061e8d8%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=54077093005570383903678933283824242444&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2C%2C
Request Chain 321
  • https://eb2.3lift.com/xuid?mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkIyNDQ4MDYtQTBCQy00RjlFLTg4OTYtMTdENjVEMEIzMEQz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHk329sx1YlBR2j4mTmDlhE&google_cver=1
Request Chain 324
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-utFfKzlE2uUrGoqzAhV1o2kFeqaeRNw-~A&gdpr=0
Request Chain 328
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5a0674478dca11c1&is_secure=true&networkId=17100&version=1&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHT5h40xtp8gMYB8SFAAAAAAA&expiration=1701110343&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 332
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
Request Chain 333
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3809824949511121677&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6774825355793358841
Request Chain 337
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=856854897523
Request Chain 338
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 341
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3841358648 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a88b0dbe-40d8-479c-993a-bf072bb26049 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Request Chain 342
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cae66563-90c9-4f00-9ee6-120931253519&gdpr=0&gdpr_consent=
Request Chain 345
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7543103451458500149&uid=Q7543103451458500149&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7543103451458500149
Request Chain 346
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337&gdpr=0&gdpr_consent=
Request Chain 352
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:aaf9b9c3-49e6-469c-8585-aa49b9772c97&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 356
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ce528e457ce2558668f6e01a31d5484e90715e78eb6157c5233b03f633371cd9791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjZTUyOGU0NTdjZTI1NTg2NjhmNmUwMWEzMWQ1NDg0ZTkwNzE1ZTc4ZWI2MTU3YzUyMzNiMDNmNjMzMzcxY2Q5NzkxNDI2YjU0MTdkY2UyMRAAGgwIyaGOqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjZTUyOGU0NTdjZTI1NTg2NjhmNmUwMWEzMWQ1NDg0ZTkwNzE1ZTc4ZWI2MTU3YzUyMzNiMDNmNjMzMzcxY2Q5NzkxNDI2YjU0MTdkY2UyMRAAGgwIyaGOqwYSBAgCEABCAEoA&google_gid=CAESEIJeu6r_-i7u5dJ5V356jww&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0663f82e-84d8-44a3-9b21-6d376c3f7709

355 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nonton168.online/tv/gadis-kretek-2023-completed/ 		95 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6de985ab9a80fe36e5b7b19cbf88be6506861d4bfb0056d896a2b5121944e469

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:38:40 GMT
link
<https://nonton168.online/wp-json/>; rel="https://api.w.org/" <https://nonton168.online/wp-json/wp/v2/tv/21462>; rel="alternate"; type="application/json" <https://nonton168.online/?p=21462>; rel=shortlink
server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-84JV0TX02W
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2af01feca9de20f4c34088095127f66e03944c87dc3fda447a136a3322cf375e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78849
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 Nov 2023 18:38:40 GMT
idmuvi-core.css
nonton168.online/wp-content/plugins/idmuvi-core/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/plugins/idmuvi-core/css/idmuvi-core.css?ver=2.1.6
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7aa7a39fa6ec967abe729994991271bbaf3b04f9ce929a888f240bb8c2447b97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sat, 11 Nov 2023 07:25:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"654f2c63-2523"
access-control-max-age
3600
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
9507
j-preroll-public.css
nonton168.online/wp-content/plugins/j-preroll/public/css/ 		728 B
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/plugins/j-preroll/public/css/j-preroll-public.css?ver=1.0.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bda1ae194b6675e97a7cdb37cdb73d0364a2ac3a0c12820a61a52fe5e54425e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 04 Jan 2022 23:33:56 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"61d4d964-2d8"
access-control-max-age
3600
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
728
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 Nov 2023 18:38:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Nov 2023 18:38:40 GMT
style.css
nonton168.online/wp-content/themes/muvipro/ 		75 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/themes/muvipro/style.css?ver=2.1.8
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6b9d9a7466336a2c9447aa8f1a5e265e56ed83cefaad3a5d965deb249bbf5302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 17 Jan 2023 07:57:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"63c65507-12bb5"
access-control-max-age
3600
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
76725
frontend-gtag.min.js
nonton168.online/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sat, 11 Nov 2023 07:24:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"654f2c49-2d5d"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
11613
jquery.min.js
nonton168.online/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Wed, 08 Nov 2023 08:15:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"654b439b-15601"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
87553
jquery-migrate.min.js
nonton168.online/wp-includes/js/jquery/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Wed, 09 Aug 2023 05:15:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64d320ea-3509"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
13577
j-preroll-public.js
nonton168.online/wp-content/plugins/j-preroll/public/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/plugins/j-preroll/public/js/j-preroll-public.js?ver=1.0.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
abe92f945f9f32633876de8938e29fb806642cadf570e32350a0ccccd53cc48c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 04 Jan 2022 23:44:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"61d4dbe4-1cfc"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
7420
LOGO-03.png
nonton168.online/wp-content/uploads/2021/04/
Redirect Chain
  • https://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png
  • https://nonton168.online/wp-content/uploads/2021/04/LOGO-03.png
206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2021/04/LOGO-03.png
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
44569fbdca256f6cf64c86fe6f855b7a0af176b5394458b667f2feb590b82852

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 20 Apr 2021 20:39:58 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"607f3c1e-33912"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
211218

Redirect headers

location
https://nonton168.online/wp-content/uploads/2021/04/LOGO-03.png
date
Sun, 26 Nov 2023 18:38:40 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
Naga888-920x250-2.gif
bioskop888.tv/wp-content/uploads/2023/02/
Redirect Chain
  • https://bioskop888.org/wp-content/uploads/2023/02/Naga888-920x250-2.gif
  • https://bioskop888.tv/wp-content/uploads/2023/02/Naga888-920x250-2.gif
2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bioskop888.tv/wp-content/uploads/2023/02/Naga888-920x250-2.gif
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
162.241.252.167 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5726.bluehost.com
Software
Apache /
Resource Hash
bcd93a8e43f8d96c0d5151877a93d1de6ff1e1267e9c7bcdc7d53c0ae89c91ba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
x-nginx-cache
WordPress
last-modified
Tue, 28 Feb 2023 06:35:35 GMT
server
Apache
x-endurance-cache-level
3
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1924722
expires
Sun, 03 Dec 2023 18:38:40 GMT

Redirect headers

location
https://bioskop888.tv/wp-content/uploads/2023/02/Naga888-920x250-2.gif
date
Sun, 26 Nov 2023 18:38:40 GMT
cache-control
max-age=28800
expires
Mon, 27 Nov 2023 02:38:40 GMT
server
Apache
content-length
278
content-type
text/html; charset=iso-8859-1
banner-gif-720x90-2.gif
nonton168.online/wp-content/uploads/2023/05/
Redirect Chain
  • https://nonton168.tv/wp-content/uploads/2023/05/banner-gif-720x90-2.gif
  • https://nonton168.online/wp-content/uploads/2023/05/banner-gif-720x90-2.gif
232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/05/banner-gif-720x90-2.gif
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
76ddeb99b16a66290e54bdaaabdaed26a4c2dfe4d7debe2f0e857dcede0b3656

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Mon, 15 May 2023 07:13:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6461db9b-3a1cb"
access-control-max-age
3600
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
238027

Redirect headers

location
https://nonton168.online/wp-content/uploads/2023/05/banner-gif-720x90-2.gif
date
Sun, 26 Nov 2023 18:38:40 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
mutiarapoker-720x90-new-1.gif
nonton168.online/wp-content/uploads/2023/05/
Redirect Chain
  • https://nonton168.tv/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif
  • https://nonton168.online/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif
670 KB
671 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
50c52ab8e10870b71d7e4a1eea98cb11ef966e9d0d44605c6a8d3a09a4bbfae7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sat, 27 May 2023 05:07:58 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6471902e-a791a"
access-control-max-age
3600
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
686362

Redirect headers

location
https://nonton168.online/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif
date
Sun, 26 Nov 2023 18:38:40 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
694BgfPfUAGBsZn9l9eiiumwXt7.jpg
nonton168.online/wp-content/uploads/2023/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/11/694BgfPfUAGBsZn9l9eiiumwXt7.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe395c940d5af110cc008261a407955db76f7108db688175cefc98bfe4a9d16c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Fri, 03 Nov 2023 00:03:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"654438c0-44e6"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
17638
02.jpg
i.ibb.co/0Gv9Nvc/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/0Gv9Nvc/02.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
70000337a80e71a6e75618f37039f0f117adc09a1357e27a87df58342e25db4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Fri, 03 Nov 2023 00:05:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
130484
expires
Thu, 31 Dec 2037 23:55:55 GMT
hS7udvNJxgg9US5MoNq2fvkyR2X.jpg
nonton168.online/wp-content/uploads/2023/11/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/11/hS7udvNJxgg9US5MoNq2fvkyR2X.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7264503d5c15ac370c955e0c7c0bc713d12131603d60640ff6cd8bd9452d106f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Thu, 09 Nov 2023 01:15:53 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"654c32c9-5388"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
21384
lQchkNOo6iYSt73GWIxRP151JnY.jpg
nonton168.online/wp-content/uploads/2023/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/11/lQchkNOo6iYSt73GWIxRP151JnY.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
750f674601f5ad3a732dc981e9c4cc26ac2aac8d90eba7be3fb47468b332e0db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sun, 26 Nov 2023 12:02:02 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"656333ba-2f56"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
12118
join-us-in-telegram-1-360x140-1.jpg
nonton168.online/wp-content/uploads/2023/07/
Redirect Chain
  • https://nonton168.tv/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg
  • https://nonton168.online/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sat, 01 Jul 2023 20:54:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64a09299-2647"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
9799

Redirect headers

location
https://nonton168.online/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg
date
Sun, 26 Nov 2023 18:38:40 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
js
www.googletagmanager.com/gtag/ 		132 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-195325106-1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3fb737db75c65508bae05aaf4aaac4edb1e7f9d8d8d38474507da7c655f3495d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51392
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 Nov 2023 18:38:40 GMT
js-plugin-min.js
nonton168.online/wp-content/themes/muvipro/js/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/themes/muvipro/js/js-plugin-min.js?ver=2.1.8
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 17 Jan 2023 07:57:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"63c65507-aae5"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
43749
customscript.js
nonton168.online/wp-content/themes/muvipro/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-content/themes/muvipro/js/customscript.js?ver=2.1.8
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c6f518eeb52ac428e414991cc7536284312c34763cb9e385271e63c48cddaab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Tue, 17 Jan 2023 07:57:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"63c65507-1803"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
6147
comment-reply.min.js
nonton168.online/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-includes/js/comment-reply.min.js?ver=6.4.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Wed, 25 May 2022 05:17:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"628dbbf2-ba5"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
2981
df5378f5-a64f-44d5-a721-880c63365c4c
https://nonton168.online/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nonton168.online/df5378f5-a64f-44d5-a721-880c63365c4c
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonton168.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:04:39 GMT
x-content-type-options
nosniff
age
311641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 04:04:39 GMT
ejRQzHh8gLI
www.youtube.com/embed/ Frame 2BB6 		91 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ejRQzHh8gLI
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
ESF /
Resource Hash
bd88555d0411167689d2c6f9dba9cc787529f9b965b466454c29261a26fa6990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 18:38:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
s1.dunialk21.id/ Frame 5617 		274 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a70120ee8a0f98538a3e5125e3894bd3112f3ade08c8352519688ebebb05d0

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
82c43fef2ac7a1f6-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:38:41 GMT
link
<https://s1.dunialk21.id/wp-json/>; rel="https://api.w.org/"
server
cloudflare
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.79.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
70905
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
82c43fef2c193a07-YYZ
content-length
4547
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonton168.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:21:21 GMT
x-content-type-options
nosniff
age
307039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 05:21:21 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonton168.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:52:59 GMT
x-content-type-options
nosniff
age
301541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 06:52:59 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nonton168.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:19:53 GMT
x-content-type-options
nosniff
age
310727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 04:19:53 GMT
oYOxdgfPogMoXPizBjKcZx7f9k2.jpg
nonton168.online/wp-content/uploads/2023/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/10/oYOxdgfPogMoXPizBjKcZx7f9k2.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
284c87178e77781abd81262964b699c70eb6a27f6e5a741671b9662b3646a981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sun, 29 Oct 2023 11:56:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"653e4883-649b"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
25755
xBnscv5BrJREKVSvh0le61y4KDk.jpg
nonton168.online/wp-content/uploads/2023/11/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/11/xBnscv5BrJREKVSvh0le61y4KDk.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ba5349e6d3c6a65393aa6f08ed83672a4b62aa7800f51f54a7ea905bfc9f798

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sat, 25 Nov 2023 06:49:03 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"656198df-5105"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
20741
cb5Mvxp7go6TR5fwvlYf8jOo6ei.jpg
nonton168.online/wp-content/uploads/2023/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/10/cb5Mvxp7go6TR5fwvlYf8jOo6ei.jpg
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a62c0b9922749f190b6ae2f8d72c26767e14146d35f6f6036c249ef258708f57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Sun, 08 Oct 2023 09:09:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"652271d0-7e87"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
32391
BANNER-ISTANA-300-250-Recovered.gif
nonton168.online/wp-content/uploads/2023/05/
Redirect Chain
  • https://nonton168.tv/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif
  • https://nonton168.online/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif
369 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nonton168.online/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
45725a15f382c9b367e231088c0b05ecb71ed0413be61a0ff12b0c64bda43664

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Mon, 29 May 2023 06:22:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64744489-5c205"
access-control-max-age
3600
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
377349

Redirect headers

location
https://nonton168.online/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif
date
Sun, 26 Nov 2023 18:38:40 GMT
server
nginx/1.18.0 (Ubuntu)
content-length
178
content-type
text/html
collect
www.google-analytics.com/g/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-84JV0TX02W&gtm=45je3b81v9116857391&_p=1701023920313&gcd=11l1l1l1l1&dma=0&gdid=dZGIzZG&cid=1025314430.1701023921&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701023920&sct=1&seg=0&dl=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&dt=Gadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=626
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84JV0TX02W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nonton168.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-195325106-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84JV0TX02W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
73495b069a1c770d3545d3e2952e1e0b9d7e42172afc139e92ddc56fb01d27db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 Nov 2023 18:38:40 GMT
wp-emoji-release.min.js
nonton168.online/wp-includes/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nonton168.online/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.44.139.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns552665.ip-142-44-139.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
last-modified
Thu, 30 Mar 2023 05:15:29 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64251af1-4904"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
accept-ranges
bytes
access-control-allow-headers
Range
content-length
18692
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZXQP669L0F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195325106-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e225dec46bde19d47a43b12da70c597b8bfffe382c76a690816249f56779f625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86057
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 Nov 2023 18:38:40 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195325106-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 Nov 2023 17:08:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5399
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 26 Nov 2023 19:08:41 GMT
4740048.php
s4.histats.com/stats/ 		406 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4740048.php?4740048&@f16&@g1&@h1&@i1&@j1701023920588&@k0&@l1&@mGadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&@n0&@o1000&@q0&@r0&@s324&@ten-US&@u1600&@b1:4172858&@b3:1701023921&@b4:js15_as.js&@b5:-480&@a-_0.2.1&@vhttps%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
b02c7f86171b35eb108a9c8d166cc6e5a1d08967458ecfdb6be45d44a5dcd8e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:32 GMT
Connection
close
Content-Length
406
Content-Type
text/html;charset=UTF-8
www-player.css
www.youtube.com/s/player/63e90c30/ Frame 2BB6 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
sffe /
Resource Hash
0d3110815e47322fa8c8821c53234f4f90ff9107501b4d74741dfe6e8250e24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 17:55:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48811
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Nov 2024 17:55:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2BB6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:04:20 GMT
x-content-type-options
nosniff
age
315260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 03:04:20 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2BB6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:36:10 GMT
x-content-type-options
nosniff
age
306150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 05:36:10 GMT
embed.js
www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/ Frame 2BB6 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
sffe /
Resource Hash
d5277513b55f5e850101f15939c3dde471282e1a737d4d54cd347d4c28aa99c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:12:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
1551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17775
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Nov 2024 18:12:49 GMT
www-embed-player.js
www.youtube.com/s/player/63e90c30/www-embed-player.vflset/ Frame 2BB6 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
sffe /
Resource Hash
c31a04c8fb061c363792f34fb8b368d710ca6baa750e58ad587699d916aa5a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:14:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98564
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Nov 2024 18:14:35 GMT
base.js
www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/ Frame 2BB6 		2 MB
763 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
sffe /
Resource Hash
7896bc3b93023bc401267007bec8ff688d9c42021c94eb9289cdac09c58ffb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
781027
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Nov 2024 18:07:28 GMT
collect
www.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZXQP669L0F&gtm=45je3b81v894263231&_p=1701023920313&gcd=11l1l1l1l1&dma=0&cid=1025314430.1701023921&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701023920&sct=1&seg=0&dl=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&dt=Gadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&en=page_view&_fv=1&_ss=1&tfd=813
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZXQP669L0F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nonton168.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc_324.js
s10.histats.com/counters/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_324.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.79.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0783f86254bd8bc0b103e30c1b434925b487a27fccc94247f24a168fb03f12e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
33693
etag
"2129419"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
82c43ff0be953a07-YYZ
content-length
6931
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4740048.php?4740048&@f16&@g1&@h1&@i1&@j1701023920588&@k0&@l1&@mGadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&@n0&@o1000&@q0&@r0&@s324&@ten-US&@u1600&@b1:4172858&@b3:1701023921&@b4:js15_as.js&@b5:-480&@a-_0.2.1&@vhttps%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1980b7dfebc30a0e787d86add3950d5704a079e7da7a28b7517a1faba31ded3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
x-t
0.279
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KQ7Ti%2Fhe%2BGdRcuQ8kpqzZ89P7chJdf9G8L0vBcgxkxgjVd08J38LXPjIl1JG4%2F2wwuogYMBE6yrd9RQ6ZqVXose550Cs2DwLULVfZrkuqAiqx4%2FhuPbXLWvMND%2FxLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
82c43ff11e0b38e2-YYZ
expires
Sun, 26 Nov 2023 18:38:39 GMT
collect
www.google-analytics.com/j/ 		1 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=91475307&t=pageview&_s=1&dl=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&ul=en-us&de=UTF-8&dt=Gadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1950673723&gjid=2009489165&cid=1025314430.1701023921&tid=UA-195325106-1&_gid=1627407060.1701023921&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=2097398042
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nonton168.online/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nonton168.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5369f5000f522bff22c210e1a5ba9b05655377863fb74c04555be033d3d4f5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
id
googleads.g.doubleclick.net/pagead/ Frame 2BB6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
fa6addeee5d8f1d33923efd8407095edcd702e02508456dd8fa9d53029a8d4ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2BB6 		29 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f149.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:28:51 GMT
x-content-type-options
nosniff
age
589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 26 Nov 2023 18:43:51 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 26 Nov 2023 18:38:41 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2BB6 		70 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
e8261f48928878ae6a9dea4e1ea20f31e7633e6d757886b1a8274cf7a2cfe5d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32695
x-xss-protection
0
remote.js
www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/ Frame 2BB6 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
sffe /
Resource Hash
01c5f418a4a809a6d77d96d45400039618c369827340e94db9dc6248571c52f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33498
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Nov 2024 18:24:20 GMT
_a3HuQNRFzMpyNDUuBJ2NiZUDujp3pMzX8ZYRVkKgdk.js
www.google.com/js/th/ Frame 2BB6 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/_a3HuQNRFzMpyNDUuBJ2NiZUDujp3pMzX8ZYRVkKgdk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
sffe /
Resource Hash
fdadc7b90351173329c8d0d4b812763626540ee8e9de93335fc65845590a81d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
288139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14919
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 10:36:22 GMT
maxresdefault.jpg
i.ytimg.com/vi/ejRQzHh8gLI/ Frame 2BB6 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ejRQzHh8gLI/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f119.1e100.net
Software
sffe /
Resource Hash
2e7e86bbd9afddb9eb47fda4210e8629ea471885b5d8fa0440ce775d068d59c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:27 GMT
x-content-type-options
nosniff
age
14
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45833
x-xss-protection
0
server
sffe
etag
"1697545235"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 26 Nov 2023 20:38:27 GMT
truncated
/ Frame 2BB6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
APkrFKYngezufRAbVl6XKUq7wp8BdgHmXGQaUUIEDsG7QQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2BB6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKYngezufRAbVl6XKUq7wp8BdgHmXGQaUUIEDsG7QQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
fife /
Resource Hash
d832742aa1c5236af23d2974c4112c0956734b5654629066bc747541912658c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 14:54:45 GMT
x-content-type-options
nosniff
age
13436
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1684
x-xss-protection
0
server
fife
etag
"v108"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 27 Nov 2023 14:54:45 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2BB6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 18:38:41 GMT
/
t.dtscout.com/idg/ Frame FB52 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A017010239200F513BAB960BCDED15
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfe41d5d2daf5f90be2d84ec84ccab5ce30d2d48182b8426c3dcabdd9258980

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82c43ff2d90338e2-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:38:41 GMT
expires
Sun, 26 Nov 2023 18:38:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSk%2BiaXkkXbggvs8iFIc7Al5cVFWdPH1semXs39n%2FxuL%2Bkl%2FAZ0ogw7HyIGa5N6gtvq7EoRO4OB8oR%2BtGiXc6cx4e1h5GYNgki%2BsxTMLYh6ad%2BFqi5b8ZdVWOpFnFuA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
date
Sun, 26 Nov 2023 10:26:09 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
29552
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
7e0v2g0aeu6bHtuPo3sm-cwQIJ_0kVt5S6id9NCYA3UofwmaMB58pQ==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-240-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
50ba0acf157db40710a17ddd14fcfefce327afd034f5943e08933a116770f0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
213464
etag
W/"651ed18d-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82c43ff3388254d3-YYZ
expires
Wed, 29 Nov 2023 18:38:41 GMT
/
t.dtscout.com/pv/ 		51 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=nonton168.online&_ss=6gzafll97t&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=2mfz&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ec0bb75076b9e52b76b19aa9f11102d1140646a0c6d1f8b3195727baa5252c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
x-t
0.124
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIcTj%2B7ijKEI2Yfjlv9xT3uCSAGeWbzPBBvDODYe4t1jv9gGyhS4NyK%2BOrdeGQ%2FC5TL%2FIc45jWtw7jtteVrYSqhOlcXBJ2IgaZEoLZT8YrmQQXfYYV5mW%2BMvbd7QV%2Fw%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
82c43ff2d90738e2-YYZ
expires
Sun, 26 Nov 2023 18:38:40 GMT
generate_204
www.youtube.com/ Frame 2BB6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?s5RV4Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ejRQzHh8gLI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 26 Nov 2023 18:38:41 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2BB6 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
3136cef55c1d645ee665ddad93ad388f8b85615261a7ead704769a065af4df94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 2BB6 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 19:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 26 Nov 2023 19:12:32 GMT
/
onetag-geo.s-onetag.com/ 		535 B
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-25.iad12.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 06:31:27 GMT
via
1.1 0d5152d594f96742d61c8aadd196aec6.cloudfront.net (CloudFront), 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
age
43634
x-amzn-requestid
6a9a76a5-7cc7-41b6-86c8-7b21bed3bb0e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
O_jp6F_aiYcEY8Q=
content-length
535
x-amz-cf-id
Dl5hLkuVHm_a5noJ39Hy8P1r9ct9-scAWSCJjGllfYiQnU10y9l1Qg==
idmuvi-core.css
s1.dunialk21.id/wp-content/plugins/idmuvi-core/css/ Frame 5617 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/plugins/idmuvi-core/css/idmuvi-core.css?ver=2.1.6
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe2f6b16685c744de0b86be40bf95768040546b941bc00c5cf4df4d4bdbbd75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 09:30:27 GMT
server
cloudflare
age
43634
cf-polished
origSize=9507
etag
W/"6523c833-2523"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
82c43ff3b9c8a1f6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
dashicons.min.css
s1.dunialk21.id/wp-includes/css/ Frame 5617 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-includes/css/dashicons.min.css?ver=6.4.1
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
age
43634
etag
W/"603ffca6-e688"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
82c43ff3b9c9a1f6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
frontend.min.css
s1.dunialk21.id/wp-content/plugins/post-views-counter/css/ Frame 5617 		217 B
209 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.1
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 01:41:48 GMT
server
cloudflare
age
43634
etag
W/"654c38dc-d9"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
82c43ff3b9caa1f6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
style.css
s1.dunialk21.id/wp-content/themes/muvipro/ Frame 5617 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/themes/muvipro/style.css?ver=2.1.8
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c86f263b000b4c7a0c5b65bd4ec1be84098d14b7eee300b5ace689e7526feb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 09:28:44 GMT
server
cloudflare
age
43634
cf-polished
origSize=76725
etag
W/"6523c7cc-12bb5"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
82c43ff3b9cda1f6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
fwduvp.css
s1.dunialk21.id/wp-content/plugins/fwduvp/css/ Frame 5617 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/plugins/fwduvp/css/fwduvp.css?ver=9.5
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db3559a83ee954d281c10f9299df870404ab0351c0b4d06f073e60d1283dd60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 20 Oct 2023 01:47:40 GMT
server
cloudflare
age
43634
cf-polished
origSize=20195
etag
W/"6531dc3c-4ee3"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
82c43ff3b9cea1f6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
imgpsh_fullsize_anim-4.png
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617
Redirect Chain
  • https://dunialk21.com/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
  • https://dunialk21.net/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7e719b384e5826c306448520c99ed7930c49f85f7e5b9fff40a9a10ad061e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
origFmt=png, origSize=20162
content-disposition
inline; filename="imgpsh_fullsize_anim-4.webp"
alt-svc
h3=":443"; ma=86400
content-length
9928
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 08:42:48 GMT
server
cloudflare
etag
"65250e88-4ec2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff53f80a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dfuu%2FMI94xatPLxxfaKGjcT84yBby7sETfKujkP1s8ctaDHlEP%2BIKu%2B2TfZrFQ0gjw%2FbJfHBOcqEHSqozC2TQgwDx37%2Fb2lXDjDFWUz5Ob8pHkSyDme3heZU6ccRTJ9H"}],"group":"cf-nel","max_age":604800}
location
https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
cache-control
max-age=3600
cf-ray
82c43ff4f9b0a226-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 26 Nov 2023 19:38:41 GMT
truncated
/ Frame 5617 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37ecffeaecf1acf6c800c01c87aac56322e108292adea354cdc943a1cea9bc41

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
ccJpK0rqzhQeP7Mrs2uKqObFY4L.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/ccJpK0rqzhQeP7Mrs2uKqObFY4L.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf992e47858a35d48922dbaa2eebb389df381f3a5cb3ae48f2d71db344c628a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33794
cf-bgj
imgq:100,h2pri
last-modified
Sun, 12 Nov 2023 08:32:55 GMT
server
cloudflare
etag
"65508db7-8402"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3b9dba1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
e7Jvsry47JJQruuezjU2X1Z6J77.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/e7Jvsry47JJQruuezjU2X1Z6J77.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f22deff71fd38357bef45c764ddff8675c2c4cc5a6649474a7294f2cc1347f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21648
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 22:01:05 GMT
server
cloudflare
etag
"654ea821-5490"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3b9dea1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
rXGVc5a3sIFpER8oIZU3Bccv9HL.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/rXGVc5a3sIFpER8oIZU3Bccv9HL.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91637f57b282171ba4287540524aca7a23944bfd6f69fcbfa006c8cadd9c91b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
7864
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29558
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 21:51:42 GMT
server
cloudflare
etag
"654ea5ee-7376"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3b9e1a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
miPSRVOdCcc59DcLoTQoKdKpvTK.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/miPSRVOdCcc59DcLoTQoKdKpvTK.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83347cd5b02fdda4637d9187c63e2356ab2473218f8f130b7e357ad9d8d1b76c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
26911
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Nov 2023 23:53:04 GMT
server
cloudflare
etag
"65443660-691f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3b9e2a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
jFt1gS4BGHlK8xt76Y81Alp4dbt.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/jFt1gS4BGHlK8xt76Y81Alp4dbt.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93889483b1e93ade1d0b3a6c16374ebd83d5702ddc474801372df2bc60eb1dfd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
24289
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Nov 2023 23:44:28 GMT
server
cloudflare
etag
"6544345c-5ee1"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3b9e4a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
b16RAVwj2QN6RAs752UJNzQ9Of0.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/b16RAVwj2QN6RAs752UJNzQ9Of0.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7455c942e0854d9337a23a1e588f08c9cf65c31658a57a56a5347170b0268408

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
12868
cf-bgj
imgq:100,h2pri
last-modified
Sat, 21 Oct 2023 08:44:24 GMT
server
cloudflare
etag
"65338f68-3244"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f2a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
nLOw900kDcbvsSs5YshUXRvWS0Z.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/nLOw900kDcbvsSs5YshUXRvWS0Z.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4304e90ff530f37db151f32ea9b0d44b97de981e732f5da580def3d9c85ecf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
52002
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 16:19:27 GMT
server
cloudflare
etag
"6525798f-cb22"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f3a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
NNxYkU70HPurnNCSiCjYAmacwm.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/NNxYkU70HPurnNCSiCjYAmacwm.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7614808459e8f7f5a4c87366a07c7c33badfe25b26bdac3661ed4f26a69bdd57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31620
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 13:32:43 GMT
server
cloudflare
etag
"6525527b-7b84"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f4a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
ehGIDAMaYy6Eg0o8ga0oqflDjqW.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/ehGIDAMaYy6Eg0o8ga0oqflDjqW.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a57e2e605e6eb8aebe108b58d0ede448b1aa85e49f300be2b488bbe973108e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
9568
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 16:21:37 GMT
server
cloudflare
etag
"65257a11-2560"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f5a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
fdVd6thTstt0MQ4dUC1IXiOXpxv.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/fdVd6thTstt0MQ4dUC1IXiOXpxv.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78479b799a6febb36eb41afd0092907dcab41317cf8fdd08ff54ab5fb9d1715f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
17988
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 11:03:31 GMT
server
cloudflare
etag
"65252f83-4644"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f6a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
blJJXLMgmBm73PcSuGczaHv3NNX.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/blJJXLMgmBm73PcSuGczaHv3NNX.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09088d9a909cacb04555dfaa8d4f608fa0b700e21456eca51e90a010d4c5e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
16680
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 11:02:07 GMT
server
cloudflare
etag
"65252f2f-4128"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f8a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
vZloFAK7NmvMGKE7VkF5UHaz0I.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/vZloFAK7NmvMGKE7VkF5UHaz0I.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a8fbabd12afb29033fe277940c0aee222f101506c55478f3f3c44a809ba46a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
18554
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 10:57:46 GMT
server
cloudflare
etag
"65252e2a-487a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9f9a1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
qNBAXBIQlnOThrVvA6mA2B5ggV6.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/qNBAXBIQlnOThrVvA6mA2B5ggV6.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f54bdf4faa1fb4bca3a9acd72a46ed73a192479c59ddfb7db47a52bef6b1b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31443
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 10:57:21 GMT
server
cloudflare
etag
"65252e11-7ad3"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff3c9faa1f6-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701023921266&dn=AFWU&iso=0&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&t=Gadis%20Kretek%20(2023)%20Completed%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD&chmob=0
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
css
fonts.googleapis.com/ Frame 5617 		11 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/wp-content/plugins/fwduvp/css/fwduvp.css?ver=9.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 26 Nov 2023 16:39:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Nov 2023 18:38:41 GMT
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9863131305453625&stid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4731962ab71bbff8040836126b2d4cb4bce0e401e9be6fef3fa6bd90fc972457
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1363
Expires
Sun, 26 Nov 2023 19:38:41 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&event_source=dtscout&rnd=0.9863131305453625&exptid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&fcmp=false
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-240-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
BG.png
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617
Redirect Chain
  • https://dunialk21.com/wp-content/uploads/2023/10/BG.png
  • https://dunialk21.net/wp-content/uploads/2023/10/BG.png
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/BG.png
104 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/BG.png
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c95bec47c48413af0bc7a9f0440ab851f11a839f3b0424a7ff8a79f0c7d430a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43633
cf-polished
origFmt=png, origSize=1776
content-disposition
inline; filename="BG.webp"
alt-svc
h3=":443"; ma=86400
content-length
104
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 07:59:21 GMT
server
cloudflare
etag
"65250459-6f0"
vary
Accept
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff52f6ea222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGTH2z8w0fga0WooiyHMs5Fr%2FiTZFfHZJblCRd6sTibHybpsIvDDa5Ke1pDsETvpnU51E2WcrI23IWCqtNANLeRHpHHsaEUWVBVoxYYaDZGblbVlUS%2BefOjehWL5%2F1P%2F"}],"group":"cf-nel","max_age":604800}
location
https://s1.dunialk21.id/wp-content/uploads/2023/10/BG.png
cache-control
max-age=3600
cf-ray
82c43ff4f9aea226-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 26 Nov 2023 19:38:41 GMT
normal.woff2
s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/400/ Frame 5617 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/400/normal.woff2
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Request headers

Referer
https://s1.dunialk21.id/
Origin
https://s1.dunialk21.id
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
82c43ff45e53a222-YYZ
alt-svc
h3=":443"; ma=86400
content-length
15700
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5617 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s1.dunialk21.id
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:19:50 GMT
x-content-type-options
nosniff
age
310731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 04:19:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5617 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s1.dunialk21.id
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:36:10 GMT
x-content-type-options
nosniff
age
306151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 05:36:10 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 15:34:14 GMT
content-encoding
gzip
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
11068
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
cAYUK3dhnEmdLTwamAr_zByixcq2ExOPECz4cxHkeoWiqfvhEh0MIg==
/
t.dtscdn.com/widget/ 		0
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A017010239200F513BAB960BCDED15&nid=300&p=836148727&t=480&s=1600x1200x24&u=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
x-t
1.35
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xtf9Mj%2FRxh8HxSTKeYhVV4b2Pvmy6kR408CEF03Qdjr2tBQRXTDcIhq9q6XVtqs3KfBda%2Fi826DNvsxnUwJiafA3TeWEW4P6wVZspMvNRLYRhSA6e2PUr66D2j3QTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
82c43ff4dceb53e3-YYZ
expires
Sun, 26 Nov 2023 18:21:35 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A017010239200F513BAB960BCDED15
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=df39384ca529cbfb2f7eb54fda4ed188&gdpr=1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1b2791c5ff55bea8/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=94209156248832839&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:43 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
14cc0b0d33acf3c52bd55384ad9b0ee4d1366a614876cd2194655c67eeb1559a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Sun, 26 Nov 2023 18:38:41 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1358
expires
Sat, 26 Jul 1997 05:00:00 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
date
Sun, 26 Nov 2023 18:14:44 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P1
age
1438
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
G4K7J_ll1I4m08NsNR31xXO0FTh3OGwk88EboxcLL-TAzEKs6eddpg==
jFC4LS5qTAT3PinzdEzINfu1CV9.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/jFC4LS5qTAT3PinzdEzINfu1CV9.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3dee473bf8ad69a3e08df13018d84ef145786b8a0c90da28ee26420253f9104

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
25332
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 10:56:57 GMT
server
cloudflare
etag
"65252df9-62f4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58fd5a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
c9f6mFZqkyz4AD0sxGmynE1pe0v.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/c9f6mFZqkyz4AD0sxGmynE1pe0v.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd51594280e4d3380c67ef8829854896c1fdd60a49fbb7b6c99aac9f545e5d78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28412
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 10:56:34 GMT
server
cloudflare
etag
"65252de2-6efc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58fe9a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
k4aRov3aldzXILZGpkoTDV8mbs2.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/k4aRov3aldzXILZGpkoTDV8mbs2.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e3b8c9f30698d97e1a2c846aa6351e30857bd8473c0c8aa65cc6266c31264f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
26964
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 10:56:10 GMT
server
cloudflare
etag
"65252dca-6954"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58feaa222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
kQHrXBjmt50Taj3EG7mCzb2C88q.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/kQHrXBjmt50Taj3EG7mCzb2C88q.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002b7fd254652aa103bbca9598ac6875457f5e7b932b2469da0cb6776e557b16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8284
cf-bgj
imgq:100,h2pri
last-modified
Mon, 09 Oct 2023 18:39:12 GMT
server
cloudflare
etag
"652448d0-205c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58feba222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
3veimA4vXjmod0dBy5HSyQAAtdu.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/3veimA4vXjmod0dBy5HSyQAAtdu.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab99d79e2f10fc06b4ed215260e930008d4f2ae0e4489be06ab421d8fa14fc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
24928
cf-bgj
imgq:100,h2pri
last-modified
Mon, 09 Oct 2023 17:26:37 GMT
server
cloudflare
etag
"652437cd-6160"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58feea222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
6FKXMDtOI9phRZyyCO8HB0C8Oa.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/6FKXMDtOI9phRZyyCO8HB0C8Oa.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3722ed71cf8cd95003e39019912d29ec7c6fc2970397aeda0783df80f806ea4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31826
cf-bgj
imgq:100,h2pri
last-modified
Thu, 19 Oct 2023 09:13:45 GMT
server
cloudflare
etag
"6530f349-7c52"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ff0a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
8PGUdVPeC9AogQCYqsbDDPRYbSd.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/8PGUdVPeC9AogQCYqsbDDPRYbSd.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c901d4e47ff029e2cecc5606e53f2dc5cbc96a4797f1c570063976ded5d57c4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33278
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 02:34:12 GMT
server
cloudflare
etag
"654ee824-81fe"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ff1a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
9UxljPaJBno3wu8QhRnWftbXCQZ.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/9UxljPaJBno3wu8QhRnWftbXCQZ.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3b95ddd7417e6a789c57d61d7f17c644168424a03fa4722b6070d1f8d0ce00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
19002
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 06:21:37 GMT
server
cloudflare
etag
"654dcbf1-4a3a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ff4a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
c7ieoy1x3BO3STjPJe2AXDSRDxO.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/c7ieoy1x3BO3STjPJe2AXDSRDxO.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f8698333efceb9833d0bbce3b0fc6d6d528c4f7a8b16c77c176e795d13ba32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
25130
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 06:06:24 GMT
server
cloudflare
etag
"654dc860-622a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ff8a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
b31zFi0ZocmaxxuPCAGxEA6uxGn.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/b31zFi0ZocmaxxuPCAGxEA6uxGn.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed10f67976672ba431a00edc745824d111d2141e4c3f311fbaa9c417850261a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8615
cf-bgj
imgq:100,h2pri
last-modified
Mon, 09 Oct 2023 18:28:29 GMT
server
cloudflare
etag
"6524464d-21a7"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ff9a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
glbtrvaluqaybHnQ7GV3ckHWmpt.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/glbtrvaluqaybHnQ7GV3ckHWmpt.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692accd89f0ae5a3c0031c2b6415ed906ee741e1ed937aafe9dbab6c5d99d0da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
26066
cf-bgj
imgq:100,h2pri
last-modified
Thu, 09 Nov 2023 16:54:24 GMT
server
cloudflare
etag
"654d0ec0-65d2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ffba222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
lauvBkCZhcZHj5uUwUxwr5GTPps.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/lauvBkCZhcZHj5uUwUxwr5GTPps.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2330c9a381649927464f23525a1c5bbd406ff2e3bc08c72c6a6b2bfe15f79e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
16053
cf-bgj
imgq:100,h2pri
last-modified
Thu, 09 Nov 2023 16:39:13 GMT
server
cloudflare
etag
"654d0b31-3eb5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58ffea222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
m7xiLb8mLyHHgThJICIPCsSq1qR.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/m7xiLb8mLyHHgThJICIPCsSq1qR.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4531781ac0dd1bcd7e03296cc9e049ffc224bb1315d91bcc102f7e1db900683

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
16345
cf-bgj
imgq:100,h2pri
last-modified
Wed, 08 Nov 2023 04:58:59 GMT
server
cloudflare
etag
"654b1593-3fd9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58800a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
xX91zTytXcS6ugFe1WcXsSe5uFH.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/xX91zTytXcS6ugFe1WcXsSe5uFH.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2134f46e2cc0a8481cb8219188626f425ec62ac1f44186070870cbc715e2be9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
24369
cf-bgj
imgq:100,h2pri
last-modified
Wed, 08 Nov 2023 04:50:22 GMT
server
cloudflare
etag
"654b138e-5f31"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58801a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
fjHkZNIzoiAvZMgpw9CaV1U86ux.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/fjHkZNIzoiAvZMgpw9CaV1U86ux.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db971daeaf68ce36ea9f43f7c9a45591474e9db4d7db9152ae9d6e0901b0ec1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
11750
cf-bgj
imgq:100,h2pri
last-modified
Tue, 07 Nov 2023 04:41:08 GMT
server
cloudflare
etag
"6549bfe4-2de6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58802a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
ycrAICqhzFPPnhEKPIUGeNIscRB.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/ycrAICqhzFPPnhEKPIUGeNIscRB.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b99c651a91421f18fca665dd166c6ce93e48179f58b0cf54dcf2a0c7b2bd594

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21152
cf-bgj
imgq:100,h2pri
last-modified
Tue, 07 Nov 2023 04:28:35 GMT
server
cloudflare
etag
"6549bcf3-52a0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58804a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
n85CrEyD2G0fw5Fs6bqNdaRKFWk.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/n85CrEyD2G0fw5Fs6bqNdaRKFWk.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406e3578eb35ee7c967f9b4304d31051e57d4d1f2b6980287957bd9d0ca79406

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
37331
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 04:50:24 GMT
server
cloudflare
etag
"65408790-91d3"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58806a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
orfTfhGHPoCT0M9QT6g8ZjUpxTR.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/orfTfhGHPoCT0M9QT6g8ZjUpxTR.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb31022b24ff7beb651caf4031cd4250d979beb70b9749e6f873257fb9c871e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
7856
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
34597
cf-bgj
imgq:100,h2pri
last-modified
Mon, 09 Oct 2023 17:15:27 GMT
server
cloudflare
etag
"6524352f-8725"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58807a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
3Xmeiywbtkdsd3zny3TVnPPpSkb.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/3Xmeiywbtkdsd3zny3TVnPPpSkb.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2928c477667659c83a94189f29232b886022c2d0d49d348a2998455f529b000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29780
cf-bgj
imgq:100,h2pri
last-modified
Sun, 29 Oct 2023 05:43:57 GMT
server
cloudflare
etag
"653df11d-7454"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58808a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
6NjBGIlnbmpT0vn8YtSbVgOgQiv.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/6NjBGIlnbmpT0vn8YtSbVgOgQiv.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1193555b9cbde6b09618588cf6f09d64f74e4a7866fb9f823584057a1285ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
25739
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Nov 2023 02:42:15 GMT
server
cloudflare
etag
"65518d07-648b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff5880ca222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
rXMxhHuR1jU3G9aGZ3WupPmxEjn.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/rXMxhHuR1jU3G9aGZ3WupPmxEjn.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e179c883c851296b0e110ba0bc4d39992632722aacd8b2cb2443389107fa93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15093
cf-bgj
imgq:100,h2pri
last-modified
Thu, 02 Nov 2023 13:17:45 GMT
server
cloudflare
etag
"6543a179-3af5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff5880ea222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
qvGkjlLjTy1nxClxpw2BiUS6jHB.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/qvGkjlLjTy1nxClxpw2BiUS6jHB.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf51df374b526b93f488e0bf10ac9535a76d2961c8c308c7de48b8592815fe93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
22508
cf-bgj
imgq:100,h2pri
last-modified
Wed, 01 Nov 2023 06:33:57 GMT
server
cloudflare
etag
"6541f155-57ec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58810a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
mQPKp2zIgzQIMqWqTYxABoAgXN0.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/mQPKp2zIgzQIMqWqTYxABoAgXN0.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0b94d0ec3985586613f5b52c92d8b76284f2e99b95f694f362d6bf3164259f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15068
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 06:02:23 GMT
server
cloudflare
etag
"6540986f-3adc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58811a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
pwdWFhhdfzNFCUnlZsiz2MfWv37.jpg
s1.dunialk21.id/wp-content/uploads/2023/11/ Frame 5617 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/11/pwdWFhhdfzNFCUnlZsiz2MfWv37.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b560f6ac6b761a0bb8d587396143b96ccb70b2b5ff3596e410c0b5fb985d3e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
18857
cf-bgj
imgq:100,h2pri
last-modified
Wed, 01 Nov 2023 06:32:27 GMT
server
cloudflare
etag
"6541f0fb-49a9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58812a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
riOkuTlf6RtCvIaApqisYicdTlj-1.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/riOkuTlf6RtCvIaApqisYicdTlj-1.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896057c4311fc92421bcb59f925d448f6f94b887d561f76c25e6665870989201

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29595
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 06:04:31 GMT
server
cloudflare
etag
"654098ef-739b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58814a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
01-9.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/01-9.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c160b624368214a8bc7c9cca91bc19498ae83ab3e93bfbc4f869eabfcfc97d71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
origSize=114324
alt-svc
h3=":443"; ma=86400
content-length
99826
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 05:57:47 GMT
server
cloudflare
etag
"6540975b-1be94"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58815a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
30Yju7mD4O4gWq55Y4uOKur83Pu.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/30Yju7mD4O4gWq55Y4uOKur83Pu.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8fb3572ed398de9e45f40d40d166939aaa4c5e82edf10edb1010b2dccfcb6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21605
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Oct 2023 05:56:45 GMT
server
cloudflare
etag
"6540971d-5465"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58816a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
oE7xtGDqZnr7tFHfwb8oM9iRW6H.jpg
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/oE7xtGDqZnr7tFHfwb8oM9iRW6H.jpg
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fe8a4236074d52dcc0fe8714fd538556b8133dc797e5810dd7ac60dbd665f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
18814
cf-bgj
imgq:100,h2pri
last-modified
Fri, 13 Oct 2023 18:35:03 GMT
server
cloudflare
etag
"65298dd7-497e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff58817a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT
t_.htm
t.sharethis.com/a/ Frame CDC2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9863131305453625&stid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Sun, 26 Nov 2023 18:38:41 GMT
Expires
Sun, 03 Dec 2023 18:38:41 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
normal.woff2
s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/700/ Frame 5617 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/700/normal.woff2
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Request headers

Referer
https://s1.dunialk21.id/
Origin
https://s1.dunialk21.id
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
82c43ff5a81fa222-YYZ
alt-svc
h3=":443"; ma=86400
content-length
15660
27519
tags.bluekai.com/site/ Frame 1449
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1701023921516.4
  • https://tags.bluekai.com/site/27519?id=212358413774302&ret=html&random=1701023921
71 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=212358413774302&ret=html&random=1701023921
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

bk-server
729
content-length
71
content-type
text/html
date
Sun, 26 Nov 2023 18:38:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 26 Nov 2023 18:38:40 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212358413774302&ret=html&random=1701023921
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
400000000040080C
lotame-sync.html
cdn-tc.33across.com/ Frame A66F 		343 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
31552
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
82c43ff63a387151-YUL
content-encoding
gzip
content-type
text/html
date
Sun, 26 Nov 2023 18:38:41 GMT
etag
W/"651ed192-157"
expires
Wed, 29 Nov 2023 18:38:41 GMT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
vary
Accept-Encoding
a88b0dbe-40d8-479c-993a-bf072bb26049
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&ts=1701023921516.1
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D656390b137cba0000114d219%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D656390b137cba0000114d219%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/9013900497429387277?ch=656390b137cba0000114d219&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/a88b0dbe-40d8-479c-993a-bf072bb26049?ttd_puid=&gdpr=0&gdpr_consent=
0
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/a88b0dbe-40d8-479c-993a-bf072bb26049?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
44.218.222.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-222-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:44 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/a88b0dbe-40d8-479c-993a-bf072bb26049?ttd_puid=&gdpr=0&gdpr_consent=
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Kestrel
content-length
229
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=23d56d0e-e5ab-4972-a650-5aad8061e8d8%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
3.211.41.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-41-66.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n014-ash-prod.krxd.net
date
Sun, 26 Nov 2023 18:38:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1701023922
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Sun, 26 Nov 2023 18:38:41 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1701023921516.3
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212358400474000
42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212358400474000
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:41 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212358400474000
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&33random=1701023921516.5&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&33random=1701023921516.5&cat=33across
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&bid=1e2n4ou
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:38:41 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&bid=1e2n4ou
date
Sun, 26 Nov 2023 18:38:41 GMT
server
Kestrel
content-length
191
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGVjkLFTQZc4HdnMAg%3D%3D&us_privacy=&random=1701023921516.7&pu=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212273564415514&seg_code=33x&random=1701023921
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212273564415514%26seg_code%3D33x%26random%3D1701023921
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212273564415514%26seg_code%3D33x%26random%3D1701023921
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/tv/gadis-kretek-2023-completed/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
an-x-request-uuid
f73e3920-39bf-4243-8a65-6a3ebf94e577
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
an-x-request-uuid
9a3cbee1-fc15-4bea-9b34-e73b1c33d217
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212273564415514%26seg_code%3D33x%26random%3D1701023921
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_.js
t.sharethis.com/1.1258.23363/a/CA/ Frame 83E0 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/CA/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec0b2daad9c1202f609f701d73b45a21c7d0431dff591a305eb8075a1246a66a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8756
Expires
Sun, 03 Dec 2023 18:38:41 GMT
italic.woff2
s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/400/ Frame 5617 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/cf-fonts/s/roboto-condensed/5.0.11/latin/400/italic.woff2
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

Request headers

Referer
https://s1.dunialk21.id/
Origin
https://s1.dunialk21.id
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
82c43ff5f87ea222-YYZ
alt-svc
h3=":443"; ma=86400
content-length
17376
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
805f62e0690a7959c0d10d47227a00903a6440a09b8ee40e64987779364661fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nonton168.online
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://nonton168.online
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
test_oracle
pd.sharethis.com/pd/ Frame 8B7E 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-240-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
6889e15dca78f20d8f5af0844d5f75e32c00f5aedebb9392b181bd861704998c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 83E0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-50-49.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH4ACGVjkLEAAAAIA6wzAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
date
Sun, 26 Nov 2023 18:38:41 GMT
server
Kestrel
content-length
215
nlsn
sync.sharethis.com/ Frame 83E0
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=ae391f1942a10fdc0a80995cd6adfbca
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=ae391f1942a10fdc0a80995cd6adfbca
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-50-49.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH4ACGVjkLEAAAAIA6wzAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Sun, 26 Nov 2023 18:38:42 GMT
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=ae391f1942a10fdc0a80995cd6adfbca
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
eyeota
sync.sharethis.com/ Frame 83E0
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2eccFjBiFtcQQK0HasY4f8kSG1EN_UGWKz-D12RRhKYw&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2eccFjBiFtcQQK0HasY4f8kSG1EN_UGWKz-D12RRhKYw&gdpr=0&gdpr_consent=
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-50-49.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH4ACGVjkLEAAAAIA6wzAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2eccFjBiFtcQQK0HasY4f8kSG1EN_UGWKz-D12RRhKYw&gdpr=0&gdpr_consent=
Date
Sun, 26 Nov 2023 18:38:41 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 83E0
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640214972407480320
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDIxNDk3MjQwNzQ4MDMyMBAAGg0IsqGOqwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=fa6cf01e7d03b2205529df8b70e688f2bba9a111af2161337ecb125936ec74e6f4cb09cee1a4f8eb&person_id=3640214972407480320&eid=50082
43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=fa6cf01e7d03b2205529df8b70e688f2bba9a111af2161337ecb125936ec74e6f4cb09cee1a4f8eb&person_id=3640214972407480320&eid=50082
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 27 Nov 2023 13:38:42 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=fa6cf01e7d03b2205529df8b70e688f2bba9a111af2161337ecb125936ec74e6f4cb09cee1a4f8eb&person_id=3640214972407480320&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 83E0
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-50-49.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH4ACGVjkLEAAAAIA6wzAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Sun, 26 Nov 2023 18:38:41 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame A66F 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 05:03:18 GMT
content-encoding
gzip
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
48924
x-amz-server-side-encryption
AES256
etag
W/"b054dbc49b30695b40107158fb25e846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
KWXNmdo3D4D92jWKfQ_dFk8-nwlW8QvROYqH4W_tPTd-cLF3X5qPcA==
rocket-loader.min.js
s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 5617 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
82c43ff68965a222-YYZ
expires
Tue, 28 Nov 2023 18:38:41 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 8B7E 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.86.160.58 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-160-58.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sun, 26 Nov 2023 18:38:41 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
x-akamai-ew-subworker
8096267
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Sun, 03 Dec 2023 18:38:41 GMT
FWDUVP.js
s1.dunialk21.id/wp-content/plugins/fwduvp/js/ Frame 5617 		748 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/plugins/fwduvp/js/FWDUVP.js?ver=9.5
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39be3c3ce38700f291068f875d4d848f35b97ffc13df310e793279a460deb44c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 20 Oct 2023 01:47:40 GMT
server
cloudflare
age
43633
etag
W/"6531dc3c-bb021"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff73a5da222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
customscript.js
s1.dunialk21.id/wp-content/themes/muvipro/js/ Frame 5617 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/themes/muvipro/js/customscript.js?ver=2.1.8
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b42b5bd6da4067fbee7694f2c0b8cb5e51b1e1f8cdf00b4285e1efbde197336

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 09:28:44 GMT
server
cloudflare
age
43633
cf-polished
origSize=6147
etag
W/"6523c7cc-1803"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff73a5fa222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
infinite-scroll-custom.js
s1.dunialk21.id/wp-content/themes/muvipro/js/ Frame 5617 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/themes/muvipro/js/infinite-scroll-custom.js?ver=2.1.8
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443d7725e9c1e04d3523d19fce459931119df28d91539c728cb51766e49f3263

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 09:28:44 GMT
server
cloudflare
age
43633
cf-polished
origSize=23721
etag
W/"6523c7cc-5ca9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff73a64a222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
tiny-custom.js
s1.dunialk21.id/wp-content/themes/muvipro/js/ Frame 5617 		339 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/themes/muvipro/js/tiny-custom.js?ver=2.1.8
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6953c2fd7fa72e65c297ef7d74a355770159358c6dc270073c6fde62e79eef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 09:28:44 GMT
server
cloudflare
age
1186763
cf-polished
origSize=490
etag
W/"6523c7cc-1ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff73a67a222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
js-plugin-min.js
s1.dunialk21.id/wp-content/themes/muvipro/js/ Frame 5617 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-content/themes/muvipro/js/js-plugin-min.js?ver=2.1.8
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Oct 2023 09:28:44 GMT
server
cloudflare
age
43633
etag
W/"6523c7cc-aae5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff73a6ba222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
js
www.googletagmanager.com/gtag/ Frame 5617 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PZYH65EQZC
Requested by
Host: s1.dunialk21.id
URL: https://s1.dunialk21.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
592fe1296b2bad8208169f2ca6f36e27baf43109b7e726e5462a6b259ed8c449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92794
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 Nov 2023 18:38:41 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 5617 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 26 Nov 2023 18:38:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
0tmDhjU+Nc1dD4A4FTXzLIXVOi+0JQzuBIAJE0atmIOPl4scVNv5rtJULkZwE3VJWg6Kj31uAUj9ETieA6zVXg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js15_as.js
s10.histats.com/ Frame 5617 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.79.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
70906
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
82c43ff74a353a07-YYZ
content-length
4547
map
bcp.crwdcntrl.net/6/ Frame A66F 		156 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fcd78f40507078042edd3bd6358817aab9331ecd8fb935407bfbefa7529bea86

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.54.210
access-control-allow-credentials
true
content-length
156
expires
0
b2a80da6-295d-41e3-b124-fcaa706f1bb9
https://s1.dunialk21.id/ Frame 5617 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://s1.dunialk21.id/b2a80da6-295d-41e3-b124-fcaa706f1bb9
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
4811375.php
s4.histats.com/stats/ Frame 5617 		380 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4811375.php?4811375&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUNIALK21%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD%20LK21&@n0&@ohttps%3A%2F%2Fnonton168.online%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:68527593&@b3:1701023922&@b4:js15_as.js&@b5:-480&@a-_0.2.1&@vhttps%3A%2F%2Fs1.dunialk21.id%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
fbb9ca36f2cdb1d08b715f6aa358c4ad0370c472a948626b56d9ea199ea3010f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:34 GMT
Connection
close
Content-Length
380
Content-Type
text/html;charset=UTF-8
imgpsh_fullsize_anim-4.png
s1.dunialk21.id/wp-content/uploads/2023/10/ Frame 5617
Redirect Chain
  • https://dunialk21.com/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
  • https://dunialk21.net/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
  • https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H3
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7e719b384e5826c306448520c99ed7930c49f85f7e5b9fff40a9a10ad061e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
cf-cache-status
HIT
age
43634
cf-polished
origFmt=png, origSize=20162
content-disposition
inline; filename="imgpsh_fullsize_anim-4.webp"
alt-svc
h3=":443"; ma=86400
content-length
9928
cf-bgj
imgq:100,h2pri
last-modified
Tue, 10 Oct 2023 08:42:48 GMT
server
cloudflare
etag
"65250e88-4ec2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82c43ff85c02a222-YYZ
expires
Wed, 23 Nov 2033 18:38:41 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN60AprAdOA3qCA1hJM5kAoS3QUN3rEuIwkUqy2HZhUgFINZDqSM1qAVHyGhFK2SgsJswP%2F9AAuLKq%2BmNg%2FXiaPOMJFkFWEFgk0nwssfvjlA63TACeoqGoHGyZb%2FMlx1"}],"group":"cf-nel","max_age":604800}
location
https://s1.dunialk21.id/wp-content/uploads/2023/10/imgpsh_fullsize_anim-4.png
cache-control
max-age=3600
cf-ray
82c43ff82de3a226-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 26 Nov 2023 19:38:41 GMT
wp-emoji-release.min.js
s1.dunialk21.id/wp-includes/js/ Frame 5617 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.dunialk21.id/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
age
43631
etag
W/"63db0985-4904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
82c43ff81bafa222-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Nov 2033 18:38:41 GMT
5386
tags.bluekai.com/site/ Frame 17C7
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZH4ACGVjkLEAAAAIA6wzAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1258.23363%26cid%3Dc010%26...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
62 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/5386?id=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Sun, 26 Nov 2023 18:38:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

content-length
221
date
Sun, 26 Nov 2023 18:38:42 GMT
location
https://tags.bluekai.com/site/5386?id=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
server
Kestrel
705450008119765
connect.facebook.net/signals/config/ Frame 5617 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/705450008119765?v=2.9.138&r=stable&domain=nonton168.online
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
dbbe44f3bceee06d352e2be8b3fad597188219f31235c8eb1b5093162c83b770
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 26 Nov 2023 18:38:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
zdoyRM1waHszs5CxDNC5hddsxhy0lw4TQrNmv0YP06DEJ8jIfK2mN2kj5yv/uH7n1xdxY2YWISM6G8EH3ryCZw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 5617 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=705450008119765&ev=PageView&dl=https%3A%2F%2Fs1.dunialk21.id%2F&rl=https%3A%2F%2Fnonton168.online%2F&if=true&ts=1701023922163&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1701023921994&coo=false&rqm=GET
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mty2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 26 Nov 2023 18:38:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cc_331.js
s10.histats.com/counters/ Frame 5617 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_331.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.79.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e7227e04393bb6223ffc5ea952a7ae9f332cdb78207b178048a53f84e8918f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
41680
etag
"-959646999"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
82c43ff9aeb43a07-YYZ
content-length
8459
/
e.dtscout.com/e/ Frame 5617 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4811375.php?4811375&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUNIALK21%20-%20Nonton%20Film%20Bioskop%20Online%20Kualitas%20Full%20HD%20LK21&@n0&@ohttps%3A%2F%2Fnonton168.online%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:68527593&@b3:1701023922&@b4:js15_as.js&@b5:-480&@a-_0.2.1&@vhttps%3A%2F%2Fs1.dunialk21.id%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a54c1d947f3d1c1ecb8f96bd6fd707984f174a5fac7efbfa7b1ece0d06a8e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
x-t
0.251
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaZkykB%2FoMnL0biyfwUCorE01J8RFTuOcoYxC2oHU7d3PlwHMMZBdNA2L8743Wb%2B5Bkbm%2B8ZwdEZf%2FJNES2F38EiQfy7MrAln2HqQ8vIzrUcv3KQZjZTRm1MYsCqnBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
82c43ff9ad7638e2-YYZ
expires
Sun, 26 Nov 2023 18:38:41 GMT
truncated
/ Frame 5617 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65ff71b69e1b131836cba65761d020f91e023fda6d2c2ce79cdc800c5c66e3d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame AB04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=36467
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-122.iad12.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Sun, 26 Nov 2023 18:38:42 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 d48a409d6a3222e2cc9a060d30206d3c.cloudfront.net (CloudFront)
x-amz-cf-id
ixDxBZEAhWAOGUUffG1XACmXVHGEu3RkafD9TT9jjW38I38eXtnaBw==
x-amz-cf-pop
IAD12-P1
x-cache
Miss from cloudfront
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 5617 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 15:34:14 GMT
content-encoding
gzip
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
11069
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
w3_6qQspHTRjheWKbVJKpD4oPYwR802MNJ2ozjQxgJ4dGZecVJeI1Q==
mw
mwzeom.zeotap.com/ Frame 5617
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A017010239200F513BAB960BCDED15
  • https://spl.zeotap.com/?zdid=1332&zcluid=1b2791c5ff55bea8
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHGNoNkfucGAEk8aBgUbjYQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHGNoNkfucGAEk8aBgUbjYQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zcluid=1b2791c5ff55bea8&zdid=1332
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://s1.dunialk21.id
access-control-allow-credentials
true
cf-ray
82c43ffe78a536ff-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHGNoNkfucGAEk8aBgUbjYQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e1e33987-7a37-45c7-4f4a-df14159610c7&reqId=cdf2bffb-b16f-47cb-7d91-11a45e06aad3&zcluid=1b2791c5ff55bea8&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscdn.com/widget/ Frame 5617 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A017010239200F513BAB960BCDED15&nid=300&p=836148727&t=480&s=1600x1200x24&u=https%3A%2F%2Fs1.dunialk21.id%2F&r=https%3A%2F%2Fnonton168.online%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
x-t
34.34
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B857oHc8EVq1iFT29Z%2BrSlAfXbsYjy4WHwnnvsNb%2FMuVjz3n2aXQt1BApqfAITlglhlENMOMt1fZg7NteqYLQ0fgDbDREJNnpAFWVJ3ahLUv8QxTAcCAK0VGGgY7og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
82c43ffb6da353e3-YYZ
expires
Sun, 26 Nov 2023 18:21:36 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5617 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
date
Sun, 26 Nov 2023 10:26:09 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
29553
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Z3GDoc00EyalpbFXRX_-qNCaogb2IRz6WGiarQqe-d-2wneO3LUpfg==
dtscout
pd.sharethis.com/pd/ Frame 5617 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-240-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
50ba0acf157db40710a17ddd14fcfefce327afd034f5943e08933a116770f0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 5617 		51 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=s1.dunialk21.id&_ss=2ggaml47e9&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=uuko&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fs1.dunialk21.id%2F&j=https%3A%2F%2Fnonton168.online%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0c7e109d8c55b3003758e386901fc7dff14b6fad2529e80b2ced80c6ff5f31

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
x-t
0.116
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd3ohfKL5Pql3gdH84cDNJV4Nxq%2Ba4XnQapShZ%2BjzxoLSixEMi4U100QXV%2FFX78LhRPDqPBKkgn0wwBWDBgDO8ip8xsPkjT%2BrQbMSwblZjKc5LgKJF0zo0Ynm05p7qk%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
82c43ffb686b38e2-YYZ
expires
Sun, 26 Nov 2023 18:38:41 GMT
t.dhj
t.sharethis.com/1/d/ Frame 5617 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5496942726881204&stid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4731962ab71bbff8040836126b2d4cb4bce0e401e9be6fef3fa6bd90fc972457
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1363
Expires
Sun, 26 Nov 2023 19:38:42 GMT
dtscout
pd.sharethis.com/pd/ Frame 5617 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fnonton168.online%2F&event_source=dtscout&rnd=0.5496942726881204&exptid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D&fcmp=false
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.240.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-240-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame 5617 		535 B
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-25.iad12.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 06:31:28 GMT
via
1.1 f7712655aa6587fbf06c55b40ebb2680.cloudfront.net (CloudFront), 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, IAD12-P3
age
43634
x-amzn-requestid
038a46dd-5c75-47e5-8c2a-e9dc39dfa373
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
O_jqME-yCYcEKiA=
content-length
535
x-amz-cf-id
MI2DW37gI_TCfIMpKY2mTd3l9M56gXZLDmtgJXw6jhA467isO0SJWA==
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 5617 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://s1.dunialk21.id/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 26 Nov 2023 14:46:16 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
13947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
VpRKO8z5oBs5CDOqo_lN1RC-1LWqXF5IurIZnFiGttBQFAW_CjWV4g==
t_.htm
t.sharethis.com/a/ Frame 2A1B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5496942726881204&stid=ZH4ACGVjkLEAAAAIA6wzAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://s1.dunialk21.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Sun, 26 Nov 2023 18:38:42 GMT
Expires
Sun, 03 Dec 2023 18:38:42 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
data
bcp.crwdcntrl.net/6/ Frame 5617 		538 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f696ff01844560bc8a3ff6d3d12453824acb4fa2bdfc7e9255613038d3049870

Request headers

Referer
https://s1.dunialk21.id/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s1.dunialk21.id
cache-control
no-cache
x-server
10.40.49.112
access-control-allow-credentials
true
content-length
538
expires
0
t_.js
t.sharethis.com/1.1258.23363/a/CA/ Frame E860 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1258.23363/a/CA/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec0b2daad9c1202f609f701d73b45a21c7d0431dff591a305eb8075a1246a66a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8756
Expires
Sun, 03 Dec 2023 18:38:42 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 5617 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
date
Sun, 26 Nov 2023 18:14:44 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P1
age
1439
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
qlDAXTkQp0qrQQV--MQtLqhIGyYRLuCHOqHYYBTF_usfFcUST3ugew==
a.gif
t.sharethis.com/d/ Frame E860 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZH4ACGVjkLEAAAAIA6wzAw%253D%253D&tt=t.dhj&dhjLcy=1701023922616&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=nonton168.online&pn=%2F&qs=na&cc=CA&cont=NA&evid=gpT7MwYAzZ7vVfNlJ8Om&urls=&rnd=1701023922786&cid=c010&version=1.1258.23363&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=76
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sun, 26 Nov 2023 18:38:42 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 2211 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://s1.dunialk21.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
61912
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 26 Nov 2023 01:26:51 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-amz-cf-id
4-vFZkQxWCa-jyYk9QABmTT3WCgLI8fxCLp6y85lbKKDW40qDITGQQ==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
v2
ap.lijit.com/readerinfo/ Frame 5617 		41 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
805f62e0690a7959c0d10d47227a00903a6440a09b8ee40e64987779364661fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://s1.dunialk21.id
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61
usersync.aspx
dis.criteo.com/dis/
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=453
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=453&_li_chk=true&previous_uuid=3716ffe759d342c9bd3adb97be39fcd6
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
245711
expires
Sun, 26 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sun, 26 Nov 2023 18:38:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
pixels
bcp.crwdcntrl.net/ Frame AA72 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e50a3693c234f68be49f0371c6ad3e8a0d9f509a2b79790513a8b916ec4775e8

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
4115
content-type
text/html
date
Sun, 26 Nov 2023 18:38:42 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.49.115
m
cm.mgid.com/ Frame AA72
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=f7e797d6a7cf29af4304b67135844b8d
  • https://cm.mgid.com/m?c=f7e797d6a7cf29af4304b67135844b8d&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?c=f7e797d6a7cf29af4304b67135844b8d&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
82c43fff8c4736bd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=f7e797d6a7cf29af4304b67135844b8d&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
82c43fff1b9c36bd-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
qmap
sync.crwdcntrl.net/ Frame AA72
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=40e13e20-9280-446a-80b7-b98e740a64a1&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=40e13e20-9280-446a-80b7-b98e740a64a1&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.62.76
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=40e13e20-9280-446a-80b7-b98e740a64a1&gdpr=0
Date
Sun, 26 Nov 2023 18:38:46 GMT
Connection
keep-alive
X-CI-RTID
943f695d-235d-4e85-8e5a-ec1c92e889ae
Content-Length
131
Content-Type
text/html; charset=utf-8
/
wt.rqtrk.eu/ Frame AA72 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=596646366&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.103 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Sun, 26 Nov 2023 18:38:43 GMT
getuid
sync.smartadserver.com/ Frame AA72
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
216.22.16.9 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6774825355793358841/gdpr=/ Frame AA72
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6774825355793358841/gdpr=/gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6774825355793358841/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.60.32
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6774825355793358841/gdpr=/gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
qmap
sync.crwdcntrl.net/ Frame AA72
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.112
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0
date
Sun, 26 Nov 2023 18:38:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a88b0dbe-40d8-479c-993a-bf072bb26049/gdpr=0/ Frame AA72
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a88b0dbe-40d8-479c-993a-bf072bb26049/gdpr=0/gdpr_consent=
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a88b0dbe-40d8-479c-993a-bf072bb26049/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.240
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a88b0dbe-40d8-479c-993a-bf072bb26049/gdpr=0/gdpr_consent=
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Kestrel
content-length
249
tpid=23d56d0e-e5ab-4972-a650-5aad8061e8d8
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame AA72
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D23d56d0e-e5ab-4972-a650-5aad8061e8d8%252Chttps%2525...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fpixel.tapad.com%252Fidsync%252Fex%252Freceive%253Fpartner_id%253DAPPNEXUS%2526partner_device_id%253D%2524UID%2526pt%253D23d56d0e-e5ab...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9148969588917863460&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=23d56d0e-e5ab-4972-a650-5aad8061e8d8
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=23d56d0e-e5ab-4972-a650-5aad8061e8d8
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.63.78
content-length
49
expires
0

Redirect headers

date
Sun, 26 Nov 2023 18:38:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=23d56d0e-e5ab-4972-a650-5aad8061e8d8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tpid=d98b02765a5a429d32c10cc71757c813
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame AA72
Redirect Chain
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=d98b02765a5a429d32c10cc71757c813
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=d98b02765a5a429d32c10cc71757c813
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.15
content-length
49
expires
0

Redirect headers

date
Sun, 26 Nov 2023 18:38:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
to-dmp-sync
s4a-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=d98b02765a5a429d32c10cc71757c813
access-control-allow-origin
*
cache-control
no-store
cf-ray
82c440059d92a24c-YYZ
expires
0
/
loadus.exelator.com/load/ Frame AA72 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=f7e797d6a7cf29af4304b67135844b8d&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
identity
c.cintnetworks.com/ Frame AA72 		0
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:43 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
lotame
sync.sharethis.com/ Frame AA72 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.50.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-50-49.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH4ACGVjkLEAAAAIA6wzAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
image.sbxx
ib.mookie1.com/ Frame AA72
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d
120 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
64.58.232.180 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:44 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS04
Content-Length
120
Expires
-1

Redirect headers

Date
Sun, 26 Nov 2023 18:38:43 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=f7e797d6a7cf29af4304b67135844b8d
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
private
X-Server
NY07
Content-Length
217
utsync.ashx
ml314.com/ Frame AA72 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Mon, 27 Nov 2023 13:38:43 GMT
qmap
sync.crwdcntrl.net/ Frame AA72
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-872418fa-7803-5f03-510b-f7497780782c$ip$185.213.80.46&gdpr=0&gdpr_consent=
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-872418fa-7803-5f03-510b-f7497780782c$ip$185.213.80.46&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.49.186
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-872418fa-7803-5f03-510b-f7497780782c$ip$185.213.80.46&gdpr=0&gdpr_consent=
Date
Sun, 26 Nov 2023 18:38:43 GMT
Connection
keep-alive
Content-Length
167
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ Frame AA72
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-alQ_cU5E2pybteJALGNNVr9GvXD3apUUt_k-~A&gdpr=0
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-alQ_cU5E2pybteJALGNNVr9GvXD3apUUt_k-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.155
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-alQ_cU5E2pybteJALGNNVr9GvXD3apUUt_k-~A&gdpr=0
date
Sun, 26 Nov 2023 18:38:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553/ Frame AA72
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553/gdpr=0
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.14.249
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:42 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame AA72 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame AA72 		62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=794b40a8dd774161a092f938498fa75b
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.112.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 26 Nov 2023 18:38:43 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame AA72 		103 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-83.iad89.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
via
1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
WLCJrhI7waCmLB8Fh6_XIealFDReDT-4a2TfyYQXgvgESZdQ50WYjA==
expires
0
pixel
cm.g.doubleclick.net/ Frame AA72 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3809824949511121677/ Frame AA72
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f7e797d6a7cf29af4304b67135844b8d/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3809824949511121677/gdpr=0
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3809824949511121677/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.48.102
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3809824949511121677/gdpr=0
pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=413173715
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9013900497429387277/gdpr=0/ Frame AA72
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=413173715
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D413173715
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9013900497429387277/gdpr=0/rand=413173715
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9013900497429387277/gdpr=0/rand=413173715
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C78%2C61%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.14.101
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:44 GMT
an-x-request-uuid
86c598e3-1f00-4804-9603-5ade73c40f97
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9013900497429387277/gdpr=0/rand=413173715
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2BB6 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/63e90c30/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f91.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Goog-Request-Time
1701023923303
Content-Type
application/json
X-YouTube-Utc-Offset
-480
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ejRQzHh8gLI
X-YouTube-Client-Version
1.20231119.00.00
X-YouTube-Time-Zone
America/Vancouver
X-Goog-Visitor-Id
CgtoQnFWOEx4bEN3SSiwoY6rBjIICgJDQRICGgA%3D
X-YouTube-Ad-Signals
dt=1701023920776&flash=0&frm=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C790%2C444&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 26 Nov 2023 18:38:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu=&expected_cookie=3c058bbe-0356-4e6f-b761-b318647b5d00
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu=&expected_cookie=3c058bbe-0356-4e6f-b761-b318647b5d00
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 22B94D0857974C2C82D49D31C92AF472 Ref B: YTO01EDGE0508 Ref C: 2023-11-26T18:38:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLEn65NoWUk3ND91mBnQ==

Redirect headers

date
Sun, 26 Nov 2023 18:38:42 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 18D42C7DA5824736A7EC1E43C9620C3F Ref B: YTO01EDGE0508 Ref C: 2023-11-26T18:38:43Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=25382&pu=&expected_cookie=3c058bbe-0356-4e6f-b761-b318647b5d00
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLEn635sdzdptF419piA==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 386F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=92719
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-122.iad12.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://s1.dunialk21.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Sun, 26 Nov 2023 18:38:43 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 d48a409d6a3222e2cc9a060d30206d3c.cloudfront.net (CloudFront)
x-amz-cf-id
v5WOL1X5dZkzn7SqCqDkALXnTkQnrtPwXHPh4ntlXpi78IQYRy9Mbg==
x-amz-cf-pop
IAD12-P1
x-cache
Miss from cloudfront
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=76193
  • https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 25 Nov 2023 18:38:44 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5617
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=90091
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=90091&_li_chk=true&previous_uuid=527f1f4bd2df4b9a81ad39d741fdf97e
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
543397
expires
Sun, 26 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sun, 26 Nov 2023 18:38:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
57333
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717
  • https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
34.197.239.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-239-24.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:44 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=63717
Date
Sun, 26 Nov 2023 18:38:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 2C7B 		85 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
382038
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Wed, 22 Nov 2023 08:31:26 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
x-amz-cf-id
Yb7Dx15tZEmpT4sMlD3mEPg045RgYHQxhLvD7arSWg52nOEFvo5wpg==
x-amz-cf-pop
IAD89-P2
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
db_sync
px.ads.linkedin.com/ Frame 5617 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HuN-fSZHZPbi87sTQYOsy8Ke&rand=35161&pu=https://nonton168.online/
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:38:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0C50A135F58B4F4183A00CC69E4816BC Ref B: YTO01EDGE0508 Ref C: 2023-11-26T18:38:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLEn7G9jiuHyy4UcDEHw==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 2C7B 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Fri, 17 Nov 2023 08:30:44 GMT
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
814080
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
cS0-OP66hjIMvvZ5fra7MA6ONQOey8BsDMSi-CXo8ADwkZFKK6QLqw==
a.gif
t.sharethis.com/d/ Frame 83E0 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZH4ACGVjkLEAAAAIA6wzAw%253D%253D&tt=t.dhj&dhjLcy=1701023921513&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1258.23363&ell=d&cck=__stid&dmn=nonton168.online&pn=%2Ftv%2Fgadis-kretek-2023-completed%2F&qs=na&rdn=nonton168.online&rpn=%2Ftv%2Fgadis-kretek-2023-completed%2F&rqs=na&cc=CA&cont=NA&evid=UXT7MwYAOcFjCAW4oUst&urls=!1!386!b-13j,!1!977!b-13h,!1!424!b-14s,!1!0!b-14t,!1!1318!b-150,!1!484!b-16f&rnd=1701023924649&cid=c010&version=1.1258.23363&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=40&bcnLcy=62
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1258.23363&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sun, 26 Nov 2023 18:38:44 GMT
merge
ce.lijit.com/ Frame 5617
Redirect Chain
  • https://um.simpli.fi/lj_match?r=47982
  • https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
43 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:38:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=2F2B435A2E88480FA382CF5EF06C8337
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 25 Nov 2023 18:38:45 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HuN-fSZHZPbi87sTQYOsy8Ke/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=f7e797d6a7cf29af4304b67135844b8d
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:38:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=f7e797d6a7cf29af4304b67135844b8d
cache-control
no-cache
x-server
10.40.56.48
content-length
0
expires
0
57333
i.liadm.com/s/ Frame 5617 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=HuN-fSZHZPbi87sTQYOsy8Ke&rnd=25933
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.143.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-143-253.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s1.dunialk21.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
4
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 63A0 		85 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://s1.dunialk21.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
382039
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Wed, 22 Nov 2023 08:31:26 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
x-amz-cf-id
vLd9pxV8FkqJmKdKaPUXWyexE7elBILGCjKhuXL7AnP6YBIkEfaFZw==
x-amz-cf-pop
IAD89-P2
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 63A0 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-31.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Fri, 17 Nov 2023 08:30:44 GMT
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
814081
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
fECWd7nropSY9E8EuH0HWb6r8Zx-eQpiS7ArYQy88Jh_bw6ReX6a3A==
pixel
ps.eyeota.net/ 		763 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
4549e9d6429a280575855a8f91ebbf2fc40cd8797d106e164554b129f2be21dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Sun, 26 Nov 2023 18:38:45 GMT
Content-Length
763
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkl4eDljZ2pJdDRCQktPdHFBbWwzdlBrRFphMzdtdGxuZDFXaHdIRTBreFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEHhTg1z-INiYBD-1J1g7BG4&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEHhTg1z-INiYBD-1J1g7BG4&google_cver=1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:38:45 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEHhTg1z-INiYBD-1J1g7BG4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-grqXgatE2pVwpkHsNjOSHmnpQu8kgOYchA4-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-grqXgatE2pVwpkHsNjOSHmnpQu8kgOYchA4-~A
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:38:45 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-grqXgatE2pVwpkHsNjOSHmnpQu8kgOYchA4-~A
date
Sun, 26 Nov 2023 18:38:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
lons7jax
sync-tm.everesttech.net/upi/pid/ 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701023926.902517,VS0,VE15481
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12821-YUL
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=9148969588917863460&bid=2cr76e1&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=9148969588917863460&bid=2cr76e1&referrer_pid=51md42u
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
HTTP/1.1
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:38:45 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:45 GMT
an-x-request-uuid
0af2a8c3-23f5-4712-a046-594bbae832ea
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=9148969588917863460&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
2981
tags.bluekai.com/site/
Redirect Chain
  • https://tags.bluekai.com/site/29539?limit=1&id=2HmvbUe3z6O2VabLyiQA-REiq-Z_VXfkl2QZpVd-cB3s
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=S2lPMXZCb1E5OTlEWnRCaw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEABxXgM_xihW04ls4KePy9w&google_cver=1
62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEABxXgM_xihW04ls4KePy9w&google_cver=1
Requested by
Host: nonton168.online
URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Protocol
H2
Server
23.220.112.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 26 Nov 2023 18:38:46 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:38:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEABxXgM_xihW04ls4KePy9w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:38:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sun, 26 Nov 2023 19:38:46 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nonton168.online/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 26 Nov 2023 18:38:52 GMT
content-length
0
vary
Origin
metrics
connect-metrics-collector.s-onetag.com/ Frame 5617 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s1.dunialk21.id/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 26 Nov 2023 18:38:53 GMT
content-length
0
vary
Origin
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://nonton168.online/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 25 Nov 2023 21:59:47 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
74355
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
uQn1YVX6Uq7bxsr-PHdPbgzXW3e6lv8yzbq1zjia-Shtepf5Q27cIg==
data
bcp.crwdcntrl.net/6/ 		325 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3e11492c3d68f9f604d1fce744a505c9b4c630c1a6a41a1b78c58cc5fcc9f188

Request headers

Referer
https://nonton168.online/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nonton168.online
cache-control
no-cache
x-server
10.40.48.246
access-control-allow-credentials
true
content-length
325
expires
0
beacon
ce.lijit.com/ Frame 35EA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2f7bdb2becdbcdb56db4b879b4dbb3bf44df9187b9a084b29c707b42ce33b289

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1095
Content-Type
text/html
Date
Sun, 26 Nov 2023 18:39:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap7ewr1
a
a.dtssrv.com/ 		0
433 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=51A017010239200F513BAB960BCDED15&k=lotpano&v=fe4345d3a803c78b061c172b254fa9fb927a09cdbcc04ab0bc0df7dbfdac6f90
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnonton168.online%2Ftv%2Fgadis-kretek-2023-completed%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.128.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nonton168.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0ZpEvZy2A564FpEH9SCWfPEf6ujq9L%2F9un%2FW2bhK%2FK13GQK%2FX9zQX3ACszd8fi9EWPnTpxouD%2BDT%2Ba1S%2FgPMBd3UmTGopdoe3x6XR3pHnmotTT75u0Uy5EmSAGQxnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
82c440732e59439f-EWR
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 777E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://nonton168.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
61931
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 26 Nov 2023 01:26:51 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-amz-cf-id
5Okj2Ay0E_cTTrFlVAt_YqAT-d_j6pxWf8qvZR2tQIDtYzXJqGF_Rg==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
match
e.serverbid.com/udb/9969/ Frame 35EA
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fcs.krushmedia.com%2F0674638529195b597475a5faaba7eee8.gif%3Fpuid%3D%5Bsas_uid%5D&gdpr_consent=[consent_string]&nwid=4478
  • https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=3669561126981729921
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fcs.krushmedia.com%2F4264a41cc8c08a41961737ab5bcf5b16.gif%3Fpuid%3D
0
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D96dbdb...
  • https://ce.lijit.com/merge?pid=16&3pid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HuN-fSZHZPbi87sTQYOsy8Ke&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:0b2c3bb7f94bb5675e19943eb71e35c6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:0b2c3bb7f94bb5675e19943eb71e35c6
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:39:01 GMT
server
Aorta/20231117.93abd8dbd
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:0b2c3bb7f94bb5675e19943eb71e35c6
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f2326894e798
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=DcrwEvWxdzgYYNfeoV93rSRyYZlKR72GYEq5fuDC-rI&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=DcrwEvWxdzgYYNfeoV93rSRyYZlKR72GYEq5fuDC-rI&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=DcrwEvWxdzgYYNfeoV93rSRyYZlKR72GYEq5fuDC-rI&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT, Sun, 26 Nov 2023 18:39:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 35EA
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Server
172.253.122.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 02:54:43 GMT
x-content-type-options
nosniff
age
56658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Nov 2023 02:54:43 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AACAPU7KxyIAABXTqiZl9w&pid=85&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AACAPU7KxyIAABXTqiZl9w&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AACAPU7KxyIAABXTqiZl9w&pid=85&gdpr=0
Date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ZnrYtGl_jbJ9LIyzZXjDsmkt3rJ9LY_lZilsqwbm
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ZnrYtGl_jbJ9LIyzZXjDsmkt3rJ9LY_lZilsqwbm
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ZnrYtGl_jbJ9LIyzZXjDsmkt3rJ9LY_lZilsqwbm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LPFTQHR3-3-DHGE&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LPFTQHR3-3-DHGE&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LPFTQHR3-3-DHGE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5c7d31e505103f093db6d1ed70deaa2
Expires
0
iu3
s.amazon-adsystem.com/ Frame 35EA
Redirect Chain
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SRDXDZ37JBMPV1RA6ADV
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1701023941698
  • https://ad.turn.com/r/cs?pid=45&rndcb=8000347103
  • https://sync.1rx.io/usersync/turn/3809824949511121677?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 26 Nov 2023 18:39:03 GMT
Server
Tengine
ETag
RXa7f1c7f800284a08b9b46073c08ebff2005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Content-Type
text/html
Connection
keep-alive
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=GJAV8UWcyUHi&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=GJAV8UWcyUHi&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=GJAV8UWcyUHi&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-cjb85
expires
-1
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU0c25e72e0f75407abc3dd9e69c033034&gdpr=0&gdpr_consent=&pid=102
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU0c25e72e0f75407abc3dd9e69c033034&gdpr=0&gdpr_consent=&pid=102
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU0c25e72e0f75407abc3dd9e69c033034&gdpr=0&gdpr_consent=&pid=102
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=8db43e9f-c272-4bbd-b735-7da412be1219
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=8db43e9f-c272-4bbd-b735-7da412be1219
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=8db43e9f-c272-4bbd-b735-7da412be1219
date
Sun, 26 Nov 2023 18:39:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=HuN-fSZHZPbi87sTQYOsy8Ke&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=856855021793
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=856855021793
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=856855021793
Content-Length
0
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LPFTQK2U-1D-IRUN&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPFTQK2U-1D-IRUN&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LPFTQK2U-1D-IRUN&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
sync
x.bidswitch.net/ Frame 35EA 		0
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 35EA 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame 35EA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=9148969588917863460&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=9148969588917863460&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
an-x-request-uuid
dd59e282-20e1-430a-8eaa-deeb8b8e100b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=9148969588917863460&gdpr=0&gdpr_consent=
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35EA
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 26 Nov 2023 18:39:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame A22E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
857 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1b0e58ef92fc12e239167876937c7744b59ebbedcdf7c708baf29c3fe66e6f73

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
533
content-type
text/html
date
Sun, 26 Nov 2023 18:39:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 26 Nov 2023 18:39:01 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 68CA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.241.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-241-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54345
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 26 Nov 2023 18:39:01 GMT
expires
Mon, 27 Nov 2023 09:44:46 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B287 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.241.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-241-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=54345
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 26 Nov 2023 18:39:01 GMT
expires
Mon, 27 Nov 2023 09:44:46 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixels
bcp.crwdcntrl.net/ Frame 6800 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2ff62f021f039f2745651d8cec84470c49e72876e5df0c172883afc02f6ce49c

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
3134
content-type
text/html
date
Sun, 26 Nov 2023 18:39:01 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.55.126
PugMaster
image6.pubmatic.com/AdServer/ Frame B287 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19295547&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b64307c79936e06cc8eed1becc14929f6b9c1342ccdf64ac62af3c1d2135e1be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:39:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
partner.mediawallahscript.com/ Frame 6800
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f7e797d6a7cf29af4304b67135844b8d&custom=&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f7e797d6a7cf29af4304b67135844b8d&custom=&tag_format=img&tag_action=sync&final=true&reqid=119a9430-8c8b-11ee-941f-f57ef3c7f...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=9148969588917863460&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=11a123e0-8c8b-11ee-8d32-dd5bdc34d559?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=f7e797d6a7cf29af4304b67135844b8d&tag_format=img&tag_action=sync&cb=380339861
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a88b0dbe-40d8-479c-993a-bf072bb26049&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=11a123e0-8c8b-11ee-8d32-dd5bdc34d559&cb=1701023942148&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=4005e2a9-5761-46f8-9e74-d0d646bdd902&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1701023942148
0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=4005e2a9-5761-46f8-9e74-d0d646bdd902&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1701023942148
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.197.133.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-133-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=4005e2a9-5761-46f8-9e74-d0d646bdd902&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1701023942148
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Sun, 26 Nov 2023 18:39:01 GMT
/
c1.adform.net/serving/cookie/match/ Frame 6800
Redirect Chain
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc=
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=MXBvcjVuV1RRaml0ajdrUzMzYmFOZz09&sm_p=dc&sm_r=lotame,lotame,smt,rbc,bds,tl
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,smt,rbc,bds,tl
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=d69a2be6-7593-4238-ad8f-b912df76da36&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Csmt%2Crbc%2Cbds%2Ctl
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,smt,rbc,bds,tl
  • https://s.ad.smaato.net/c/?dspId=1001024&dspCookie=d69a2be6-7593-4238-ad8f-b912df76da36
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=c30f398150&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=25&amp;redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001213%26dspCookie%3D__ADFUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=25&amp;redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001213%26dspCookie%3D__ADFUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

date
Sun, 26 Nov 2023 18:39:02 GMT
via
1.1 573f3bf892e6baf323888f7038237db2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://c1.adform.net/serving/cookie/match/?party=25&amp;redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1001213%26dspCookie%3D__ADFUID__%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
cache-control
max-age=300
content-length
0
x-amz-cf-id
if41BRybBykyN8oaEM80awPX7I5uXmJ6VuKpBi6RegelQuVIQ3xJ7g==
c.gif
tag.crsspxl.com/ Frame 6800
Redirect Chain
  • https://tag.crsspxl.com/c.gif?t=57603&gdpr=0
  • https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-140-51.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:39:00 GMT
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Date
Sun, 26 Nov 2023 18:39:00 GMT
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
dcm
s.amazon-adsystem.com/ Frame 6800 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGPF3FVM9PAKEX7EVXQC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
lotame
ad.mrtnsvr.com/sync/ Frame 6800 		0
0
engine
pbid.pro-market.net/ Frame 6800
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=f7e797d6a7cf29af4304b67135844b8d
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=f7e797d6a7cf29af4304b67135844b8d&sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTMxNTczNTI5MjU4OTExMTUzNTY=
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEPUQ57JBuOjMZed36uazR3c&google_cver=1
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEPUQ57JBuOjMZed36uazR3c&google_cver=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.178.240.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.240.178.107.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEPUQ57JBuOjMZed36uazR3c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6800
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
  • https://id5-sync.com/c/19/19/9/1.gif?puid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/19/2/8/2.gif?puid=9148969588917863460&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a88b0dbe-40d8-479c-993a-bf072bb26049&ttl=%%TTL%%
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F6%2F4.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/19/136/6/4.gif?puid=ZWOQxQACjgkjzABd&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/id5?uid=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F5%2F5%2Fgif%2F0%2F0%2F
  • https://id5-sync.com/a/19/121/5/5/gif/0/0/ZH4ACGVjkLEAAAAIA6wzAw==
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F4%2F6.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=794b40a8dd774161a092f938498fa75b&redir=https://id5-sync.com/c/19/321/4/6.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/19/321/4/6.gif?puid=peh1vshX99YiCtBk
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4fr...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjdlNzk3ZDZhN2NmMjlhZjQzMDRiNjcxMzU4NDRiOGQ&id5id=ID5-2d29FtYyHiYrvmd5BMrLBmSR27nxQO4frcTdYloe8Q
cache-control
no-cache
x-server
10.40.54.210
content-length
0
expires
0
insync
thrtle.com/ Frame 6800
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d
  • https://thrtle.com/insync?gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d&vxii_pid=12&vxii_pid1=10014&vxii_rcid=a79265c5-e1c1-4fa4-baa3-fcd32a620c85
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d&vxii_pid=12&vxii_pid1=10014&vxii_rcid=a79265c5-e1c1-4fa4-baa3-fcd32a620c85
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.228.65.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-65-117.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 26 Nov 2023 18:39:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&vxii_pdid=f7e797d6a7cf29af4304b67135844b8d&vxii_pid=12&vxii_pid1=10014&vxii_rcid=a79265c5-e1c1-4fa4-baa3-fcd32a620c85
date
Sun, 26 Nov 2023 18:39:01 GMT
content-type
text/html; charset=utf-8
content-length
189
p3p
CP="NOI OUR BUS UNI COM NAV"
41715
i.liadm.com/s/ Frame 6800 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.143.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-143-253.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:39:01 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
ltm
audex.userreport.com/sync/put/ Frame 6800 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=f7e797d6a7cf29af4304b67135844b8d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-25.iad55.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 26 Nov 2023 18:39:01 GMT
Via
1.1 c4199de5b59b067ce72a20c751022aa8.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
IAD55-P4
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
VkgxEnaqPNGzgZTCbQZiYKpPZ4A_mAlNSWCz_NXB47MUFzX9hIBBew==
partner
sync.search.spotxchange.com/ Frame 6800 		0
0
cm
trc.taboola.com/sg/lotame/1/ Frame 6800 		0
0
sync
pixel.shareaholic.com/ Frame 6800 		0
0
7
sync.search.spotxchange.com/audience_sync/ Frame 6800 		0
0
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=54077093005570383903678933283824242444/ Frame 6800
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=54077093005570383903678933283824242444/gdpr=0
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=54077093005570383903678933283824242444/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.108
content-length
49
expires
0

Redirect headers

dcs
dcs-prod-va6-1-v053-0de133e91.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
hrAX4bIYRE0=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=54077093005570383903678933283824242444/gdpr=0
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
19505
tags.bluekai.com/site/ Frame 6800
Redirect Chain
  • https://pixel.onaudience.com/?mapped=f7e797d6a7cf29af4304b67135844b8d&partner=104&gdpr=0
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=7c0436aa260667ab
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
  • https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
  • https://tags.bluekai.com/site/19505?id=y-kndRJRVE2pKkUF2R6T73npIB8_nZHt.sd_A-~A
62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/19505?id=y-kndRJRVE2pKkUF2R6T73npIB8_nZHt.sd_A-~A
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
23.220.112.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-112-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 26 Nov 2023 18:39:03 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/19505?id=y-kndRJRVE2pKkUF2R6T73npIB8_nZHt.sd_A-~A
date
Sun, 26 Nov 2023 18:39:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame 6800
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=f7e797d6a7cf29af4304b67135844b8d
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0b2c3bb7f94bb5675e19943eb71e35c6&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:0b2c3bb7f94bb5675e19943eb71e35c6&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U...
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=54077093005570383903678933283824242444
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=cf732ce2-3ea6-017b-1ec1-c795a27bb676&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0b2c3bb7f94bb5675e19943eb71e35c6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0b2c3bb7f94bb5675e19943eb71e35c6
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 26 Nov 2023 18:39:03 GMT
server
Aorta/20231117.93abd8dbd
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0b2c3bb7f94bb5675e19943eb71e35c6
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
892c44eea1f9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
qmap
sync.crwdcntrl.net/ Frame 6800
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213260604712009365881&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213260604712009365881&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.117
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213260604712009365881&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
9tNl_ewJnsChByR75a7Amd1QVZcCZSbT_0P4KPDWmlfG2jiVIlJMHw==
expires
0
match
ps.eyeota.net/ Frame 6800 		70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=51mdg9u&uid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-144-0.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:02 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
token
token.rubiconproject.com/ Frame 6800 		0
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bsTd8NdE
sync-tm.everesttech.net/ct/upi/pid/ Frame 6800
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZWOQxQACjud_awBU
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZWOQxQACjud_awBU
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
355
x-timer
S1701023942.831324,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
2997

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701023942.775727,VS0,VE14
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZWOQxQACjud_awBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
382416.gif
idsync.rlcdn.com/ Frame 6800 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=f7e797d6a7cf29af4304b67135844b8d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rand=999977428
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9148969588917863460/gdpr=0/ Frame 6800
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=999977428
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9148969588917863460/gdpr=0/rand=999977428
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9148969588917863460/gdpr=0/rand=999977428
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C156%2C153%2C146%2C142%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C94%2C89%2C79%2C65%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.54.227
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
an-x-request-uuid
ef75cb93-790a-4445-ac3a-d9011ed6580d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9148969588917863460/gdpr=0/rand=999977428
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame A22E 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=bc13c6c7-8668-0738-2fe8-ea723ef88715&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A22E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWOQxQACkMV_uABU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWOQxQACkMV_uABU&_test=ZWOQxQACkMV_uABU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWOQxQACkMV_uABU&_test=ZWOQxQACkMV_uABU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701023942.831065,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWOQxQACkMV_uABU&_test=ZWOQxQACkMV_uABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
443a7e43-fc70-af7c-5983-4a21b91e750e
pr-bh.ybp.yahoo.com/sync/openx/ Frame A22E 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/443a7e43-fc70-af7c-5983-4a21b91e750e?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.52.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-52-210.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame A22E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=882b647a-7076-86cf-a85a-de432e7a73a7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Nov 2023 18:39:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YHWPHZ9RGX06J0CD6KTC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A22E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a88b0dbe-40d8-479c-993a-bf072bb26049&ttd_puid=d0fd1807-6cdc-3d35-6854-5cd44649b847&gdpr=0&gdpr_consent=
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame A22E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM5MmNiY2QtYTVhYi02MzkxLTdkYjQtMDY2ZDhjYWI3NjI3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A22E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGxq6ltWlmfRrE7KELzj6zY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGxq6ltWlmfRrE7KELzj6zY&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGxq6ltWlmfRrE7KELzj6zY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 830B 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2B244806-A0BC-4F9E-8896-17D65D0B30D3&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
436BMNMHKERN35MES5TM
Pug
simage2.pubmatic.com/AdServer/ Frame 98C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9148969588917863460&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9148969588917863460&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a920bf2a-6c37-49e4-b07d-65f85be12813
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 26 Nov 2023 18:39:01 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9148969588917863460&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.80.46; 185.213.80.46; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 5840
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDQVBVN0t4eUlBQUJYVHFpWmw5dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACAPU7KxyIAABXTqiZl9w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACAPU7KxyIAABXTqiZl9w&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACAPU7KxyIAABXTqiZl9w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3669561126981729921&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AACAPU7KxyIAABXTqiZl9w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D3669561126981729921%26gdpr%3D0%...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0345378B94D9495CA1AECF8ACCEB3788%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0345378B94D9495CA1AECF8ACCEB3788%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=0345378B94D9495CA1AECF8ACCEB3788&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D36695611269817...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=3669561126981729921&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAPU7KxyIAABXTqiZl9w&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAPU7KxyIAABXTqiZl9w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 26 Nov 2023 18:39:03 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACAPU7KxyIAABXTqiZl9w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame 0170 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 26 Nov 2023 18:39:01 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D673
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWOQxQACjgkjzABd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 26 Nov 2023 18:39:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1701023942.838649,VS0,VE14

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 26 Nov 2023 18:39:01 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWOQxQACjgkjzABd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1701023942.804312,VS0,VE15
Pug
image2.pubmatic.com/AdServer/ Frame 1F0F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 15:08:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 26 Nov 2023 18:39:01 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
x.bidswitch.net/ Frame A8AB 		0
0
bridge
cm.adgrx.com/ Frame 9C99 		0
0
cm
p.rfihub.com/ Frame F561 		0
0
ping_match.gif
pm.w55c.net/ Frame 9AF8 		0
0
i.match
a.tribalfusion.com/ Frame 630D 		0
0
sync
sync.srv.stackadapt.com/ Frame 65F9 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 362C 		0
0
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 6254 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame E821
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
568 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:39:02 GMT
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 26 Nov 2023 18:39:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
pragma
no-cache
server
nginx
Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2
b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/ Frame 876E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s...
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
19 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
19
Content-Type
text/plain; charset=utf-8
Date
Sun, 26 Nov 2023 18:39:02 GMT
X-Content-Type-Options
nosniff

Redirect headers

Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Nov 2023 18:39:02 GMT
Location
/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
pubmatic
ad.mrtnsvr.com/sync/ Frame B68C 		0
0
merge
ce.lijit.com/ Frame B754 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ewr1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B287
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KyRIBqC8T56IlhfWXQsw0w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.221.241.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-241-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:01 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=54345
accept-ranges
bytes
content-length
5622
expires
Mon, 27 Nov 2023 09:44:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame B287
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2B244806-A0BC-4F9E-8896-17D65D0B30D3
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=23d56d0e-e5ab-4972-a650-5aad8061e8d8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=23d56d0e-e5ab-4972-a650-5aad8061e8d8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=54077093005570383903678933283824242444&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=54077093005570383903678933283824242444&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-1-v053-0142dceaa.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
u3EkSJBqS7o=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=54077093005570383903678933283824242444&pt=23d56d0e-e5ab-4972-a650-5aad8061e8d8%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame B287 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%202B244806-A0BC-4F9E-8896-17D65D0B30D3&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame B287
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkIyNDQ4MDYtQTBCQy00RjlFLTg4OTYtMTdENjVEMEIzMEQz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHk329sx1YlBR2j4mTmDlhE&google_cver=1
42 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHk329sx1YlBR2j4mTmDlhE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHk329sx1YlBR2j4mTmDlhE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 16:21:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 25 Nov 2023 18:39:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a88b0dbe-40d8-479c-993a-bf072bb26049&gdpr=0&gdpr_consent=
date
Sun, 26 Nov 2023 18:39:01 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-utFfKzlE2uUrGoqzAhV1o2kFeqaeRNw-~A&gdpr=0
0
0
2B244806-A0BC-4F9E-8896-17D65D0B30D3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B287 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B244806-A0BC-4F9E-8896-17D65D0B30D3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.52.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-52-210.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5a0674478dca11c1&is_secure=true&networkId=17100&version=1&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHT5h40xtp8gMYB8SFAAAAAAA&expiration=1701110343&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&...
42 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHT5h40xtp8gMYB8SFAAAAAAA&expiration=1701110343&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHT5h40xtp8gMYB8SFAAAAAAA&expiration=1701110343&nuid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame B287 		0
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame B287 		0
0
sn.ashx
pmp.mxptint.net/ Frame B287 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3809824949511121677&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3809824949511121677&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 26 Nov 2023 18:39:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3809824949511121677&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 26 Nov 2023 18:39:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B287
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6774825355793358841
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6774825355793358841
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6774825355793358841
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame B287 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 68CA 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39534950&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b90d812591dcd9230138436c1322bf85a6901784c5df6a7193c310dc4d252bc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 26 Nov 2023 18:39:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame D941
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=856854897523
42 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=856854897523
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=856854897523
Pug
simage2.pubmatic.com/AdServer/ Frame 7DFF
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 26 Nov 2023 15:08:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 26 Nov 2023 18:39:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame 8635 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 26 Nov 2023 18:39:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pubmatic
gocm.c.appier.net/ Frame B17C 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D635
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3841358648
  • https://sync.1rx.io/usersync/tradedesk/a88b0dbe-40d8-479c-993a-bf072bb26049
  • https://sync.targeting.unrulymedia.com/csync/RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 26 Nov 2023 18:39:04 GMT
ETag
RXa7f1c7f800284a08b9b46073c08ebff2005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame D77D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cae66563-90c9-4f00-9ee6-120931253519&gdpr=0&gdpr_consent=
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cae66563-90c9-4f00-9ee6-120931253519&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:04 GMT
Expires
Sun, 26 Nov 2023 18:39:03 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master iad iad-pixel-x28 config_version:"1605"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cae66563-90c9-4f00-9ee6-120931253519&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame D871 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:06 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-65d04b9a2bb2@version_1.577
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 1787 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 26 Nov 2023 18:39:06 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 3590
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7543103451458500149&uid=Q754310345145850...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7543103451458500149
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7543103451458500149
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=14823
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 26 Nov 2023 18:39:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7543103451458500149
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 1ABC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337&gdpr=0&gdpr_consent=
1 B
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 26 Nov 2023 18:39:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 26 Nov 2023 18:39:04 GMT
expires
Sat, 25 Nov 2023 18:39:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2F2B435A2E88480FA382CF5EF06C8337&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
merge
ce.lijit.com/ Frame FC99 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ewr1
insync
thrtle.com/ Frame 68CA 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.65.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-65-117.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 26 Nov 2023 18:39:04 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 68CA 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 68CA 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.68.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-68-212.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:05 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 68CA 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.176.145 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 26 Nov 2023 18:39:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 68CA
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:aaf9b9c3-49e6-469c-8585-aa49b9772c97&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:aaf9b9c3-49e6-469c-8585-aa49b9772c97&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 26 Nov 2023 18:39:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:aaf9b9c3-49e6-469c-8585-aa49b9772c97&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 26 Nov 2023 18:39:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame B287 		692 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50317232&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5d602116305dff35f6168e4326c065fe3c98b56d268e77d20d42af9f9d46829d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 26 Nov 2023 18:39:04 GMT
content-length
692
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame C111 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=2B244806-A0BC-4F9E-8896-17D65D0B30D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 26 Nov 2023 18:39:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ewr1
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame B287 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:05 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
f0f3e457-a24a-43ff-999e-b06f69cc97e3
Connection
keep-alive
Content-Length
0
x-application-context
application:production
458249.gif
idsync.rlcdn.com/ Frame B287
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ce528e457ce2558668f6e01a31d5484e90715e78eb6157c5233b03f633371cd9791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjZTUyOGU0NTdjZTI1NTg2NjhmNmUwMWEzMWQ1NDg0ZTkwNzE1ZTc4ZWI2MTU3YzUyMzNiMDNmNjMzMzcxY2Q5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjZTUyOGU0NTdjZTI1NTg2NjhmNmUwMWEzMWQ1NDg0ZTkwNzE1ZTc4ZWI2MTU3YzUyMzNiMDNmNjMzMzcxY2Q5NzkxNDI2YjU0MTdkY2UyMRAAGgwIyaGOqwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0663f82e-84d8-44a3-9b21-6d376c3f7709
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0663f82e-84d8-44a3-9b21-6d376c3f7709
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 26 Nov 2023 18:39:05 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=0663f82e-84d8-44a3-9b21-6d376c3f7709
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3/gdpr=0/ Frame B287 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2B244806-A0BC-4F9E-8896-17D65D0B30D3/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-54-186.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Nov 2023 18:39:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.51.61
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame B287 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=2B244806-A0BC-4F9E-8896-17D65D0B30D3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 18:39:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
e.serverbid.com
URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fcs.krushmedia.com%2F4264a41cc8c08a41961737ab5bcf5b16.gif%3Fpuid%3D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=lotame
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/lotame/1/cm
Domain
pixel.shareaholic.com
URL
https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-utFfKzlE2uUrGoqzAhV1o2kFeqaeRNw-~A&gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| plugin_name_ajax_object object| _Hasync object| google_tag_manager object| google_tag_data function| tns object| sidr function| MediaBox object| gaGlobal object| addComment string| GoogleAnalyticsObject function| ga function| chfh function| chfh2 string| _HST_cntval object| Histats function| onYouTubeIframeAPIReady object| _HistatsCounterGraphics_324_setValues object| gaplugins object| gaData object| twemoji object| wp boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_324 function| histats_canvascounters_base.js object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| __connect object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Oa object| lt3825_Ya object| lt3825_Za object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_wa function| lt3825_L function| lt3825_M function| lt3825_K function| lt3825_xa function| lt3825_ya function| lt3825_N function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ja function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ka function| lt3825_Ma function| lt3825_La function| lt3825_Na function| lt3825_O function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_P function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_Q function| lt3825_R function| lt3825_2a function| lt3825_S function| lt3825_T function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_6a function| lt3825_9a function| lt3825_8a function| lt3825_7a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_ab function| lt3825_cb function| lt3825_bb function| lt3825_eb function| lt3825_db function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_hb function| lt3825_3 function| lt3825_$a function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_5 function| lt3825_6 function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_8 function| lt3825_zb function| lt3825_Ab function| lt3825_yb function| lt3825_xb function| lt3825_Cb function| lt3825_Bb function| lt3825_Eb function| lt3825_Db function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Lb function| lt3825_Sb function| lt3825_Nb function| lt3825_Qb function| lt3825_Ub function| lt3825_Tb function| lt3825_Vb function| lt3825_Rb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_9 function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_$ function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ac object| __underground object| sovrn string| currentTagSRC

222 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDLFgoJCP____8HENUW
.nonton168.online/ Name: _ga_84JV0TX02W
Value: GS1.1.1701023920.1.0.1701023920.0.0.0
nonton168.online/ Name: HstCfa4740048
Value: 1701023920588
nonton168.online/ Name: HstCla4740048
Value: 1701023920588
nonton168.online/ Name: HstCmu4740048
Value: 1701023920588
nonton168.online/ Name: HstPn4740048
Value: 1
nonton168.online/ Name: HstPt4740048
Value: 1
nonton168.online/ Name: HstCnv4740048
Value: 1
nonton168.online/ Name: HstCns4740048
Value: 1
.youtube.com/ Name: YSC
Value: 9WrNI0nIiwI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: hBqV8LxlCwI
.nonton168.online/ Name: _ga_ZXQP669L0F
Value: GS1.1.1701023920.1.0.1701023920.0.0.0
.nonton168.online/ Name: _ga
Value: GA1.2.1025314430.1701023921
.nonton168.online/ Name: _gid
Value: GA1.2.1627407060.1701023921
.nonton168.online/ Name: _gat_gtag_UA_195325106_1
Value: 1
.dtscout.com/ Name: df
Value: 1701023920
.dtscout.com/ Name: l
Value: 51A017010239200F513BAB960BCDED15
.sharethis.com/ Name: __stid
Value: ZH4ACGVjkLEAAAAIA6wzAw==
.sharethis.com/ Name: __stidv
Value: 2
.nonton168.online/ Name: __dtsu
Value: 51A017010239200F513BAB960BCDED15
.tynt.com/ Name: uid
Value: CoIKTGVjkLFTQZc4HdnMAg==
.dtscdn.com/ Name: uid
Value: 51A017010239200F513BAB960BCDED15
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1701023921516%7D%5D
.onaudience.com/ Name: cookie
Value: 1b2791c5ff55bea8
.onaudience.com/ Name: done_redirects161
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1701023921655
.tapad.com/ Name: TapAd_DID
Value: 23d56d0e-e5ab-4972-a650-5aad8061e8d8
.go.affec.tv/ Name: ck
Value: 656390b137cba0000114d218
.go.affec.tv/ Name: oo
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212273564415514%3As1%3D1701023921668%3Ats%3D1701023921668
.lijit.com/ Name: ljt_reader
Value: HuN-fSZHZPbi87sTQYOsy8Ke
.adsrvr.org/ Name: TDID
Value: a88b0dbe-40d8-479c-993a-bf072bb26049
.ml314.com/ Name: pi
Value: 3640214972407480320
.eyeota.net/ Name: mako_uid
Value: 18c0ced364c-493c0000010a5def
.eyeota.net/ Name: SERVERID
Value: 24047~DM
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL99nsxRtU4v6yG
.krxd.net/ Name: _kuid_
Value: P8H8L4-S
.dtscout.com/ Name: m
Value: 2
.dtscout.com/ Name: st
Value: 2
.dtscout.com/ Name: oa
Value: 2
.intentiq.com/ Name: IQver
Value: 1.9
.exelator.com/ Name: EE
Value: "ae391f1942a10fdc0a80995cd6adfbca"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSEx1djSMM3Q0sQo0dAgLSXZINHCwNLSNDnFLDElLSk5cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6ImfHxUUpaQyLSopPBR9jKwcA1q0qjA%253D%253D"
.onaudience.com/ Name: done_redirects219
Value: 1
.onaudience.com/ Name: done_redirects104
Value: 1
.zeotap.com/ Name: zc
Value: e1e33987-7a37-45c7-4f4a-df14159610c7
.zeotap.com/ Name: zsc
Value: j%C9%B4%AF%0F%95%9F%ED%B9%26pW%DA%22%98J%CC%C2%1Ah%E0%00%D4%84%81%D6%13~H%FE%7C%9B%17%D7k%E2%EB%C4%9Df%9DI%D5%9A%D5Y%9D%06%80%29.s%24%8C%14%7F%B3%95%40%3C1%D0%1C%8AY%DD%FE%24%3C%1C%02%CD%89%D8%AB%84%7CU%E2pF%18%24
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 2_0_1701023921631
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: f7e797d6a7cf29af4304b67135844b8d
.onaudience.com/ Name: done_redirects68
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkFAGrGL-SDBEUmavAgVXks_qYeCed_twov3e_TcGQqsnWJNrT-USTPO9VKhdY
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6774825355793358841
.mgid.com/ Name: muidn
Value: naqH4VphZLCa
.mgid.com/ Name: __cf_bm
Value: 975_1AZbz2GPnxqty25FmqWnZt3T9Kp6I62cjHWGV9k-1701023923-0-AT+RAMl5cpN7stomAe0Jzt5LSxku8C/7rDoimcstoXqRMgKf3evFvT90JjOYetTwL4SBMcCJeLRhN8sT3+iHzC8=
.onaudience.com/ Name: done_redirects147
Value: 1
cm.mgid.com/ Name: mg_sync
Value: {}
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-872418fa-7803-5f03-510b-f7497780782c.fTu9DcSZ0V4CVSTSB9MyaE56XMCABJowZubdiCzZ%2FIc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-872418fa-7803-5f03-510b-f7497780782c.fTu9DcSZ0V4CVSTSB9MyaE56XMCABJowZubdiCzZ%2FIc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhyQY-ngDXwNRC_dJd4B4LLnVUC4.KF9b2tfWWaXrCsHx5kfFeXsQhurkp0wptPRn6%2B9xC%2F8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhyQY-ngDXwNRC_dJd4B4LLnVUC4.KF9b2tfWWaXrCsHx5kfFeXsQhurkp0wptPRn6%2B9xC%2F8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIIWtAeEC2cOwQzKgDziTNxnEDdIneMD4vXFT6abkUoWIEHwYBCCzoY6rBjABOgRyABfNQgRlwlkF.%2B66gBkkZittCFZVscTxwjBYQJHSSRGkQJAgzwglVwW0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIIWtAeEC2cOwQzKgDziTNxnEDdIneMD4vXFT6abkUoWIEHwYBCCzoY6rBjABOgRyABfNQgRlwlkF.%2B66gBkkZittCFZVscTxwjBYQJHSSRGkQJAgzwglVwW0
.sitescout.com/ Name: ssi
Value: 96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9#1701023923258
.agkn.com/ Name: ab
Value: 0001%3A982EbAfnx8ZbWUPb%2FjlxAUl6whuwzu1L
.c.cintnetworks.com/ Name: TiPMix
Value: 98.62837489571498
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.turn.com/ Name: uid
Value: 3809824949511121677
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.linkedin.com/ Name: li_sugr
Value: 3c058bbe-0356-4e6f-b761-b318647b5d00
.linkedin.com/ Name: bcookie
Value: "v=2&5c2c06d7-7d13-46c8-89ab-69edf82b5b1f"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3258:u=1:x=1:i=1701023923:t=1701110323:v=2:sig=AQETF6k2YzhnMmvHP8GNV9cAgHDLBY--"
.smartadserver.com/ Name: pid
Value: 3669561126981729921
.simpli.fi/ Name: suid
Value: 2F2B435A2E88480FA382CF5EF06C8337
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: o0jo0eks5w10l15fjgih0mlr
.truoptik.com/ Name: to_master_s
Value: d98b02765a5a429d32c10cc71757c813
.truoptik.com/ Name: to_version_s
Value: b2
.liadm.com/ Name: lidid
Value: 527f1f4b-d2df-4b9a-81ad-39d741fdf97e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2B244806-A0BC-4F9E-8896-17D65D0B30D3
.lijit.com/ Name: _ljtrtb_2
Value: 2F2B435A2E88480FA382CF5EF06C8337
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In3i'#q9!]tbP6j2F-XstGt!@Dkt$qow-
.adnxs.com/ Name: uuid2
Value: 9148969588917863460
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwMTAyMzkyNCwiaWQiOiI5MDEzOTAwNDk3NDI5Mzg3Mjc3IiwibHMiOjE3MDEwMjM5MjR9LCJ0dCI6eyJkdCI6MTcwMTAyMzkyMSwiaWQiOiJDb0lLVEdWamtMRlRRWmM0SGRuTUFnPT0iLCJscyI6MTcwMTAyMzkyMX0sInRkIjp7ImR0IjoxNzAxMDIzOTI0LCJpZCI6ImE4OGIwZGJlLTQwZDgtNDc5Yy05OTNhLWJmMDcyYmIyNjA0OSIsImxzIjoxNzAxMDIzOTI0fSwidiI6MH0=|1701023924|f63a2d29e8cfc6e2ebbfd5baff58d0786cd7001e
.yahoo.com/ Name: A3
Value: d=AQABBLSQY2UCEPhq7TZPcwSyu7P22ad7cHAFEgEBAQHiZGVtZSXcxyMA_eMAAA&S=AQAAAsZt1HeduC8-bPoPpX5erY0
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 67
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: oqe4cauvnv0xq1h3oo3zhrbc
.ib.mookie1.com/ Name: ibkukiuno
Value: s=7af83df7-8160-4e1b-ad51-d88cc8dccc68&h=&v=0&l=-8585005829607606430&op=&hl=0&vlu=0&tcs=1&dcc=-8585005829607606430
.ib.mookie1.com/ Name: ibkukinet
Value: 3117764654=-8585005829607606430
.lijit.com/ Name: _ljtrtb_5001
Value: f7e797d6a7cf29af4304b67135844b8d
.ipredictive.com/ Name: cu
Value: 40e13e20-9280-446a-80b7-b98e740a64a1|1701023926145
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDNPNbc0TzFLNE9OM7JMTDMxNjBJMjM3NDa1MDFJskhhAILU5AlH3%2F7%2F%2F58fxAED7h8bp7Cw%2Fgli%2BM%2FI%2BIERRO7RApEfZUHk9noQyXDu6CFmQmq%2BPt5sREjN7n2XBQipuXTqERshNU9efNQlpObw4jkE%2FfVuCWE1q9c%2F5SZk14eG%2BwJMyOHGMPmEOiFNAFy5lOI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBITZ5wFEhBADsDA9cMMHNRK4hk1JoNoWaBKD53BzDvYT2I4tfZDyQBGSwIaQ%3D%3D"
.nonton168.online/ Name: _cc_id
Value: f7e797d6a7cf29af4304b67135844b8d
.nonton168.online/ Name: panoramaId_expiry
Value: 1701110341483
.nonton168.online/ Name: panoramaId
Value: fe4345d3a803c78b061c172b254fa9fb927a09cdbcc04ab0bc0df7dbfdac6f90
.nonton168.online/ Name: panoramaIdType
Value: panoDevice
.lijit.com/ Name: ljtrtbexp
Value: eJxdkDkSwDAMAv%2FiOoWQbR35WiZ%2Fz2E3olyYAaSrpbcTLqq9z4GjmVWGKAu9Co7Kg%2F2VCNPwjzN3J%2FBmbSWohFaEUEeST50xiCcx59MXlPLm2gcxx%2B8bsdON9LQse%2B4HRXJInA%3D%3D
.krushmedia.com/ Name: krm_usr
Value: d52e149e-5927-4597-bd06-ab1f392ac588
.contextweb.com/ Name: V
Value: GJAV8UWcyUHi
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6759df5ec8cee947
.openx.net/ Name: i
Value: 0351275e-c55b-02c2-3282-943c226e8bba|1701023941
.lijit.com/ Name: _ljtrtb_49
Value: GJAV8UWcyUHi
.lijit.com/ Name: _ljtrtb_84
Value: c:0b2c3bb7f94bb5675e19943eb71e35c6
.openx.net/ Name: pd
Value: v2|1701023941|vMgavPkWgyiK
.lijit.com/ Name: _ljtrtb_16
Value: 96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553
.bidr.io/ Name: bito
Value: AACAPU7KxyIAABXTqiZl9w
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-id
Value: A5Ipbv81Qkzyqy1XqOrXS8g
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: _ljtrtb_76
Value: bc13c6c7-8668-0738-2fe8-ea723ef88715
.krushmedia.com/ Name: krm_r
Value: 572|498
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWOQxQACjgkjzABd
.lijit.com/ Name: _ljtrtb_71
Value: 2B244806-A0BC-4F9E-8896-17D65D0B30D3
.lijit.com/ Name: _ljtrtb_85
Value: AACAPU7KxyIAABXTqiZl9w
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMTAyMzk0MTgzNCwiNDgiOjE3MDEwMjM5NDE2NjUsIjM5IjoxNzAxMDIzOTQxNjY1LCI3IjoxNzAxMDIzOTIzMzAzfQ
.openx.net/ Name: univ_id
Value: 537072971|a88b0dbe-40d8-479c-993a-bf072bb26049|1701023941850981
.quantserve.com/ Name: d
Value: EKgBCwHCKvijAA
.quantserve.com/ Name: mc
Value: 656390c5-cd749-06c02-512bd
.crsspxl.com/ Name: uid
Value: 6626228906498704613
.crsspxl.com/ Name: uuid
Value: 8bfa703f-71b4-4c7c-af1d-22fa03f82fa4
.smadex.com/ Name: smxtrack
Value: d69a2be6-7593-4238-ad8f-b912df76da36
.smadex.com/ Name: smxdc
Value: 1
.mfadsrvr.com/ Name: tuuid
Value: 8db43e9f-c272-4bbd-b735-7da412be1219
.mfadsrvr.com/ Name: c
Value: 1701023941
.mfadsrvr.com/ Name: tuuid_lu
Value: 1701023941
.lijit.com/ Name: _ljtrtb_43
Value: ZnrYtGl_jbJ9LIyzZXjDsmkt3rJ9LY_lZilsqwbm
.creativecdn.com/ Name: u
Value: SXn42P0DnC2PX0uC2Zlb
.creativecdn.com/ Name: g
Value: SXn42P0DnC2PX0uC2Zlb_1701023941875
.creativecdn.com/ Name: ts
Value: 1701023941
.mediawallahscript.com/ Name: mCookie
Value: 11a123e0-8c8b-11ee-8d32-dd5bdc34d559
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1701023941
.zemanta.com/ Name: zuid
Value: aJGLWWzeTX5HGajV7EXH
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o7p|7dN.0.AACAPU7KxyIAABXTqiZl9w|7dW.0.1
.smadex.com/ Name: smxltm
Value: 1
.lijit.com/ Name: _ljtrtb_87
Value: 8db43e9f-c272-4bbd-b735-7da412be1219
.lijit.com/ Name: _ljtrtb_27
Value: a88b0dbe-40d8-479c-993a-bf072bb26049
.adx.opera.com/ Name: UID
Value: OPU0c25e72e0f75407abc3dd9e69c033034
.smadex.com/ Name: smxsmt
Value: 1
.lijit.com/ Name: _ljtrtb_86
Value: DcrwEvWxdzgYYNfeoV93rSRyYZlKR72GYEq5fuDC-rI
.lijit.com/ Name: _ljtrtb_83
Value: LPFTQHR3-3-DHGE
.lijit.com/ Name: _ljtrtb_102
Value: OPU0c25e72e0f75407abc3dd9e69c033034
.lijit.com/ Name: _ljtrtb_92
Value: 9148969588917863460
.deepintent.com/ Name: CDIUSER
Value: di_d60c5638a5de48908c9e1
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231126%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHk329sx1YlBR2j4mTmDlhE&KRTB&23025-CAESEHk329sx1YlBR2j4mTmDlhE&KRTB&23386-CAESEHk329sx1YlBR2j4mTmDlhE
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2F2B435A2E88480FA382CF5EF06C8337&KRTB&23486-uid:2F2B435A2E88480FA382CF5EF06C8337&KRTB&23489-uid:2F2B435A2E88480FA382CF5EF06C8337&KRTB&23539-uid:2F2B435A2E88480FA382CF5EF06C8337
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553&KRTB&23418-96dbdb5b-4575-49d9-b9ab-1e6b6d5b05c9-656390b3-5553
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z&KRTB&19420-ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z&KRTB&22979-ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z&KRTB&23462-ARjtBQ4duAMaTr8BAxT2BgFO6wQaGOoEVUk3En2Z
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_11_2023
Value: %7B%227bYSR%22%3A1%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6774825355793358841&KRTB&23263-6774825355793358841&KRTB&23481-6774825355793358841
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a88b0dbe-40d8-479c-993a-bf072bb26049&KRTB&22918-a88b0dbe-40d8-479c-993a-bf072bb26049&KRTB&22926-a88b0dbe-40d8-479c-993a-bf072bb26049&KRTB&23031-a88b0dbe-40d8-479c-993a-bf072bb26049
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9148969588917863460&KRTB&23339-9148969588917863460
.id5-sync.com/ Name: id5
Value: d13155e2-25dd-7635-a7e2-b2d5ff10f319#1701023942030#2
.rqtrk.eu/ Name: browser_id
Value: 4005e2a9-5761-46f8-9e74-d0d646bdd902
.blismedia.com/ Name: b
Value: 656390C6EF3223827363ECB6BLIS
.smartadserver.com/ Name: csync
Value: 127:AACAPU7KxyIAABXTqiZl9w
.smaato.net/ Name: SCM
Value: c30f398150
.smaato.net/ Name: SCMg
Value: c30f398150
.smaato.net/ Name: SCM1001024
Value: c30f398150
.technoratimedia.com/ Name: tads_uidp_73
Value: AACAPU7KxyIAABXTqiZl9w
.technoratimedia.com/ Name: tads_uid
Value: 0345378B94D9495CA1AECF8ACCEB3788
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231126183902+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.casalemedia.com/ Name: CMID
Value: ZWOQxtjR1BRn-rkraSd73AAA
.casalemedia.com/ Name: CMPS
Value: 3546
.casalemedia.com/ Name: CMPRO
Value: 3546
.3lift.com/ Name: tluid
Value: 1185074074573824236919
.pro-market.net/ Name: anHistory
Value: "-nzkk7a7qstb0+2+!#72-%c!a/W"
.demdex.net/ Name: demdex
Value: 54077093005570383903678933283824242444
.dpm.demdex.net/ Name: dpm
Value: 54077093005570383903678933283824242444
.technoratimedia.com/ Name: tads_uidp_82
Value: ZWOQxtjR1BRn-rkraSd73AAA&3546
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7938-2!7938-3!7938
.pro-market.net/ Name: anProfile
Value: "-nzkk7a7qstb0+1+4=yt+1f=1+1g=1+1j=3k:1+rs=s+rt=B9D5502E+s0=(95)+s2=(s4quh2)+vm=19-f7e797d6a7cf29af4304b67135844b8d:53-CAESEPUQ57JBuOjMZed36uazR3c"
.dotomi.com/ Name: DotomiTest
Value: 5a0674478dca11c1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3809824949511121677&KRTB&23150-3809824949511121677&KRTB&23527-3809824949511121677
.id5-sync.com/ Name: 3pi
Value: 321#1701023943021#-1229448459|2#1701023942285#643940099#9148969588917863460|19#1701023942138#1387163553#f7e797d6a7cf29af4304b67135844b8d|264#1701023942426#-455404239#a88b0dbe-40d8-479c-993a-bf072bb26049|136#1701023942584#-1770823649|121#1701023942736#-443232378|398#1701023943021#1385106413
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHT5h40xtp8gMYB8SFAAAAAAA&KRTB&22713-AAAHT5h40xtp8gMYB8SFAAAAAAA&KRTB&22715-AAAHT5h40xtp8gMYB8SFAAAAAAA&KRTB&23519-AAAHT5h40xtp8gMYB8SFAAAAAAA
.onaudience.com/ Name: done_redirects282
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005%22%7D
.lijit.com/ Name: _ljtrtb_97
Value: RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACAPU7KxyIAABXTqiZl9w
.analytics.yahoo.com/ Name: IDSYNC
Value: "19bk~2f9u:19cl~2f9u:18z8~2f9u:19bn~2f9u"
.pubmatic.com/ Name: SPugT
Value: 1701023943
.pubmatic.com/ Name: SyncRTB3
Value: 1702252800%3A35%7C1701561600%3A2_15_223_38%7C1703548800%3A224%7C1706140800%3A69%7C1701820800%3A63%7C1702166400%3A243_233_165_231_234_249_71_166_56_96_81_5_196_220_250_238_214_21_240_264_55_48_176_22_13_3_8_99_7_46_104_178_54
.lijit.com/ Name: _ljtrtb_58
Value: 2B244806-A0BC-4F9E-8896-17D65D0B30D3
.thrtle.com/ Name: mc
Value: eyJpZCI6ImE3OTI2NWM1LWUxYzEtNGZhNC1iYWEzLWZjZDMyYTYyMGM4NSIsImwiOjE3MDEwMjM5NDQ4NDYsInQiOjJ9
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHYmx1ZWthaRILCKCyyaWerrc8EAUSFwoIcHVibWF0aWMSCwikkpjhn663PBAFGAEgASgCMgsI0vyWq7autzwQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 156212:4
.pubmatic.com/ Name: DPSync3
Value: 1701043200%3A248_255%7C1701561600%3A265%7C1702166400%3A260_259_256_258_262_261_201_263%7C1701993600%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1701045544901
.mathtag.com/ Name: uuid
Value: cae66563-90c9-4f00-9ee6-120931253519
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005%22%2C%22nxtrdr%22%3Afalse%7D
.rlcdn.com/ Name: rlas3
Value: PJhyliLOpuA7P2vnopKq1dAhkpvccGGWpH/wf67nTWU=
.rlcdn.com/ Name: pxrc
Value: CLKhjqsGEgUI6AcQABIFCOhHEBYSBQjbThAA
.acuityplatform.com/ Name: auid
Value: 856855021793
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGAx1ZB7qYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRgMdWQe6j3RoaXJkUGFydHlVc2VySWRXSHVOLWZTWkhaUGJpODdzVFFZT3N5OEtl+/uGdmVyc2lvbsL7
.lijit.com/ Name: _ljtrtb_66
Value: 856855021793
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:cae66563-90c9-4f00-9ee6-120931253519
.pubmatic.com/ Name: PugT
Value: 1701023944
.rubiconproject.com/ Name: khaos
Value: LPFTQK2U-1D-IRUN
.rubiconproject.com/ Name: audit
Value: 1|EfvrR4JIRE7jYuAyj6HSnbqMfikzLjEFE/5yF+c18/q3JrY54CFgCFbQ3I+3bAbAAKnEofbP8iQkEa5N2k7U1SEEFoCDRlfY/fl9UxTBA2KsMyW2j+tLvKMcNyKzNUHRdNagGyTJzJG9+gdfTu7zmcF1c4dRQ9Az
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-856854897523&KRTB&23428-856854897523
.lijit.com/ Name: ljtrtb
Value: eJyNkc1SWzEMhd8l63pGtmxLYneTm4S%2FaWlKgGTDXPnaHWhoh0ALgem71%2BYJuvTRJ0vn6H0S4%2BRowiFyCOAsCU4%2BTQJXzU2d9wzRdDCdGb%2BQuWGWaCz1MfQwReg%2FWABb6UKZhMY4UCpOhuIRvEayGNh75bGStk2SOOqoQY0PFIyXUYzKoMbmqHEMCiGJiSGigKIJIbQZXmrn8rS74vV1OqyP76rmqGoDs8Ko2XgY2XiSZERwMFqAnKqLUFsr2%2Bws3NRj6NycudpadMhutgjzBcQZI1JbEBr45WINyYVMLkOh4IEGTTiOkqMkQAT0lZWGivU1EQk1F0sc0UeoJbL%2Fnx5jZc8vFpdfj1do0PTHy3mTfZXTEahLqEpFvGqIFLIV8ZiVbMaQYiNDJbtu1l2s6ez1cNJ105vLx7vtTl7ali2k1Y0ZqNhEhQ2AqzkNwDV19SYCYQLOWoqrtdA%2BbFfq0%2F5l%2Fuf6dXz7vtl8LvnXleD%2B2%2Bqw2e7OVuSWm%2FljKL%2F7mdmftPM0E9uf%2B83zcnd7r6dyfnJ4297c908PP55xX9%2Bb2932bvf0%2BKIPLaA2QpPFFBMZjrHuRcjGlcwmD%2BQwF2ayH%2Bs0BzxqdS3FJEfO1CxGo4TB0Dh46zRbZ2Xy9x%2BQ5LNn
.lijit.com/ Name: _ljtrtb_80
Value: LPFTQK2U-1D-IRUN
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005&KRTB&17107-RX-a7f1c7f8-0028-4a08-b9b4-6073c08ebff2-005
.pippio.com/ Name: did
Value: g6WwyYT3x4mzBPij
.pippio.com/ Name: didts
Value: 1701023945
.pippio.com/ Name: nnls
Value:
.csync.loopme.me/ Name: viewer_token
Value: 4b7e79b2-c40c-4bdb-9efb-b0881bcc3bbe
.kargo.com/ Name: ktcid
Value: fc99e24a-53c3-0533-596e-6c995c89b37d
.pippio.com/ Name: pxrc
Value: CMmhjqsGEgQIAhAAEgYI7OsBEAA=
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7543103451458500149P
.owneriq.net/ Name: pmc
Value: 1

16 Console Messages

Source Level URL
Text
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/(Line 511)
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/(Line 511)
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/05/mutiarapoker-720x90-new-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/(Line 511)
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/07/join-us-in-telegram-1-360x140-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/(Line 511)
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2023/05/BANNER-ISTANA-300-250-Recovered.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nonton168.online/tv/gadis-kretek-2023-completed/
Message:
Mixed Content: The page at 'https://nonton168.online/tv/gadis-kretek-2023-completed/' was loaded over HTTPS, but requested an insecure element 'http://nonton168.tv/wp-content/uploads/2021/04/LOGO-03.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync.search.spotxchange.com/partner?source=lotame
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2d13f3ab93074cf698ccb3c0014f64a0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%202B244806-A0BC-4F9E-8896-17D65D0B30D3&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bioskop888.org
bioskop888.tv
c.cintnetworks.com
c1.adform.net
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
core.iprom.net
crb.kargo.com
creativecdn.com
csync.loopme.me
d.turn.com
data-beacons.s-onetag.com
data.adsrvr.org
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dunialk21.com
dunialk21.net
e.dtscout.com
e.serverbid.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
gocm.c.appier.net
googleads.g.doubleclick.net
i.ibb.co
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
loada.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
ml314.com
mwzeom.zeotap.com
nonton168.online
nonton168.tv
onetag-geo.s-onetag.com
p.rfihub.com
partner.mediawallahscript.com
pbid.pro-market.net
pd.sharethis.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s1.dunialk21.id
s10.histats.com
s4.histats.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tag.crsspxl.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
thrtle.com
token.rubiconproject.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
ws.rqtrk.eu
wt.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
a.tribalfusion.com
ad.mrtnsvr.com
beacon.lynx.cognitivlabs.com
cm.adgrx.com
dis.criteo.com
e.serverbid.com
gocm.c.appier.net
image4.pubmatic.com
p.rfihub.com
pixel.shareaholic.com
pm.w55c.net
pmp.mxptint.net
rtb.adentifi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
trc.taboola.com
x.bidswitch.net
104.17.216.204
104.18.18.166
104.18.34.83
104.18.36.155
104.18.9.47
104.19.131.76
104.20.79.99
104.21.23.71
104.22.24.87
104.243.38.202
104.26.12.60
104.36.113.107
104.36.113.111
104.86.160.58
107.178.240.89
107.178.254.65
107.20.214.81
108.138.128.34
108.138.64.122
13.107.42.14
13.249.39.83
134.122.57.34
141.101.120.11
141.94.171.215
142.251.16.119
142.251.16.132
142.251.16.91
142.251.163.103
142.251.163.138
142.251.163.94
142.251.163.95
142.251.179.149
142.44.139.105
15.197.193.217
15.235.42.103
150.136.156.92
151.101.194.49
157.240.244.35
159.127.43.140
162.19.138.118
162.241.252.167
162.55.120.196
172.253.115.94
172.253.122.149
172.253.122.155
172.253.62.95
172.253.63.155
172.253.63.97
172.64.128.21
172.64.152.89
18.160.10.22
18.160.10.25
18.160.41.58
18.165.98.25
18.67.76.108
18.67.76.31
185.167.164.39
185.184.8.90
192.184.69.252
195.5.165.20
198.148.27.131
199.127.204.147
199.127.204.171
207.198.113.86
213.19.162.90
216.22.16.57
216.22.16.9
23.205.128.218
23.212.248.4
23.220.112.236
23.221.241.11
3.130.50.49
3.141.240.42
3.211.41.66
3.225.218.10
3.228.65.117
3.248.28.79
31.13.66.19
34.111.113.62
34.111.234.236
34.197.239.24
34.225.68.212
34.232.140.51
34.235.18.139
34.96.105.8
34.98.67.3
35.186.193.173
35.207.24.140
35.214.253.210
35.236.220.17
35.244.154.8
35.244.159.8
35.71.139.29
40.71.11.141
40.76.134.238
44.193.54.186
44.197.32.198
44.218.222.11
44.238.141.43
50.116.194.21
50.116.194.23
52.0.143.253
52.0.156.250
52.0.52.210
52.46.143.56
52.5.176.145
52.5.231.5
52.54.159.197
52.55.144.0
52.87.28.41
54.164.228.62
54.197.133.126
54.39.128.162
63.251.114.182
64.58.232.180
64.74.236.223
67.202.105.23
67.202.105.32
67.202.105.34
68.67.160.186
69.169.85.6
69.90.254.78
74.119.119.150
74.121.140.211
8.18.47.7
8.28.7.81
8.43.72.97
8.43.72.98
82.145.213.8
99.83.181.31
002b7fd254652aa103bbca9598ac6875457f5e7b932b2469da0cb6776e557b16
01c5f418a4a809a6d77d96d45400039618c369827340e94db9dc6248571c52f0
0783f86254bd8bc0b103e30c1b434925b487a27fccc94247f24a168fb03f12e5
07f22deff71fd38357bef45c764ddff8675c2c4cc5a6649474a7294f2cc1347f
0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d3110815e47322fa8c8821c53234f4f90ff9107501b4d74741dfe6e8250e24a
14cc0b0d33acf3c52bd55384ad9b0ee4d1366a614876cd2194655c67eeb1559a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1980b7dfebc30a0e787d86add3950d5704a079e7da7a28b7517a1faba31ded3f
1b0e58ef92fc12e239167876937c7744b59ebbedcdf7c708baf29c3fe66e6f73
1c6f518eeb52ac428e414991cc7536284312c34763cb9e385271e63c48cddaab
1db971daeaf68ce36ea9f43f7c9a45591474e9db4d7db9152ae9d6e0901b0ec1
2004da08c3292d624ecf047b2abea5e34c7d9d723e28629e5e61c73ac383e1f7
25ec0bb75076b9e52b76b19aa9f11102d1140646a0c6d1f8b3195727baa5252c
284c87178e77781abd81262964b699c70eb6a27f6e5a741671b9662b3646a981
2af01feca9de20f4c34088095127f66e03944c87dc3fda447a136a3322cf375e
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2c4c55690c215b90923c004cb18d1d70f6269021540975602a432e0dfb088b7f
2c95bec47c48413af0bc7a9f0440ab851f11a839f3b0424a7ff8a79f0c7d430a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7e86bbd9afddb9eb47fda4210e8629ea471885b5d8fa0440ce775d068d59c6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7bdb2becdbcdb56db4b879b4dbb3bf44df9187b9a084b29c707b42ce33b289
2ff62f021f039f2745651d8cec84470c49e72876e5df0c172883afc02f6ce49c
3136cef55c1d645ee665ddad93ad388f8b85615261a7ead704769a065af4df94
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37ecffeaecf1acf6c800c01c87aac56322e108292adea354cdc943a1cea9bc41
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
39be3c3ce38700f291068f875d4d848f35b97ffc13df310e793279a460deb44c
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3b3b95ddd7417e6a789c57d61d7f17c644168424a03fa4722b6070d1f8d0ce00
3c4304e90ff530f37db151f32ea9b0d44b97de981e732f5da580def3d9c85ecf
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e11492c3d68f9f604d1fce744a505c9b4c630c1a6a41a1b78c58cc5fcc9f188
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7e719b384e5826c306448520c99ed7930c49f85f7e5b9fff40a9a10ad061e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb737db75c65508bae05aaf4aaac4edb1e7f9d8d8d38474507da7c655f3495d
406e3578eb35ee7c967f9b4304d31051e57d4d1f2b6980287957bd9d0ca79406
42a70120ee8a0f98538a3e5125e3894bd3112f3ade08c8352519688ebebb05d0
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
443d7725e9c1e04d3523d19fce459931119df28d91539c728cb51766e49f3263
44569fbdca256f6cf64c86fe6f855b7a0af176b5394458b667f2feb590b82852
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4549e9d6429a280575855a8f91ebbf2fc40cd8797d106e164554b129f2be21dc
45725a15f382c9b367e231088c0b05ecb71ed0413be61a0ff12b0c64bda43664
4731962ab71bbff8040836126b2d4cb4bce0e401e9be6fef3fa6bd90fc972457
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b560f6ac6b761a0bb8d587396143b96ccb70b2b5ff3596e410c0b5fb985d3e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf992e47858a35d48922dbaa2eebb389df381f3a5cb3ae48f2d71db344c628a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0b94d0ec3985586613f5b52c92d8b76284f2e99b95f694f362d6bf3164259f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
50ba0acf157db40710a17ddd14fcfefce327afd034f5943e08933a116770f0d4
50c52ab8e10870b71d7e4a1eea98cb11ef966e9d0d44605c6a8d3a09a4bbfae7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
592fe1296b2bad8208169f2ca6f36e27baf43109b7e726e5462a6b259ed8c449
5a57e2e605e6eb8aebe108b58d0ede448b1aa85e49f300be2b488bbe973108e1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba5349e6d3c6a65393aa6f08ed83672a4b62aa7800f51f54a7ea905bfc9f798
5d602116305dff35f6168e4326c065fe3c98b56d268e77d20d42af9f9d46829d
5db3559a83ee954d281c10f9299df870404ab0351c0b4d06f073e60d1283dd60
65ff71b69e1b131836cba65761d020f91e023fda6d2c2ce79cdc800c5c66e3d5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6889e15dca78f20d8f5af0844d5f75e32c00f5aedebb9392b181bd861704998c
692accd89f0ae5a3c0031c2b6415ed906ee741e1ed937aafe9dbab6c5d99d0da
6ab99d79e2f10fc06b4ed215260e930008d4f2ae0e4489be06ab421d8fa14fc0
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9d9a7466336a2c9447aa8f1a5e265e56ed83cefaad3a5d965deb249bbf5302
6de985ab9a80fe36e5b7b19cbf88be6506861d4bfb0056d896a2b5121944e469
70000337a80e71a6e75618f37039f0f117adc09a1357e27a87df58342e25db4b
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7264503d5c15ac370c955e0c7c0bc713d12131603d60640ff6cd8bd9452d106f
73495b069a1c770d3545d3e2952e1e0b9d7e42172afc139e92ddc56fb01d27db
7455c942e0854d9337a23a1e588f08c9cf65c31658a57a56a5347170b0268408
750f674601f5ad3a732dc981e9c4cc26ac2aac8d90eba7be3fb47468b332e0db
7614808459e8f7f5a4c87366a07c7c33badfe25b26bdac3661ed4f26a69bdd57
76ddeb99b16a66290e54bdaaabdaed26a4c2dfe4d7debe2f0e857dcede0b3656
78479b799a6febb36eb41afd0092907dcab41317cf8fdd08ff54ab5fb9d1715f
7896bc3b93023bc401267007bec8ff688d9c42021c94eb9289cdac09c58ffb54
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7aa7a39fa6ec967abe729994991271bbaf3b04f9ce929a888f240bb8c2447b97
7b1193555b9cbde6b09618588cf6f09d64f74e4a7866fb9f823584057a1285ef
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
805f62e0690a7959c0d10d47227a00903a6440a09b8ee40e64987779364661fc
83347cd5b02fdda4637d9187c63e2356ab2473218f8f130b7e357ad9d8d1b76c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e7227e04393bb6223ffc5ea952a7ae9f332cdb78207b178048a53f84e8918f
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
896057c4311fc92421bcb59f925d448f6f94b887d561f76c25e6665870989201
8b42b5bd6da4067fbee7694f2c0b8cb5e51b1e1f8cdf00b4285e1efbde197336
8d6953c2fd7fa72e65c297ef7d74a355770159358c6dc270073c6fde62e79eef
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
91637f57b282171ba4287540524aca7a23944bfd6f69fcbfa006c8cadd9c91b5
93889483b1e93ade1d0b3a6c16374ebd83d5702ddc474801372df2bc60eb1dfd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9b0c7e109d8c55b3003758e386901fc7dff14b6fad2529e80b2ced80c6ff5f31
9b99c651a91421f18fca665dd166c6ce93e48179f58b0cf54dcf2a0c7b2bd594
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09088d9a909cacb04555dfaa8d4f608fa0b700e21456eca51e90a010d4c5e26
a2330c9a381649927464f23525a1c5bbd406ff2e3bc08c72c6a6b2bfe15f79e7
a62c0b9922749f190b6ae2f8d72c26767e14146d35f6f6036c249ef258708f57
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abe92f945f9f32633876de8938e29fb806642cadf570e32350a0ccccd53cc48c
ac8fb3572ed398de9e45f40d40d166939aaa4c5e82edf10edb1010b2dccfcb6f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02c7f86171b35eb108a9c8d166cc6e5a1d08967458ecfdb6be45d44a5dcd8e8
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b64307c79936e06cc8eed1becc14929f6b9c1342ccdf64ac62af3c1d2135e1be
b8fe8a4236074d52dcc0fe8714fd538556b8133dc797e5810dd7ac60dbd665f1
b90d812591dcd9230138436c1322bf85a6901784c5df6a7193c310dc4d252bc5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85
bcd93a8e43f8d96c0d5151877a93d1de6ff1e1267e9c7bcdc7d53c0ae89c91ba
bd88555d0411167689d2c6f9dba9cc787529f9b965b466454c29261a26fa6990
bda1ae194b6675e97a7cdb37cdb73d0364a2ac3a0c12820a61a52fe5e54425e5
bdfe41d5d2daf5f90be2d84ec84ccab5ce30d2d48182b8426c3dcabdd9258980
c160b624368214a8bc7c9cca91bc19498ae83ab3e93bfbc4f869eabfcfc97d71
c1c86f263b000b4c7a0c5b65bd4ec1be84098d14b7eee300b5ace689e7526feb
c2134f46e2cc0a8481cb8219188626f425ec62ac1f44186070870cbc715e2be9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c31a04c8fb061c363792f34fb8b368d710ca6baa750e58ad587699d916aa5a52
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c5369f5000f522bff22c210e1a5ba9b05655377863fb74c04555be033d3d4f5c
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c8a8fbabd12afb29033fe277940c0aee222f101506c55478f3f3c44a809ba46a
c901d4e47ff029e2cecc5606e53f2dc5cbc96a4797f1c570063976ded5d57c4e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd51594280e4d3380c67ef8829854896c1fdd60a49fbb7b6c99aac9f545e5d78
ce766614a0ce7850d90a574b9919975a0f77949da3c33f850b41852a774cd33f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf51df374b526b93f488e0bf10ac9535a76d2961c8c308c7de48b8592815fe93
cfe2f6b16685c744de0b86be40bf95768040546b941bc00c5cf4df4d4bdbbd75
d3722ed71cf8cd95003e39019912d29ec7c6fc2970397aeda0783df80f806ea4
d3dee473bf8ad69a3e08df13018d84ef145786b8a0c90da28ee26420253f9104
d5277513b55f5e850101f15939c3dde471282e1a737d4d54cd347d4c28aa99c2
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d832742aa1c5236af23d2974c4112c0956734b5654629066bc747541912658c0
dbbe44f3bceee06d352e2be8b3fad597188219f31235c8eb1b5093162c83b770
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e1e179c883c851296b0e110ba0bc4d39992632722aacd8b2cb2443389107fa93
e225dec46bde19d47a43b12da70c597b8bfffe382c76a690816249f56779f625
e2928c477667659c83a94189f29232b886022c2d0d49d348a2998455f529b000
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4531781ac0dd1bcd7e03296cc9e049ffc224bb1315d91bcc102f7e1db900683
e50a3693c234f68be49f0371c6ad3e8a0d9f509a2b79790513a8b916ec4775e8
e6e3b8c9f30698d97e1a2c846aa6351e30857bd8473c0c8aa65cc6266c31264f
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8261f48928878ae6a9dea4e1ea20f31e7633e6d757886b1a8274cf7a2cfe5d3
e8f8698333efceb9833d0bbce3b0fc6d6d528c4f7a8b16c77c176e795d13ba32
ec0b2daad9c1202f609f701d73b45a21c7d0431dff591a305eb8075a1246a66a
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a54c1d947f3d1c1ecb8f96bd6fd707984f174a5fac7efbfa7b1ece0d06a8e0
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4f54bdf4faa1fb4bca3a9acd72a46ed73a192479c59ddfb7db47a52bef6b1b7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f696ff01844560bc8a3ff6d3d12453824acb4fa2bdfc7e9255613038d3049870
fa6addeee5d8f1d33923efd8407095edcd702e02508456dd8fa9d53029a8d4ef
fb31022b24ff7beb651caf4031cd4250d979beb70b9749e6f873257fb9c871e3
fbb9ca36f2cdb1d08b715f6aa358c4ad0370c472a948626b56d9ea199ea3010f
fcd78f40507078042edd3bd6358817aab9331ecd8fb935407bfbefa7529bea86
fdadc7b90351173329c8d0d4b812763626540ee8e9de93335fc65845590a81d9
fe395c940d5af110cc008261a407955db76f7108db688175cefc98bfe4a9d16c
fed10f67976672ba431a00edc745824d111d2141e4c3f311fbaa9c417850261a